public class OpenIDConnectService extends Object
Modifier and Type | Field and Description |
---|---|
protected AuthenticationManager |
authManager |
protected ClientConnection |
clientConnection |
protected javax.ws.rs.core.HttpHeaders |
headers |
protected static org.jboss.logging.Logger |
logger |
protected javax.ws.rs.ext.Providers |
providers |
protected RealmModel |
realm |
protected org.jboss.resteasy.spi.HttpRequest |
request |
protected org.jboss.resteasy.spi.HttpResponse |
response |
protected javax.ws.rs.core.SecurityContext |
securityContext |
protected KeycloakSession |
session |
protected TokenManager |
tokenManager |
protected javax.ws.rs.core.UriInfo |
uriInfo |
Constructor and Description |
---|
OpenIDConnectService(RealmModel realm,
EventBuilder event,
AuthenticationManager authManager) |
Modifier and Type | Method and Description |
---|---|
javax.ws.rs.core.Response |
accessCodeToToken(String authorizationHeader,
javax.ws.rs.core.MultivaluedMap<String,String> formData)
URL invoked by adapter to turn an access code to access token
|
javax.ws.rs.core.Response |
accessCodeToTokenPreflight()
CORS preflight path for access code to token
|
static javax.ws.rs.core.UriBuilder |
accessCodeToTokenUrl(javax.ws.rs.core.UriBuilder baseUriBuilder) |
static javax.ws.rs.core.UriBuilder |
accessCodeToTokenUrl(javax.ws.rs.core.UriInfo uriInfo) |
protected ClientModel |
authorizeClient(String authorizationHeader,
javax.ws.rs.core.MultivaluedMap<String,String> formData,
EventBuilder event) |
static ClientModel |
authorizeClientBase(String authorizationHeader,
javax.ws.rs.core.MultivaluedMap<String,String> formData,
EventBuilder event,
RealmModel realm) |
javax.ws.rs.core.Response |
getLoginStatusIframe(String client_id,
String origin) |
static Set<String> |
getValidateRedirectUris(RealmModel realm) |
javax.ws.rs.core.Response |
grantAccessToken(String authorizationHeader,
javax.ws.rs.core.MultivaluedMap<String,String> form)
Direct grant REST invocation.
|
static javax.ws.rs.core.UriBuilder |
grantAccessTokenUrl(javax.ws.rs.core.UriBuilder baseUriBuilder) |
static javax.ws.rs.core.UriBuilder |
grantAccessTokenUrl(javax.ws.rs.core.UriInfo uriInfo) |
javax.ws.rs.core.Response |
installedAppUrnCallback(String code,
String error,
String errorDescription) |
javax.ws.rs.core.Response |
loginPage(String responseType,
String redirect,
String clientId,
String scopeParam,
String state,
String prompt,
String loginHint)
Login page.
|
static javax.ws.rs.core.UriBuilder |
loginPageUrl(javax.ws.rs.core.UriBuilder baseUriBuilder) |
static javax.ws.rs.core.UriBuilder |
loginPageUrl(javax.ws.rs.core.UriInfo uriInfo) |
javax.ws.rs.core.Response |
logout(String redirectUri)
Logout user session.
|
javax.ws.rs.core.Response |
logoutToken(String authorizationHeader,
javax.ws.rs.core.MultivaluedMap<String,String> form)
Logout a session via a non-browser invocation.
|
static javax.ws.rs.core.UriBuilder |
logoutUrl(javax.ws.rs.core.UriBuilder baseUriBuilder) |
static javax.ws.rs.core.UriBuilder |
logoutUrl(javax.ws.rs.core.UriInfo uriInfo) |
static boolean |
matchesRedirects(Set<String> validRedirects,
String redirect) |
javax.ws.rs.core.Response |
refreshAccessToken(String authorizationHeader,
javax.ws.rs.core.MultivaluedMap<String,String> form)
URL for making refresh token requests.
|
javax.ws.rs.core.Response |
refreshAccessTokenPreflight()
CORS preflight path for refresh token requests
|
static javax.ws.rs.core.UriBuilder |
refreshUrl(javax.ws.rs.core.UriBuilder baseUriBuilder) |
javax.ws.rs.core.Response |
registerPage(String responseType,
String redirect,
String clientId,
String scopeParam,
String state)
Registration page.
|
static String |
relativeToAbsoluteURI(javax.ws.rs.core.UriInfo uriInfo,
String relative) |
static Set<String> |
resolveValidRedirects(javax.ws.rs.core.UriInfo uriInfo,
Set<String> validRedirects) |
static javax.ws.rs.core.UriBuilder |
tokenServiceBaseUrl(javax.ws.rs.core.UriBuilder baseUriBuilder) |
static javax.ws.rs.core.UriBuilder |
tokenServiceBaseUrl(javax.ws.rs.core.UriInfo uriInfo) |
javax.ws.rs.core.Response |
validateAccessToken(String tokenString)
Validate encoded access token.
|
static javax.ws.rs.core.UriBuilder |
validateAccessTokenUrl(javax.ws.rs.core.UriBuilder baseUriBuilder) |
static String |
verifyRealmRedirectUri(javax.ws.rs.core.UriInfo uriInfo,
String redirectUri,
RealmModel realm) |
static String |
verifyRedirectUri(javax.ws.rs.core.UriInfo uriInfo,
String redirectUri,
RealmModel realm,
ClientModel client) |
static String |
verifyRedirectUri(javax.ws.rs.core.UriInfo uriInfo,
String redirectUri,
RealmModel realm,
Set<String> validRedirects) |
protected static final org.jboss.logging.Logger logger
protected RealmModel realm
protected TokenManager tokenManager
protected AuthenticationManager authManager
@Context protected javax.ws.rs.ext.Providers providers
@Context protected javax.ws.rs.core.SecurityContext securityContext
@Context protected javax.ws.rs.core.UriInfo uriInfo
@Context protected javax.ws.rs.core.HttpHeaders headers
@Context protected org.jboss.resteasy.spi.HttpRequest request
@Context protected org.jboss.resteasy.spi.HttpResponse response
@Context protected KeycloakSession session
@Context protected ClientConnection clientConnection
public OpenIDConnectService(RealmModel realm, EventBuilder event, AuthenticationManager authManager)
public static javax.ws.rs.core.UriBuilder tokenServiceBaseUrl(javax.ws.rs.core.UriInfo uriInfo)
public static javax.ws.rs.core.UriBuilder tokenServiceBaseUrl(javax.ws.rs.core.UriBuilder baseUriBuilder)
public static javax.ws.rs.core.UriBuilder accessCodeToTokenUrl(javax.ws.rs.core.UriInfo uriInfo)
public static javax.ws.rs.core.UriBuilder accessCodeToTokenUrl(javax.ws.rs.core.UriBuilder baseUriBuilder)
public static javax.ws.rs.core.UriBuilder validateAccessTokenUrl(javax.ws.rs.core.UriBuilder baseUriBuilder)
public static javax.ws.rs.core.UriBuilder grantAccessTokenUrl(javax.ws.rs.core.UriInfo uriInfo)
public static javax.ws.rs.core.UriBuilder grantAccessTokenUrl(javax.ws.rs.core.UriBuilder baseUriBuilder)
public static javax.ws.rs.core.UriBuilder loginPageUrl(javax.ws.rs.core.UriInfo uriInfo)
public static javax.ws.rs.core.UriBuilder loginPageUrl(javax.ws.rs.core.UriBuilder baseUriBuilder)
public static javax.ws.rs.core.UriBuilder logoutUrl(javax.ws.rs.core.UriInfo uriInfo)
public static javax.ws.rs.core.UriBuilder logoutUrl(javax.ws.rs.core.UriBuilder baseUriBuilder)
public static javax.ws.rs.core.UriBuilder refreshUrl(javax.ws.rs.core.UriBuilder baseUriBuilder)
@Path(value="login-status-iframe.html") @GET @Produces(value="text/html") public javax.ws.rs.core.Response getLoginStatusIframe(@QueryParam(value="client_id") String client_id, @QueryParam(value="origin") String origin)
client_id
- origin
- @Path(value="grants/access") @POST @Consumes(value="application/x-www-form-urlencoded") @Produces(value="application/json") public javax.ws.rs.core.Response grantAccessToken(@HeaderParam(value="Authorization") String authorizationHeader, javax.ws.rs.core.MultivaluedMap<String,String> form)
