Modifier and Type | Field and Description |
---|---|
protected AuthenticationSessionModel |
RequiredActionContextResult.authenticationSession |
protected AuthenticationSessionModel |
AuthenticationProcessor.authenticationSession |
Modifier and Type | Method and Description |
---|---|
static AuthenticationSessionModel |
AuthenticationProcessor.clone(KeycloakSession session,
AuthenticationSessionModel authSession) |
AuthenticationSessionModel |
RequiredActionContextResult.getAuthenticationSession() |
AuthenticationSessionModel |
AuthenticationProcessor.getAuthenticationSession() |
AuthenticationSessionModel |
AuthenticationProcessor.Result.getAuthenticationSession() |
AuthenticationSessionModel |
RequiredActionContext.getAuthenticationSession() |
AuthenticationSessionModel |
FormContext.getAuthenticationSession()
AuthenticationSessionModel attached to this flow
|
AuthenticationSessionModel |
AuthenticationFlowContext.getAuthenticationSession()
AuthenticationSessionModel attached to this flow
|
Modifier and Type | Method and Description |
---|---|
static ClientSessionContext |
AuthenticationProcessor.attachSession(AuthenticationSessionModel authSession,
UserSessionModel userSession,
KeycloakSession session,
RealmModel realm,
ClientConnection connection,
EventBuilder event) |
static AuthenticationSessionModel |
AuthenticationProcessor.clone(KeycloakSession session,
AuthenticationSessionModel authSession) |
default void |
RequiredActionProvider.initiatedActionCanceled(KeycloakSession session,
AuthenticationSessionModel authSession)
Callback to let the action know that an application-initiated action
was canceled.
|
static void |
AuthenticationProcessor.resetFlow(AuthenticationSessionModel authSession,
String flowPath) |
AuthenticationProcessor |
AuthenticationProcessor.setAuthenticationSession(AuthenticationSessionModel authenticationSession) |
Constructor and Description |
---|
RequiredActionContextResult(AuthenticationSessionModel authSession,
RealmModel realm,
EventBuilder eventBuilder,
KeycloakSession session,
org.jboss.resteasy.spi.HttpRequest httpRequest,
UserModel user,
RequiredActionFactory factory) |
Modifier and Type | Method and Description |
---|---|
AuthenticationSessionModel |
ActionTokenContext.createAuthenticationSessionForClient(String clientId) |
AuthenticationSessionModel |
ActionTokenContext.getAuthenticationSession() |
AuthenticationSessionModel |
ActionTokenHandler.startFreshAuthenticationSession(T token,
ActionTokenContext<T> tokenContext)
Creates a fresh authentication session according to the information from the token.
|
AuthenticationSessionModel |
AbstractActionTokenHander.startFreshAuthenticationSession(T token,
ActionTokenContext<T> tokenContext) |
Modifier and Type | Method and Description |
---|---|
String |
ActionTokenHandler.getAuthenticationSessionIdFromToken(T token,
ActionTokenContext<T> tokenContext,
AuthenticationSessionModel currentAuthSession)
Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.
|
String |
AbstractActionTokenHander.getAuthenticationSessionIdFromToken(T token,
ActionTokenContext<T> tokenContext,
AuthenticationSessionModel currentAuthSession) |
javax.ws.rs.core.Response |
ActionTokenContext.ProcessAuthenticateFlow.processFlow(boolean action,
String execution,
AuthenticationSessionModel authSession,
String flowPath,
AuthenticationFlowModel flow,
String errorMessage,
AuthenticationProcessor processor) |
void |
ActionTokenContext.setAuthenticationSession(AuthenticationSessionModel authenticationSession,
boolean isFresh) |
Modifier and Type | Method and Description |
---|---|
static UserModel |
AbstractIdpAuthenticator.getExistingUser(KeycloakSession session,
RealmModel realm,
AuthenticationSessionModel authSession) |
Modifier and Type | Method and Description |
---|---|
BrokeredIdentityContext |
SerializedBrokeredIdentityContext.deserialize(KeycloakSession session,
AuthenticationSessionModel authSession) |
static SerializedBrokeredIdentityContext |
SerializedBrokeredIdentityContext.readFromAuthenticationSession(AuthenticationSessionModel authSession,
String noteKey) |
void |
SerializedBrokeredIdentityContext.saveToAuthenticationSession(AuthenticationSessionModel authSession,
String noteKey) |
Modifier and Type | Method and Description |
---|---|
void |
OIDCIdentityProvider.authenticationFinished(AuthenticationSessionModel authSession,
BrokeredIdentityContext context) |
void |
AbstractOAuth2IdentityProvider.authenticationFinished(AuthenticationSessionModel authSession,
BrokeredIdentityContext context) |
Modifier and Type | Method and Description |
---|---|
AuthenticationSessionModel |
BrokeredIdentityContext.getAuthenticationSession() |
AuthenticationSessionModel |
AuthenticationRequest.getAuthenticationSession() |
Modifier and Type | Method and Description |
---|---|
void |
IdentityProvider.authenticationFinished(AuthenticationSessionModel authSession,
BrokeredIdentityContext context) |
void |
AbstractIdentityProvider.authenticationFinished(AuthenticationSessionModel authSession,
BrokeredIdentityContext context) |
void |
BrokeredIdentityContext.setAuthenticationSession(AuthenticationSessionModel authenticationSession) |
Constructor and Description |
---|
AuthenticationRequest(KeycloakSession session,
RealmModel realm,
AuthenticationSessionModel authSession,
org.jboss.resteasy.spi.HttpRequest httpRequest,
javax.ws.rs.core.UriInfo uriInfo,
IdentityBrokerState state,
String redirectUri) |
Modifier and Type | Method and Description |
---|---|
void |
SAMLIdentityProvider.authenticationFinished(AuthenticationSessionModel authSession,
BrokeredIdentityContext context) |
Modifier and Type | Method and Description |
---|---|
EmailTemplateProvider |
EmailTemplateProvider.setAuthenticationSession(AuthenticationSessionModel authenticationSession) |
Modifier and Type | Field and Description |
---|---|
protected AuthenticationSessionModel |
FreeMarkerEmailTemplateProvider.authenticationSession
authenticationSession can be null for some email sendings, it is filled only for email sendings performed as part of the authentication session (email verification, password reset, broker link
etc.)!
|
Modifier and Type | Method and Description |
---|---|
EmailTemplateProvider |
FreeMarkerEmailTemplateProvider.setAuthenticationSession(AuthenticationSessionModel authenticationSession) |
Modifier and Type | Method and Description |
---|---|
LoginFormsProvider |
LoginFormsProvider.setAuthenticationSession(AuthenticationSessionModel authenticationSession) |
Modifier and Type | Field and Description |
---|---|
protected AuthenticationSessionModel |
FreeMarkerLoginFormsProvider.authenticationSession
authenticationSession can be null for some renderings, mainly error pages
|
Modifier and Type | Method and Description |
---|---|
LoginFormsProvider |
FreeMarkerLoginFormsProvider.setAuthenticationSession(AuthenticationSessionModel authenticationSession) |
Modifier and Type | Method and Description |
---|---|
AuthenticationSessionModel |
KeycloakContext.getAuthenticationSession()
Get current AuthenticationSessionModel, can be null out of the AuthenticationSession context.
