org.keycloak.authentication

Class AuthenticationProcessor

java.lang.Object

org.keycloak.authentication.AuthenticationProcessor

Direct Known Subclasses:

ResetCredentialsActionTokenHandler.ResetCredsAuthenticationProcessor

public class AuthenticationProcessor
extends Object

Version:

$Revision: 1 $

Author:

Bill Burke

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
class	AuthenticationProcessor.Result

Field Summary

Fields

Modifier and Type	Field and Description
protected Runnable	afterResetListener
protected AuthenticationSessionModel	authenticationSession
static String	BROKER_SESSION_ID
static String	BROKER_USER_ID
protected boolean	browserFlow
protected ClientModel	client
protected Map<String,String>	clientAuthAttributes
protected ClientConnection	connection
static String	CURRENT_AUTHENTICATION_EXECUTION
static String	CURRENT_FLOW_PATH
protected EventBuilder	event
protected String	flowId
protected String	flowPath
static String	FORKED_FROM
static String	FORWARDED_PASSIVE_LOGIN
protected org.keycloak.authentication.AuthenticationProcessor.ForwardedFormMessageStore	forwardedErrorMessageStore This could be an error message forwarded from another authenticator
protected org.keycloak.authentication.AuthenticationProcessor.ForwardedFormMessageStore	forwardedSuccessMessageStore This could be an success message forwarded from another authenticator
static String	LAST_PROCESSED_EXECUTION
protected static org.jboss.logging.Logger	logger
protected BruteForceProtector	protector
protected RealmModel	realm
protected org.jboss.resteasy.spi.HttpRequest	request
protected KeycloakSession	session
protected javax.ws.rs.core.UriInfo	uriInfo
protected UserSessionModel	userSession

Constructor Summary

Constructors

Constructor and Description
AuthenticationProcessor()

Method Summary

Modifier and Type	Method and Description
ClientSessionContext	attachSession()
static ClientSessionContext	attachSession(AuthenticationSessionModel authSession, UserSessionModel userSession, KeycloakSession session, RealmModel realm, ClientConnection connection, EventBuilder event)
javax.ws.rs.core.Response	authenticate()
javax.ws.rs.core.Response	authenticateClient()
javax.ws.rs.core.Response	authenticateOnly()
javax.ws.rs.core.Response	authenticationAction(String execution)
protected javax.ws.rs.core.Response	authenticationComplete()
void	clearAuthenticatedUser()
static AuthenticationSessionModel	clone(KeycloakSession session, AuthenticationSessionModel authSession)
AuthenticationProcessor.Result	createAuthenticatorContext(AuthenticationExecutionModel model, Authenticator authenticator, List<AuthenticationExecutionModel> executions)
AuthenticationProcessor.Result	createClientAuthenticatorContext(AuthenticationExecutionModel model, ClientAuthenticator clientAuthenticator, List<AuthenticationExecutionModel> executions)
AuthenticationFlow	createFlowExecution(String flowId, AuthenticationExecutionModel execution)
void	evaluateRequiredActionTriggers()
javax.ws.rs.core.Response	finishAuthentication(LoginProtocol protocol)
String	generateCode()
AuthenticationSessionModel	getAuthenticationSession()
BruteForceProtector	getBruteForceProtector()
ClientModel	getClient()
Map<String,String>	getClientAuthAttributes()
ClientConnection	getConnection()
EventBuilder	getEvent()
String	getFlowPath()
RealmModel	getRealm()
URI	getRefreshUrl(boolean authSessionIdParam)
org.jboss.resteasy.spi.HttpRequest	getRequest()
KeycloakSession	getSession()
javax.ws.rs.core.UriInfo	getUriInfo()
UserSessionModel	getUserSession()
javax.ws.rs.core.Response	handleBrowserException(Exception failure)
javax.ws.rs.core.Response	handleBrowserExceptionList(AuthenticationFlowException e)
javax.ws.rs.core.Response	handleClientAuthException(Exception failure)
boolean	isBrowserFlow()
boolean	isEvaluatedFalse(AuthenticationExecutionModel model)
boolean	isEvaluatedTrue(AuthenticationExecutionModel model)
boolean	isSuccessful(AuthenticationExecutionModel model)
void	logFailure()
EventBuilder	newEvent()
String	nextRequiredAction()
javax.ws.rs.core.Response	redirectToFlow()
void	resetFlow()
static void	resetFlow(AuthenticationSessionModel authSession, String flowPath)
AuthenticationProcessor	setAuthenticationSession(AuthenticationSessionModel authenticationSession)
void	setAutheticatedUser(UserModel user)
AuthenticationProcessor	setBrowserFlow(boolean browserFlow)
void	setClient(ClientModel client)
AuthenticationProcessor	setConnection(ClientConnection connection)
AuthenticationProcessor	setEventBuilder(EventBuilder eventBuilder)
AuthenticationProcessor	setFlowId(String flowId)
AuthenticationProcessor	setFlowPath(String flowPath) This is the path segment to append when generating an action URL.
AuthenticationProcessor	setForwardedErrorMessage(FormMessage forwardedErrorMessage)
AuthenticationProcessor	setForwardedSuccessMessage(FormMessage forwardedSuccessMessage)
AuthenticationProcessor	setRealm(RealmModel realm)
AuthenticationProcessor	setRequest(org.jboss.resteasy.spi.HttpRequest request)
AuthenticationProcessor	setSession(KeycloakSession session)
AuthenticationProcessor	setUriInfo(javax.ws.rs.core.UriInfo uriInfo)
void	validateUser(UserModel authenticatedUser)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CURRENT_AUTHENTICATION_EXECUTION