authorizationHeader
- form
- @Path(value="validate") @GET @Produces(value="application/json") public javax.ws.rs.core.Response validateAccessToken(@QueryParam(value="access_token") String tokenString)
tokenString
- @Path(value="refresh") @OPTIONS @Produces(value="application/json") public javax.ws.rs.core.Response refreshAccessTokenPreflight()
@Path(value="refresh") @POST @Consumes(value="application/x-www-form-urlencoded") @Produces(value="application/json") public javax.ws.rs.core.Response refreshAccessToken(@HeaderParam(value="Authorization") String authorizationHeader, javax.ws.rs.core.MultivaluedMap<String,String> form)
authorizationHeader
- form
- @Path(value="access/codes") @OPTIONS @Produces(value="application/json") public javax.ws.rs.core.Response accessCodeToTokenPreflight()
@Path(value="access/codes") @POST @Produces(value="application/json") public javax.ws.rs.core.Response accessCodeToToken(@HeaderParam(value="Authorization") String authorizationHeader, javax.ws.rs.core.MultivaluedMap<String,String> formData)
authorizationHeader
- formData
- protected ClientModel authorizeClient(String authorizationHeader, javax.ws.rs.core.MultivaluedMap<String,String> formData, EventBuilder event)
public static ClientModel authorizeClientBase(String authorizationHeader, javax.ws.rs.core.MultivaluedMap<String,String> formData, EventBuilder event, RealmModel realm)
@Path(value="login") @GET public javax.ws.rs.core.Response loginPage(@QueryParam(value="response_type") String responseType, @QueryParam(value="redirect_uri") String redirect, @QueryParam(value="client_id") String clientId, @QueryParam(value="scope") String scopeParam, @QueryParam(value="state") String state, @QueryParam(value="prompt") String prompt, @QueryParam(value="login_hint") String loginHint)
responseType
- redirect
- clientId
- scopeParam
- state
- prompt
- @Path(value="registrations") @GET public javax.ws.rs.core.Response registerPage(@QueryParam(value="response_type") String responseType, @QueryParam(value="redirect_uri") String redirect, @QueryParam(value="client_id") String clientId, @QueryParam(value="scope") String scopeParam, @QueryParam(value="state") String state)
responseType
- redirect
- clientId
- scopeParam
- state
- @Path(value="logout") @GET public javax.ws.rs.core.Response logout(@QueryParam(value="redirect_uri") String redirectUri)
redirectUri
- @Path(value="logout") @POST @Consumes(value="application/x-www-form-urlencoded") public javax.ws.rs.core.Response logoutToken(@HeaderParam(value="Authorization") String authorizationHeader, javax.ws.rs.core.MultivaluedMap<String,String> form)
authorizationHeader
- form
- @Path(value="oauth/oob") @GET public javax.ws.rs.core.Response installedAppUrnCallback(@QueryParam(value="code") String code, @QueryParam(value="error") String error, @QueryParam(value="error_description") String errorDescription)
public static boolean matchesRedirects(Set<String> validRedirects, String redirect)
public static Set<String> getValidateRedirectUris(RealmModel realm)
public static String verifyRealmRedirectUri(javax.ws.rs.core.UriInfo uriInfo, String redirectUri, RealmModel realm)
public static String verifyRedirectUri(javax.ws.rs.core.UriInfo uriInfo, String redirectUri, RealmModel realm, ClientModel client)
public static String verifyRedirectUri(javax.ws.rs.core.UriInfo uriInfo, String redirectUri, RealmModel realm, Set<String> validRedirects)
public static Set<String> resolveValidRedirects(javax.ws.rs.core.UriInfo uriInfo, Set<String> validRedirects)
Copyright © 2014. All Rights Reserved.