SAMLIdentityProvider (Keycloak Docs Distribution 11.0.3 API)

java.lang.Object
- org.keycloak.broker.provider.AbstractIdentityProvider<SAMLIdentityProviderConfig>
- - org.keycloak.broker.saml.SAMLIdentityProvider

All Implemented Interfaces:: IdentityProvider<SAMLIdentityProviderConfig>, Provider

public class SAMLIdentityProvider
extends AbstractIdentityProvider<SAMLIdentityProviderConfig>

Author:: Pedro Igor

Nested Class Summary
- Nested classes/interfaces inherited from interface org.keycloak.broker.provider.IdentityProvider
  IdentityProvider.AuthenticationCallback

Field Summary

Fields
Modifier and Type Field and Description

protected static org.jboss.logging.Logger logger
- Fields inherited from class org.keycloak.broker.provider.AbstractIdentityProvider
  ACCOUNT_LINK_URL, session
- Fields inherited from interface org.keycloak.broker.provider.IdentityProvider
  EXTERNAL_IDENTITY_PROVIDER, FEDERATED_ACCESS_TOKEN

Fields
Modifier and Type	Field and Description
`protected static org.jboss.logging.Logger`	`logger`

Constructor Summary

Constructors
Constructor and Description
`SAMLIdentityProvider(KeycloakSession session, SAMLIdentityProviderConfig config, DestinationValidator destinationValidator)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`authenticationFinished(AuthenticationSessionModel authSession, BrokeredIdentityContext context)`
`void`	`backchannelLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)`
`protected LogoutRequestType`	`buildLogoutRequest(UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm, String singleLogoutServiceUrl, SamlProtocolExtensionsAwareBuilder.NodeGenerator... extensions)`
`Object`	`callback(RealmModel realm, IdentityProvider.AuthenticationCallback callback, EventBuilder event)` JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.
`javax.ws.rs.core.Response`	`export(javax.ws.rs.core.UriInfo uriInfo, RealmModel realm, String format)` Export a representation of the IdentityProvider in a specific format.
`IdentityProviderDataMarshaller`	`getMarshaller()` Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSession
`SignatureAlgorithm`	`getSignatureAlgorithm()`
`javax.ws.rs.core.Response`	`keycloakInitiatedBrowserLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)` Called when a Keycloak application initiates a logout through the browser.
`javax.ws.rs.core.Response`	`performLogin(AuthenticationRequest request)` Initiates the authentication process by sending an authentication request to an identity provider.
`javax.ws.rs.core.Response`	`retrieveToken(KeycloakSession session, FederatedIdentityModel identity)` Returns a `Response` containing the token previously stored during the authentication process for a specific user.

Methods inherited from class org.keycloak.broker.provider.AbstractIdentityProvider
close, exchangeErrorResponse, exchangeNotLinked, exchangeNotLinkedNoStore, exchangeNotSupported, exchangeTokenExpired, exchangeUnsupportedRequiredType, getConfig, getLinkingUrl, importNewUser, preprocessFederatedIdentity, updateBrokeredUser

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

protected static final org.jboss.logging.Logger logger

Constructor Detail

SAMLIdentityProvider

public SAMLIdentityProvider(KeycloakSession session,
                            SAMLIdentityProviderConfig config,
                            DestinationValidator destinationValidator)

Method Detail
- callback
```
public Object callback(RealmModel realm,
                       IdentityProvider.AuthenticationCallback callback,
                       EventBuilder event)
```
  Description copied from interface: IdentityProvider
  
  JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.
  
  Specified by:
  
  callback in interface IdentityProvider<SAMLIdentityProviderConfig>
  
  Overrides:
  
  callback in class AbstractIdentityProvider<SAMLIdentityProviderConfig>
  
  Returns:
- performLogin
```
public javax.ws.rs.core.Response performLogin(AuthenticationRequest request)
```
  Description copied from interface: IdentityProvider
  
  Initiates the authentication process by sending an authentication request to an identity provider. This method is called only once during the authentication.
  
  Specified by:
  
  performLogin in interface IdentityProvider<SAMLIdentityProviderConfig>
  
  Overrides:
  
  performLogin in class AbstractIdentityProvider<SAMLIdentityProviderConfig>
  
  Parameters:
  
  request - The initial authentication request. Contains all the contextual information in order to build an authentication request to the identity provider.
  