public static final String CURRENT_AUTHENTICATION_EXECUTION

See Also:

Constant Field Values

LAST_PROCESSED_EXECUTION

public static final String LAST_PROCESSED_EXECUTION

See Also:

Constant Field Values

CURRENT_FLOW_PATH

public static final String CURRENT_FLOW_PATH

See Also:

Constant Field Values

FORKED_FROM

public static final String FORKED_FROM

See Also:

Constant Field Values

BROKER_SESSION_ID

public static final String BROKER_SESSION_ID

See Also:

Constant Field Values

BROKER_USER_ID

public static final String BROKER_USER_ID

See Also:

Constant Field Values

FORWARDED_PASSIVE_LOGIN

public static final String FORWARDED_PASSIVE_LOGIN

See Also:

Constant Field Values

logger

protected static final org.jboss.logging.Logger logger

realm

protected RealmModel realm

userSession

protected UserSessionModel userSession

authenticationSession

protected AuthenticationSessionModel authenticationSession

connection

protected ClientConnection connection

uriInfo

protected javax.ws.rs.core.UriInfo uriInfo

session

protected KeycloakSession session

event

protected EventBuilder event

request

protected org.jboss.resteasy.spi.HttpRequest request

flowId

protected String flowId

flowPath

protected String flowPath

browserFlow

protected boolean browserFlow

protector

protected BruteForceProtector protector

afterResetListener

protected Runnable afterResetListener

forwardedErrorMessageStore

protected org.keycloak.authentication.AuthenticationProcessor.ForwardedFormMessageStore forwardedErrorMessageStore

This could be an error message forwarded from another authenticator

forwardedSuccessMessageStore

protected org.keycloak.authentication.AuthenticationProcessor.ForwardedFormMessageStore forwardedSuccessMessageStore

This could be an success message forwarded from another authenticator

client

protected ClientModel client

clientAuthAttributes

protected Map<String,String> clientAuthAttributes

Constructor Detail

AuthenticationProcessor

public AuthenticationProcessor()

Method Detail

isBrowserFlow

public boolean isBrowserFlow()

setBrowserFlow

public AuthenticationProcessor setBrowserFlow(boolean browserFlow)

getBruteForceProtector

public BruteForceProtector getBruteForceProtector()

getRealm

public RealmModel getRealm()

getClient

public ClientModel getClient()

setClient

public void setClient(ClientModel client)

getClientAuthAttributes

public Map<String,String> getClientAuthAttributes()

getAuthenticationSession

public AuthenticationSessionModel getAuthenticationSession()

getConnection

public ClientConnection getConnection()

getUriInfo

public javax.ws.rs.core.UriInfo getUriInfo()

getSession

public KeycloakSession getSession()

getUserSession

public UserSessionModel getUserSession()

setRealm

public AuthenticationProcessor setRealm(RealmModel realm)

setAuthenticationSession

public AuthenticationProcessor setAuthenticationSession(AuthenticationSessionModel authenticationSession)

