org.keycloak.broker.provider

Class AbstractIdentityProvider<C extends IdentityProviderModel>

java.lang.Object

org.keycloak.broker.provider.AbstractIdentityProvider<C>

All Implemented Interfaces:

IdentityProvider<C>, Provider

Direct Known Subclasses:

AbstractOAuth2IdentityProvider, SAMLIdentityProvider, TwitterIdentityProvider

public abstract class AbstractIdentityProvider<C extends IdentityProviderModel>
extends Object
implements IdentityProvider<C>

Author:

Pedro Igor

Nested Class Summary

Nested classes/interfaces inherited from interface org.keycloak.broker.provider.IdentityProvider

IdentityProvider.AuthenticationCallback

Field Summary

Fields

Modifier and Type	Field and Description
static String	ACCOUNT_LINK_URL
protected KeycloakSession	session

Fields inherited from interface org.keycloak.broker.provider.IdentityProvider

EXTERNAL_IDENTITY_PROVIDER, FEDERATED_ACCESS_TOKEN

Constructor Summary

Constructors

Constructor and Description
AbstractIdentityProvider(KeycloakSession session, C config)

Method Summary

Modifier and Type	Method and Description
void	authenticationFinished(AuthenticationSessionModel authSession, BrokeredIdentityContext context)
void	backchannelLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)
Object	callback(RealmModel realm, IdentityProvider.AuthenticationCallback callback, EventBuilder event) JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.
void	close()
protected javax.ws.rs.core.Response	exchangeErrorResponse(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession, String errorCode, String reason)
javax.ws.rs.core.Response	exchangeNotLinked(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession, UserModel tokenSubject)
javax.ws.rs.core.Response	exchangeNotLinkedNoStore(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession, UserModel tokenSubject)
javax.ws.rs.core.Response	exchangeNotSupported()
javax.ws.rs.core.Response	exchangeTokenExpired(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession, UserModel tokenSubject)
javax.ws.rs.core.Response	exchangeUnsupportedRequiredType()
javax.ws.rs.core.Response	export(javax.ws.rs.core.UriInfo uriInfo, RealmModel realm, String format) Export a representation of the IdentityProvider in a specific format.
C	getConfig()
protected String	getLinkingUrl(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession)
IdentityProviderDataMarshaller	getMarshaller() Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSession
void	importNewUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)
javax.ws.rs.core.Response	keycloakInitiatedBrowserLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm) Called when a Keycloak application initiates a logout through the browser.
javax.ws.rs.core.Response	performLogin(AuthenticationRequest request) Initiates the authentication process by sending an authentication request to an identity provider.
void	preprocessFederatedIdentity(KeycloakSession session, RealmModel realm, BrokeredIdentityContext context)
void	updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.broker.provider.IdentityProvider

retrieveToken

Field Detail

ACCOUNT_LINK_URL

public static final String ACCOUNT_LINK_URL

See Also:

Constant Field Values

session

protected final KeycloakSession session

Constructor Detail

AbstractIdentityProvider

public AbstractIdentityProvider(KeycloakSession session,
                                C config)

Method Detail

getConfig

public C getConfig()

export

public javax.ws.rs.core.Response export(javax.ws.rs.core.UriInfo uriInfo,
                                        RealmModel realm,
                                        String format)

Description copied from interface: IdentityProvider

Export a representation of the IdentityProvider in a specific format. For example, a SAML EntityDescriptor

Specified by:

export in interface IdentityProvider<C extends IdentityProviderModel>

Returns:

close

public void close()

Specified by:

close in interface Provider

callback

public Object callback(RealmModel realm,
                       IdentityProvider.AuthenticationCallback callback,
                       EventBuilder event)

Description copied from interface: IdentityProvider

JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.

Specified by:

callback in interface IdentityProvider<C extends IdentityProviderModel>

Returns:

performLogin

public javax.ws.rs.core.Response performLogin(AuthenticationRequest request)

Description copied from interface: IdentityProvider

Initiates the authentication process by sending an authentication request to an identity provider. This method is called only once during the authentication.