  Returns:
- authenticationFinished
```
public void authenticationFinished(AuthenticationSessionModel authSession,
                                   BrokeredIdentityContext context)
```
  Specified by:
  
  authenticationFinished in interface IdentityProvider<SAMLIdentityProviderConfig>
  
  Overrides:
  
  authenticationFinished in class AbstractIdentityProvider<SAMLIdentityProviderConfig>
- retrieveToken
```
public javax.ws.rs.core.Response retrieveToken(KeycloakSession session,
                                               FederatedIdentityModel identity)
```
  Description copied from interface: IdentityProvider
  
  Returns a Response containing the token previously stored during the authentication process for a specific user.
  
  Returns:
- backchannelLogout
```
public void backchannelLogout(KeycloakSession session,
                              UserSessionModel userSession,
                              javax.ws.rs.core.UriInfo uriInfo,
                              RealmModel realm)
```
  Specified by:
  
  backchannelLogout in interface IdentityProvider<SAMLIdentityProviderConfig>
  
  Overrides:
  
  backchannelLogout in class AbstractIdentityProvider<SAMLIdentityProviderConfig>
- keycloakInitiatedBrowserLogout
```
public javax.ws.rs.core.Response keycloakInitiatedBrowserLogout(KeycloakSession session,
                                                                UserSessionModel userSession,
                                                                javax.ws.rs.core.UriInfo uriInfo,
                                                                RealmModel realm)
```
  Description copied from interface: IdentityProvider
  
  Called when a Keycloak application initiates a logout through the browser. This is expected to do a logout with the IDP
  
  Specified by:
  
  keycloakInitiatedBrowserLogout in interface IdentityProvider<SAMLIdentityProviderConfig>
  
  Overrides:
  
  keycloakInitiatedBrowserLogout in class AbstractIdentityProvider<SAMLIdentityProviderConfig>
  
  Returns:
  
  null if this is not supported by this provider
- buildLogoutRequest
```
protected LogoutRequestType buildLogoutRequest(UserSessionModel userSession,
                                               javax.ws.rs.core.UriInfo uriInfo,
                                               RealmModel realm,
                                               String singleLogoutServiceUrl,
                                               SamlProtocolExtensionsAwareBuilder.NodeGenerator... extensions)
                                        throws ConfigurationException
```
  Throws:
  
  ConfigurationException
- export
```
public javax.ws.rs.core.Response export(javax.ws.rs.core.UriInfo uriInfo,
                                        RealmModel realm,
                                        String format)
```
  Description copied from interface: IdentityProvider
  
  Export a representation of the IdentityProvider in a specific format. For example, a SAML EntityDescriptor
  
  Specified by:
  
  export in interface IdentityProvider<SAMLIdentityProviderConfig>
  
  Overrides:
  
  export in class AbstractIdentityProvider<SAMLIdentityProviderConfig>
  
  Returns:
- getSignatureAlgorithm
```
public SignatureAlgorithm getSignatureAlgorithm()
```
- getMarshaller
```
public IdentityProviderDataMarshaller getMarshaller()
```
  Description copied from interface: IdentityProvider
  
  Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSession
  
  Specified by:
  
  getMarshaller in interface IdentityProvider<SAMLIdentityProviderConfig>
  
  Overrides:
  
  getMarshaller in class AbstractIdentityProvider<SAMLIdentityProviderConfig>
  
  Returns:

Class SAMLIdentityProvider

Nested Class Summary

Nested classes/interfaces inherited from interface org.keycloak.broker.provider.IdentityProvider

Field Summary

Fields inherited from class org.keycloak.broker.provider.AbstractIdentityProvider

Fields inherited from interface org.keycloak.broker.provider.IdentityProvider

Constructor Summary

Method Summary

Methods inherited from class org.keycloak.broker.provider.AbstractIdentityProvider

Methods inherited from class java.lang.Object

Field Detail

logger

Constructor Detail

SAMLIdentityProvider

Method Detail

callback

performLogin

authenticationFinished

retrieveToken

backchannelLogout

keycloakInitiatedBrowserLogout

buildLogoutRequest

export

getSignatureAlgorithm

getMarshaller