setConnection

public AuthenticationProcessor setConnection(ClientConnection connection)

setUriInfo

public AuthenticationProcessor setUriInfo(javax.ws.rs.core.UriInfo uriInfo)

setSession

public AuthenticationProcessor setSession(KeycloakSession session)

setEventBuilder

public AuthenticationProcessor setEventBuilder(EventBuilder eventBuilder)

setRequest

public AuthenticationProcessor setRequest(org.jboss.resteasy.spi.HttpRequest request)

setFlowId

public AuthenticationProcessor setFlowId(String flowId)

setFlowPath

public AuthenticationProcessor setFlowPath(String flowPath)

This is the path segment to append when generating an action URL.

Parameters:

flowPath -

setForwardedErrorMessage

public AuthenticationProcessor setForwardedErrorMessage(FormMessage forwardedErrorMessage)

setForwardedSuccessMessage

public AuthenticationProcessor setForwardedSuccessMessage(FormMessage forwardedSuccessMessage)

generateCode

public String generateCode()

newEvent

public EventBuilder newEvent()

getEvent

public EventBuilder getEvent()

getRequest

public org.jboss.resteasy.spi.HttpRequest getRequest()

getFlowPath

public String getFlowPath()

setAutheticatedUser

public void setAutheticatedUser(UserModel user)

clearAuthenticatedUser

public void clearAuthenticatedUser()

getRefreshUrl

public URI getRefreshUrl(boolean authSessionIdParam)

logFailure

public void logFailure()

isSuccessful

public boolean isSuccessful(AuthenticationExecutionModel model)

isEvaluatedTrue

public boolean isEvaluatedTrue(AuthenticationExecutionModel model)

isEvaluatedFalse

public boolean isEvaluatedFalse(AuthenticationExecutionModel model)

handleBrowserExceptionList

public javax.ws.rs.core.Response handleBrowserExceptionList(AuthenticationFlowException e)

handleBrowserException

public javax.ws.rs.core.Response handleBrowserException(Exception failure)

handleClientAuthException

public javax.ws.rs.core.Response handleClientAuthException(Exception failure)

createFlowExecution

public AuthenticationFlow createFlowExecution(String flowId,
                                              AuthenticationExecutionModel execution)

authenticate

public javax.ws.rs.core.Response authenticate()
                                       throws AuthenticationFlowException

Throws:

AuthenticationFlowException

authenticateClient

public javax.ws.rs.core.Response authenticateClient()
                                             throws AuthenticationFlowException

Throws:

AuthenticationFlowException

redirectToFlow

public javax.ws.rs.core.Response redirectToFlow()

resetFlow

public void resetFlow()

resetFlow

public static void resetFlow(AuthenticationSessionModel authSession,
                             String flowPath)

clone

public static AuthenticationSessionModel clone(KeycloakSession session,
                                               AuthenticationSessionModel authSession)

authenticationAction

public javax.ws.rs.core.Response authenticationAction(String execution)

authenticateOnly

public javax.ws.rs.core.Response authenticateOnly()
                                           throws AuthenticationFlowException

Throws:

AuthenticationFlowException

attachSession

public ClientSessionContext attachSession()

attachSession

public static ClientSessionContext attachSession(AuthenticationSessionModel authSession,
                                                 UserSessionModel userSession,
                                                 KeycloakSession session,
                                                 RealmModel realm,
                                                 ClientConnection connection,
                                                 EventBuilder event)

evaluateRequiredActionTriggers

public void evaluateRequiredActionTriggers()

finishAuthentication

public javax.ws.rs.core.Response finishAuthentication(LoginProtocol protocol)

validateUser

public void validateUser(UserModel authenticatedUser)

authenticationComplete

protected javax.ws.rs.core.Response authenticationComplete()

nextRequiredAction

public String nextRequiredAction()

createAuthenticatorContext

public AuthenticationProcessor.Result createAuthenticatorContext(AuthenticationExecutionModel model,
                                                                 Authenticator authenticator,
                                                                 List<AuthenticationExecutionModel> executions)

createClientAuthenticatorContext

public AuthenticationProcessor.Result createClientAuthenticatorContext(AuthenticationExecutionModel model,
                                                                       ClientAuthenticator clientAuthenticator,
                                                                       List<AuthenticationExecutionModel> executions)