org.keycloak.adapters.tomcat

Class CatalinaSessionTokenStore

java.lang.Object

org.keycloak.adapters.tomcat.CatalinaSessionTokenStore

All Implemented Interfaces:

AdapterTokenStore

public class CatalinaSessionTokenStore
extends Object
implements AdapterTokenStore

Author:

Marek Posolda

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	CatalinaSessionTokenStore.SerializableKeycloakAccount

Field Summary

Fields

Modifier and Type	Field and Description
protected GenericPrincipalFactory	principalFactory
protected AbstractKeycloakAuthenticatorValve	valve

Constructor Summary

Constructors

Constructor and Description
CatalinaSessionTokenStore(org.apache.catalina.connector.Request request, KeycloakDeployment deployment, CatalinaUserSessionManagement sessionManagement, GenericPrincipalFactory principalFactory, AbstractKeycloakAuthenticatorValve valve)

Method Summary

Methods

Modifier and Type	Method and Description
void	checkCurrentToken() Impl can validate if current token exists and perform refreshing if it exists and is expired
protected void	cleanSession(org.apache.catalina.Session catalinaSession)
boolean	isCached(RequestAuthenticator authenticator) Check if we are logged already (we have already valid and successfully refreshed accessToken).
void	logout() Handle logout on store side and possibly propagate logout call to Keycloak
void	refreshCallback(RefreshableKeycloakSecurityContext securityContext) Callback invoked after successful token refresh
boolean	restoreRequest()
void	saveAccountInfo(KeycloakAccount account) Finish successful OAuth2 login and store validated account
void	saveRequest()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

principalFactory

protected GenericPrincipalFactory principalFactory

valve

protected AbstractKeycloakAuthenticatorValve valve

Constructor Detail

CatalinaSessionTokenStore

public CatalinaSessionTokenStore(org.apache.catalina.connector.Request request,
                         KeycloakDeployment deployment,
                         CatalinaUserSessionManagement sessionManagement,
                         GenericPrincipalFactory principalFactory,
                         AbstractKeycloakAuthenticatorValve valve)

Method Detail

checkCurrentToken

public void checkCurrentToken()

Description copied from interface: AdapterTokenStore

Impl can validate if current token exists and perform refreshing if it exists and is expired

Specified by:

checkCurrentToken in interface AdapterTokenStore

cleanSession

protected void cleanSession(org.apache.catalina.Session catalinaSession)

isCached

public boolean isCached(RequestAuthenticator authenticator)

Description copied from interface: AdapterTokenStore

Check if we are logged already (we have already valid and successfully refreshed accessToken). Establish security context if yes

Specified by:

isCached in interface AdapterTokenStore

Parameters:

authenticator - used for actual request authentication

Returns:

true if we are logged-in already

saveAccountInfo

public void saveAccountInfo(KeycloakAccount account)

Description copied from interface: AdapterTokenStore

Finish successful OAuth2 login and store validated account

Specified by:

saveAccountInfo in interface AdapterTokenStore

logout

public void logout()

Description copied from interface: AdapterTokenStore

Handle logout on store side and possibly propagate logout call to Keycloak

Specified by:

logout in interface AdapterTokenStore

refreshCallback

public void refreshCallback(RefreshableKeycloakSecurityContext securityContext)

Description copied from interface: AdapterTokenStore

Callback invoked after successful token refresh

Specified by:

refreshCallback in interface AdapterTokenStore

Parameters:

securityContext - context where refresh was performed

saveRequest

public void saveRequest()

Specified by:

saveRequest in interface AdapterTokenStore

restoreRequest

public boolean restoreRequest()

Specified by:

restoreRequest in interface AdapterTokenStore