|
Modifier and Type | Method and Description |
---|---|
void |
KeycloakContext.setAuthenticationSession(AuthenticationSessionModel authenticationSession) |
Modifier and Type | Class and Description |
---|---|
class |
AuthenticationSessionAdapter
NOTE: Calling setter doesn't automatically enlist for update
|
Modifier and Type | Method and Description |
---|---|
AuthenticationSessionModel |
RootAuthenticationSessionAdapter.createAuthenticationSession(ClientModel client) |
AuthenticationSessionModel |
RootAuthenticationSessionAdapter.getAuthenticationSession(ClientModel client,
String tabId) |
Modifier and Type | Method and Description |
---|---|
Map<String,AuthenticationSessionModel> |
RootAuthenticationSessionAdapter.getAuthenticationSessions() |
Modifier and Type | Method and Description |
---|---|
static AuthenticationFlowModel |
AuthenticationFlowResolver.resolveBrowserFlow(AuthenticationSessionModel authSession) |
static AuthenticationFlowModel |
AuthenticationFlowResolver.resolveDirectGrantFlow(AuthenticationSessionModel authSession) |
Modifier and Type | Method and Description |
---|---|
protected AuthenticationSessionModel |
AuthorizationEndpointBase.createAuthenticationSession(ClientModel client,
String requestState) |
static AuthenticationSessionModel |
RestartLoginCookie.restartSession(KeycloakSession session,
RealmModel realm,
RootAuthenticationSessionModel rootSession,
String expectedClientId) |
Modifier and Type | Method and Description |
---|---|
javax.ws.rs.core.Response |
LoginProtocol.authenticated(AuthenticationSessionModel authSession,
UserSessionModel userSession,
ClientSessionContext clientSessionCtx) |
protected AuthenticationProcessor |
AuthorizationEndpointBase.createProcessor(AuthenticationSessionModel authSession,
String flowId,
String flowPath) |
protected AuthenticationFlowModel |
AuthorizationEndpointBase.getAuthenticationFlow(AuthenticationSessionModel authSession) |
protected javax.ws.rs.core.Response |
AuthorizationEndpointBase.handleBrowserAuthenticationRequest(AuthenticationSessionModel authSession,
LoginProtocol protocol,
boolean isPassive,
boolean redirectToAuthentication)
Common method to handle browser authentication request in protocols unified way.
|
boolean |
LoginProtocol.requireReauthentication(UserSessionModel userSession,
AuthenticationSessionModel authSession) |
javax.ws.rs.core.Response |
LoginProtocol.sendError(AuthenticationSessionModel authSession,
LoginProtocol.Error error) |
static void |
RestartLoginCookie.setRestartCookie(KeycloakSession session,
RealmModel realm,
ClientConnection connection,
javax.ws.rs.core.UriInfo uriInfo,
AuthenticationSessionModel authSession) |
Constructor and Description |
---|
RestartLoginCookie(AuthenticationSessionModel authSession) |
Modifier and Type | Method and Description |
---|---|
javax.ws.rs.core.Response |
DockerAuthV2Protocol.authenticated(AuthenticationSessionModel authSession,
UserSessionModel userSession,
ClientSessionContext clientSessionCtx) |
protected AuthenticationFlowModel |
DockerEndpoint.getAuthenticationFlow(AuthenticationSessionModel authSession) |
boolean |
DockerAuthV2Protocol.requireReauthentication(UserSessionModel userSession,
AuthenticationSessionModel clientSession) |
javax.ws.rs.core.Response |
DockerAuthV2Protocol.sendError(AuthenticationSessionModel clientSession,
LoginProtocol.Error error) |
Modifier and Type | Method and Description |
---|---|
static ClientSessionContext |
TokenManager.attachAuthenticationSession(KeycloakSession session,
UserSessionModel userSession,
AuthenticationSessionModel authSession) |
javax.ws.rs.core.Response |
OIDCLoginProtocol.authenticated(AuthenticationSessionModel authSession,
UserSessionModel userSession,
ClientSessionContext clientSessionCtx) |
protected boolean |
OIDCLoginProtocol.isAuthTimeExpired(UserSessionModel userSession,
AuthenticationSessionModel authSession) |
protected boolean |
OIDCLoginProtocol.isPromptLogin(AuthenticationSessionModel authSession) |
protected boolean |
OIDCLoginProtocol.isReAuthRequiredForKcAction(UserSessionModel userSession,
AuthenticationSessionModel authSession) |
boolean |
OIDCLoginProtocol.requireReauthentication(UserSessionModel userSession,
AuthenticationSessionModel authSession) |
javax.ws.rs.core.Response |
OIDCLoginProtocol.sendError(AuthenticationSessionModel authSession,
LoginProtocol.Error error) |
Modifier and Type | Method and Description |
---|---|
AuthenticationSessionModel |
SamlService.getOrCreateLoginSessionForIdpInitiatedSso(KeycloakSession session,
RealmModel realm,
ClientModel client,
String relayState)
Creates a client session object for SAML IdP-initiated SSO session.