Specified by:

performLogin in interface IdentityProvider<C extends IdentityProviderModel>

Parameters:

request - The initial authentication request. Contains all the contextual information in order to build an authentication request to the identity provider.

Returns:

keycloakInitiatedBrowserLogout

public javax.ws.rs.core.Response keycloakInitiatedBrowserLogout(KeycloakSession session,
                                                                UserSessionModel userSession,
                                                                javax.ws.rs.core.UriInfo uriInfo,
                                                                RealmModel realm)

Description copied from interface: IdentityProvider

Called when a Keycloak application initiates a logout through the browser. This is expected to do a logout with the IDP

Specified by:

keycloakInitiatedBrowserLogout in interface IdentityProvider<C extends IdentityProviderModel>

Returns:

null if this is not supported by this provider

backchannelLogout

public void backchannelLogout(KeycloakSession session,
                              UserSessionModel userSession,
                              javax.ws.rs.core.UriInfo uriInfo,
                              RealmModel realm)

Specified by:

backchannelLogout in interface IdentityProvider<C extends IdentityProviderModel>

exchangeNotSupported

public javax.ws.rs.core.Response exchangeNotSupported()

exchangeNotLinked

public javax.ws.rs.core.Response exchangeNotLinked(javax.ws.rs.core.UriInfo uriInfo,
                                                   ClientModel authorizedClient,
                                                   UserSessionModel tokenUserSession,
                                                   UserModel tokenSubject)

exchangeNotLinkedNoStore

public javax.ws.rs.core.Response exchangeNotLinkedNoStore(javax.ws.rs.core.UriInfo uriInfo,
                                                          ClientModel authorizedClient,
                                                          UserSessionModel tokenUserSession,
                                                          UserModel tokenSubject)

exchangeErrorResponse

protected javax.ws.rs.core.Response exchangeErrorResponse(javax.ws.rs.core.UriInfo uriInfo,
                                                          ClientModel authorizedClient,
                                                          UserSessionModel tokenUserSession,
                                                          String errorCode,
                                                          String reason)

getLinkingUrl

protected String getLinkingUrl(javax.ws.rs.core.UriInfo uriInfo,
                               ClientModel authorizedClient,
                               UserSessionModel tokenUserSession)

exchangeTokenExpired

public javax.ws.rs.core.Response exchangeTokenExpired(javax.ws.rs.core.UriInfo uriInfo,
                                                      ClientModel authorizedClient,
                                                      UserSessionModel tokenUserSession,
                                                      UserModel tokenSubject)

exchangeUnsupportedRequiredType

public javax.ws.rs.core.Response exchangeUnsupportedRequiredType()

authenticationFinished

public void authenticationFinished(AuthenticationSessionModel authSession,
                                   BrokeredIdentityContext context)

Specified by:

authenticationFinished in interface IdentityProvider<C extends IdentityProviderModel>

preprocessFederatedIdentity

public void preprocessFederatedIdentity(KeycloakSession session,
                                        RealmModel realm,
                                        BrokeredIdentityContext context)

Specified by:

preprocessFederatedIdentity in interface IdentityProvider<C extends IdentityProviderModel>

importNewUser

public void importNewUser(KeycloakSession session,
                          RealmModel realm,
                          UserModel user,
                          BrokeredIdentityContext context)

Specified by:

importNewUser in interface IdentityProvider<C extends IdentityProviderModel>

updateBrokeredUser

public void updateBrokeredUser(KeycloakSession session,
                               RealmModel realm,
                               UserModel user,
                               BrokeredIdentityContext context)

Specified by:

updateBrokeredUser in interface IdentityProvider<C extends IdentityProviderModel>

getMarshaller

public IdentityProviderDataMarshaller getMarshaller()

Description copied from interface: IdentityProvider

Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSession

Specified by:

getMarshaller in interface IdentityProvider<C extends IdentityProviderModel>

Returns: