org.keycloak.protocol

Class AuthorizationEndpointBase

java.lang.Object

org.keycloak.protocol.AuthorizationEndpointBase

Direct Known Subclasses:

AuthorizationEndpoint, DockerEndpoint, SamlService

public abstract class AuthorizationEndpointBase
extends Object

Common base class for Authorization REST endpoints implementation, which have to be implemented by each protocol.

Author:

Vlastimil Elias (velias at redhat dot com)

Field Summary

Fields

Modifier and Type	Field and Description
static String	APP_INITIATED_FLOW
protected AuthenticationManager	authManager
protected ClientConnection	clientConnection
protected EventBuilder	event
protected javax.ws.rs.core.HttpHeaders	headers
protected org.jboss.resteasy.spi.HttpRequest	httpRequest
protected RealmModel	realm
protected KeycloakSession	session

Constructor Summary

Constructors

Constructor and Description
AuthorizationEndpointBase(RealmModel realm, EventBuilder event)

Method Summary

Modifier and Type	Method and Description
protected void	checkRealm()
protected void	checkSsl()
protected AuthenticationSessionModel	createAuthenticationSession(ClientModel client, String requestState)
protected AuthenticationProcessor	createProcessor(AuthenticationSessionModel authSession, String flowId, String flowPath)
protected AuthenticationFlowModel	getAuthenticationFlow(AuthenticationSessionModel authSession)
protected javax.ws.rs.core.Response	handleBrowserAuthenticationRequest(AuthenticationSessionModel authSession, LoginProtocol protocol, boolean isPassive, boolean redirectToAuthentication) Common method to handle browser authentication request in protocols unified way.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

APP_INITIATED_FLOW

public static final String APP_INITIATED_FLOW

See Also:

Constant Field Values

realm

protected RealmModel realm

event

protected EventBuilder event

authManager

protected AuthenticationManager authManager

headers

@Context
protected javax.ws.rs.core.HttpHeaders headers

httpRequest

@Context
protected org.jboss.resteasy.spi.HttpRequest httpRequest

session

@Context
protected KeycloakSession session

clientConnection

@Context
protected ClientConnection clientConnection

Constructor Detail

AuthorizationEndpointBase

public AuthorizationEndpointBase(RealmModel realm,
                                 EventBuilder event)

Method Detail

createProcessor

protected AuthenticationProcessor createProcessor(AuthenticationSessionModel authSession,
                                                  String flowId,
                                                  String flowPath)

handleBrowserAuthenticationRequest

protected javax.ws.rs.core.Response handleBrowserAuthenticationRequest(AuthenticationSessionModel authSession,
                                                                       LoginProtocol protocol,
                                                                       boolean isPassive,
                                                                       boolean redirectToAuthentication)

Common method to handle browser authentication request in protocols unified way.

Parameters:

authSession - for current request

protocol - handler for protocol used to initiate login

isPassive - set to true if login should be passive (without login screen shown)

redirectToAuthentication - if true redirect to flow url. If initial call to protocol is a POST, you probably want to do this. This is so we can disable the back button on browser

Returns:

response to be returned to the browser

getAuthenticationFlow

protected AuthenticationFlowModel getAuthenticationFlow(AuthenticationSessionModel authSession)

checkSsl

protected void checkSsl()

checkRealm

protected void checkRealm()

createAuthenticationSession

protected AuthenticationSessionModel createAuthenticationSession(ClientModel client,
                                                                 String requestState)