|
Modifier and Type | Method and Description |
---|---|
javax.ws.rs.core.Response |
SamlProtocol.authenticated(AuthenticationSessionModel authSession,
UserSessionModel userSession,
ClientSessionContext clientSessionCtx) |
protected String |
SamlProtocol.getNameIdFormat(SamlClient samlClient,
AuthenticationSessionModel authSession) |
protected boolean |
SamlProtocol.isPostBinding(AuthenticationSessionModel authSession) |
protected javax.ws.rs.core.Response |
SamlService.newBrowserAuthentication(AuthenticationSessionModel authSession,
boolean isPassive,
boolean redirectToAuthentication) |
protected javax.ws.rs.core.Response |
SamlService.newBrowserAuthentication(AuthenticationSessionModel authSession,
boolean isPassive,
boolean redirectToAuthentication,
SamlProtocol samlProtocol) |
boolean |
SamlProtocol.requireReauthentication(UserSessionModel userSession,
AuthenticationSessionModel authSession) |
javax.ws.rs.core.Response |
SamlProtocol.sendError(AuthenticationSessionModel authSession,
LoginProtocol.Error error) |
Modifier and Type | Method and Description |
---|---|
default AuthnRequestType |
SamlAuthenticationPreprocessor.beforeProcessingLoginRequest(AuthnRequestType authnRequest,
AuthenticationSessionModel authSession)
Called before a login request is processed.
|
default StatusResponseType |
SamlAuthenticationPreprocessor.beforeProcessingLoginResponse(StatusResponseType statusResponse,
AuthenticationSessionModel authSession)
Called before a login response is processed.
|
default AuthnRequestType |
SamlAuthenticationPreprocessor.beforeSendingLoginRequest(AuthnRequestType authnRequest,
AuthenticationSessionModel clientSession)
Called before a login request is sent.
|
Modifier and Type | Method and Description |
---|---|
protected AuthenticationFlowModel |
SamlEcpProfileService.getAuthenticationFlow(AuthenticationSessionModel authSession) |
protected javax.ws.rs.core.Response |
SamlEcpProfileService.newBrowserAuthentication(AuthenticationSessionModel authSession,
boolean isPassive,
boolean redirectToAuthentication,
SamlProtocol samlProtocol) |
Modifier and Type | Method and Description |
---|---|
AuthenticationSessionModel |
DefaultKeycloakContext.getAuthenticationSession() |
Modifier and Type | Method and Description |
---|---|
static javax.ws.rs.core.Response |
ErrorPage.error(KeycloakSession session,
AuthenticationSessionModel authenticationSession,
javax.ws.rs.core.Response.Status status,
String message,
Object... parameters) |
void |
DefaultKeycloakContext.setAuthenticationSession(AuthenticationSessionModel authenticationSession) |
Constructor and Description |
---|
ErrorPageException(KeycloakSession session,
AuthenticationSessionModel authSession,
javax.ws.rs.core.Response.Status status,
String errorMessage,
Object... parameters) |
Modifier and Type | Method and Description |
---|---|
AuthenticationSessionModel |
AuthenticationSessionManager.getAuthenticationSessionByIdAndClient(RealmModel realm,
String authSessionId,
ClientModel client,
String tabId) |
AuthenticationSessionModel |
AuthenticationSessionManager.getCurrentAuthenticationSession(RealmModel realm,
ClientModel client,
String tabId)
Returns current authentication session if it exists, otherwise returns
null . |
Modifier and Type | Method and Description |
---|---|
static javax.ws.rs.core.Response |
AuthenticationManager.actionRequired(KeycloakSession session,
AuthenticationSessionModel authSession,
ClientConnection clientConnection,
org.jboss.resteasy.spi.HttpRequest request,
javax.ws.rs.core.UriInfo uriInfo,
EventBuilder event) |
static void |
AuthenticationManager.evaluateRequiredActionTriggers(KeycloakSession session,
AuthenticationSessionModel authSession,
ClientConnection clientConnection,
org.jboss.resteasy.spi.HttpRequest request,
javax.ws.rs.core.UriInfo uriInfo,
EventBuilder event,
RealmModel realm,
UserModel user) |
protected static javax.ws.rs.core.Response |
AuthenticationManager.executionActions(KeycloakSession session,
AuthenticationSessionModel authSession,
org.jboss.resteasy.spi.HttpRequest request,
EventBuilder event,
RealmModel realm,
UserModel user,
Set<String> requiredActions) |
static javax.ws.rs.core.Response |
AuthenticationManager.finishedRequiredActions(KeycloakSession session,
AuthenticationSessionModel authSession,
UserSessionModel userSession,
ClientConnection clientConnection,
org.jboss.resteasy.spi.HttpRequest request,
javax.ws.rs.core.UriInfo uriInfo,
EventBuilder event) |
static CommonClientSessionModel.Action |
AuthenticationManager.getClientLogoutAction(AuthenticationSessionModel logoutAuthSession,
String clientUuid)
Returns the logout state of the particular client as per the
logoutAuthSession |
UserSessionModel |
AuthenticationSessionManager.getUserSession(AuthenticationSessionModel authSession) |
protected static void |
AuthenticationManager.logSuccess(KeycloakSession session,
AuthenticationSessionModel authSession) |
static UserModel |
AuthenticationManager.lookupUserForBruteForceLog(KeycloakSession session,
RealmModel realm,
AuthenticationSessionModel authenticationSession) |
static javax.ws.rs.core.Response |
AuthenticationManager.nextActionAfterAuthentication(KeycloakSession session,
AuthenticationSessionModel authSession,
ClientConnection clientConnection,
org.jboss.resteasy.spi.HttpRequest request,
javax.ws.rs.core.UriInfo uriInfo,
EventBuilder event) |
static String |
AuthenticationManager.nextRequiredAction(KeycloakSession session,
AuthenticationSessionModel authSession,
ClientConnection clientConnection,
org.jboss.resteasy.spi.HttpRequest request,
javax.ws.rs.core.UriInfo uriInfo,
EventBuilder event) |
static javax.ws.rs.core.Response |
AuthenticationManager.redirectAfterSuccessfulFlow(KeycloakSession session,
RealmModel realm,
UserSessionModel userSession,
ClientSessionContext clientSessionCtx,
org.jboss.resteasy.spi.HttpRequest request,
javax.ws.rs.core.UriInfo uriInfo,
ClientConnection clientConnection,
EventBuilder event,
AuthenticationSessionModel authSession) |
static javax.ws.rs.core.Response |
AuthenticationManager.redirectAfterSuccessfulFlow(KeycloakSession session,
RealmModel realm,
UserSessionModel userSession,
ClientSessionContext clientSessionCtx,
org.jboss.resteasy.spi.HttpRequest request,
javax.ws.rs.core.UriInfo uriInfo,
ClientConnection clientConnection,
EventBuilder event,
AuthenticationSessionModel authSession,
LoginProtocol protocol) |
static javax.ws.rs.core.Response |
AuthenticationManager.redirectToRequiredActions(KeycloakSession session,
RealmModel realm,
AuthenticationSessionModel authSession,
javax.ws.rs.core.UriInfo uriInfo,
String requiredAction) |
void |
AuthenticationSessionManager.removeAuthenticationSession(RealmModel realm,
AuthenticationSessionModel authSession,
boolean expireRestartCookie) |
static void |
AuthenticationManager.setClientLogoutAction(AuthenticationSessionModel logoutAuthSession,
String clientUuid,
CommonClientSessionModel.Action action)
Sets logout state of the particular client into the
logoutAuthSession |
static void |
AuthenticationManager.setClientScopesInSession(AuthenticationSessionModel authSession) |
static void |
AuthenticationManager.setKcActionStatus(String executedProviderId,
RequiredActionContext.KcActionStatus status,
AuthenticationSessionModel authSession) |
Modifier and Type | Method and Description |
---|---|
AuthenticationSessionModel |
SessionCodeChecks.getAuthenticationSession() |
AuthenticationSessionModel |
SessionCodeChecks.initialVerifyAuthSession() |
Modifier and Type | Method and Description |
---|---|
ClientSessionCode<AuthenticationSessionModel> |
SessionCodeChecks.getClientCode() |
Modifier and Type | Method and Description |
---|---|
protected javax.ws.rs.core.Response |
IdentityBrokerService.browserAuthentication(AuthenticationSessionModel authSession,
String errorMessage) |
static <T extends JsonWebToken> |
LoginActionsServiceChecks.checkNotLoggedInYet(ActionTokenContext<T> context,
AuthenticationSessionModel authSessionFromCookie,
String authSessionId)
Verifies that the authentication session has not yet been converted to user session, in other words
that the user has not yet completed authentication and logged in.
|
static <T extends JsonWebToken> |
LoginActionsServiceChecks.doesAuthenticationSessionFromCookieMatchOneFromToken(ActionTokenContext<T> context,
AuthenticationSessionModel authSessionFromCookie,
String authSessionCompoundIdFromToken)
This check verifies that current authentication session is consistent with the one specified in token.
|
protected javax.ws.rs.core.Response |
LoginActionsService.processAuthentication(boolean action,
String execution,
AuthenticationSessionModel authSession,
String errorMessage) |
protected javax.ws.rs.core.Response |
LoginActionsService.processFlow(boolean action,
String execution,
AuthenticationSessionModel authSession,
String flowPath,
AuthenticationFlowModel flow,
String errorMessage,
AuthenticationProcessor processor) |
protected void |
LoginActionsService.processLocaleParam(AuthenticationSessionModel authSession) |
protected javax.ws.rs.core.Response |
LoginActionsService.processRegistration(boolean action,
String execution,
AuthenticationSessionModel authSession,
String errorMessage) |
protected javax.ws.rs.core.Response |
LoginActionsService.processResetCredentials(boolean actionRequest,
String execution,
AuthenticationSessionModel authSession,
String errorMessage) |
static javax.ws.rs.core.Response |
LoginActionsService.redirectToAfterBrokerLoginEndpoint(KeycloakSession session,
RealmModel realm,
javax.ws.rs.core.UriInfo uriInfo,
AuthenticationSessionModel authSession,
boolean firstBrokerLogin) |
javax.ws.rs.core.Response |
IdentityBrokerService.validateUser(AuthenticationSessionModel authSession,
UserModel user,
RealmModel realm) |
Modifier and Type | Method and Description |
---|---|
URI |
AuthenticationFlowURLHelper.getLastExecutionUrl(AuthenticationSessionModel authSession) |
abstract javax.ws.rs.core.Response |
BrowserHistoryHelper.loadSavedResponse(KeycloakSession session,
AuthenticationSessionModel authSession) |
abstract javax.ws.rs.core.Response |
BrowserHistoryHelper.saveResponseAndRedirect(KeycloakSession session,
AuthenticationSessionModel authSession,
javax.ws.rs.core.Response response,
boolean actionRequest,
org.jboss.resteasy.spi.HttpRequest httpRequest) |
javax.ws.rs.core.Response |
AuthenticationFlowURLHelper.showPageExpired(AuthenticationSessionModel authSession) |
Modifier and Type | Method and Description |
---|---|
AuthenticationSessionModel |
RootAuthenticationSessionModel.createAuthenticationSession(ClientModel client)
Create new authentication session and returns it.
|
AuthenticationSessionModel |
RootAuthenticationSessionModel.getAuthenticationSession(ClientModel client,
String tabId) |
Modifier and Type | Method and Description |
---|---|
Map<String,AuthenticationSessionModel> |
RootAuthenticationSessionModel.getAuthenticationSessions()
Key is tabId, Value is AuthenticationSessionModel.
|
Modifier and Type | Method and Description |
---|---|
static AuthenticationSessionCompoundId |
AuthenticationSessionCompoundId.fromAuthSession(AuthenticationSessionModel authSession) |
Modifier and Type | Method and Description |
---|---|
void |
TwitterIdentityProvider.authenticationFinished(AuthenticationSessionModel authSession,
BrokeredIdentityContext context) |
Copyright © 2020 JBoss by Red Hat. All rights reserved.