Class DefaultActionToken
- java.lang.Object
-
- org.keycloak.representations.JsonWebToken
-
- org.keycloak.models.DefaultActionTokenKey
-
- org.keycloak.authentication.actiontoken.DefaultActionToken
-
- All Implemented Interfaces:
Serializable,SingleUseObjectKeyModel,SingleUseObjectValueModel,Token
- Direct Known Subclasses:
ExecuteActionsActionToken,IdpVerifyAccountLinkActionToken,ResetCredentialsActionToken,UpdateEmailActionToken,VerifyEmailActionToken
public class DefaultActionToken extends DefaultActionTokenKey implements SingleUseObjectValueModel
Part of action token that is intended to be used e.g. in link sent in password-reset email. The token encapsulates user, expected action and its time of expiry.- Author:
- hmlnarik
- See Also:
- Serialized Form
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.keycloak.models.SingleUseObjectValueModel
SingleUseObjectValueModel.SearchableFields
-
-
Field Summary
Fields Modifier and Type Field Description static TokenVerifier.Predicate<DefaultActionTokenKey>ACTION_TOKEN_BASIC_CHECKSstatic StringJSON_FIELD_AUTHENTICATION_SESSION_IDstatic StringJSON_FIELD_EMAIL-
Fields inherited from class org.keycloak.models.DefaultActionTokenKey
ACTION_TOKEN_USER_ID, JSON_FIELD_ACTION_VERIFICATION_NONCE
-
-
Constructor Summary
Constructors Modifier Constructor Description DefaultActionToken()Single-use random value used for verification whether the relevant action is allowed.protectedDefaultActionToken(String userId, String actionId, int absoluteExpirationInSecs, UUID actionVerificationNonce)protectedDefaultActionToken(String userId, String actionId, int absoluteExpirationInSecs, UUID actionVerificationNonce, String compoundAuthenticationSessionId)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringgetCompoundAuthenticationSessionId()StringgetEmail()StringgetNote(String name)Returns value of the given note (ornullwhen no note of this name is present)Map<String,String>getNotes()Returns unmodifiable map of all notes.StringremoveNote(String name)Removes given note, and returns original value (ornullwhen no value was present)Stringserialize(KeycloakSession session, RealmModel realm, javax.ws.rs.core.UriInfo uri)Updates the following fields and serializes this token into a signed JWT.voidsetCompoundAuthenticationSessionId(String authenticationSessionId)voidsetEmail(String email)StringsetNote(String name, String value)Sets value of the given note-
Methods inherited from class org.keycloak.models.DefaultActionTokenKey
from, getActionId, getActionVerificationNonce, getUserId
-
Methods inherited from class org.keycloak.representations.JsonWebToken
addAudience, audience, exp, expiration, getAudience, getCategory, getExp, getExpiration, getIat, getId, getIssuedAt, getIssuedFor, getIssuer, getNbf, getNotBefore, getOtherClaims, getSubject, getType, hasAnyAudience, hasAudience, iat, id, isActive, isActive, isExpired, isIssuedBeforeSessionStart, isNotBefore, issuedAt, issuedFor, issuedNow, issuer, nbf, notBefore, setOtherClaims, setSubject, subject, type
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.models.SingleUseObjectKeyModel
getExpiration, serializeKey
-
-
-
-
Field Detail
-
JSON_FIELD_AUTHENTICATION_SESSION_ID
public static final String JSON_FIELD_AUTHENTICATION_SESSION_ID
- See Also:
- Constant Field Values
-
JSON_FIELD_EMAIL
public static final String JSON_FIELD_EMAIL
- See Also:
- Constant Field Values
-
ACTION_TOKEN_BASIC_CHECKS
public static final TokenVerifier.Predicate<DefaultActionTokenKey> ACTION_TOKEN_BASIC_CHECKS
-
-
Constructor Detail
-
DefaultActionToken
public DefaultActionToken()
Single-use random value used for verification whether the relevant action is allowed.
-
DefaultActionToken
protected DefaultActionToken(String userId, String actionId, int absoluteExpirationInSecs, UUID actionVerificationNonce)
- Parameters:
userId- User IDactionId- Action IDabsoluteExpirationInSecs- Absolute expiration time in seconds in timezone of Keycloak.actionVerificationNonce-
-
DefaultActionToken
protected DefaultActionToken(String userId, String actionId, int absoluteExpirationInSecs, UUID actionVerificationNonce, String compoundAuthenticationSessionId)
- Parameters:
userId- User IDactionId- Action IDabsoluteExpirationInSecs- Absolute expiration time in seconds in timezone of Keycloak.actionVerificationNonce-
-
-
Method Detail
-
getCompoundAuthenticationSessionId
public String getCompoundAuthenticationSessionId()
-
setCompoundAuthenticationSessionId
public final void setCompoundAuthenticationSessionId(String authenticationSessionId)
-
getNotes
public Map<String,String> getNotes()
Description copied from interface:SingleUseObjectValueModelReturns unmodifiable map of all notes.- Specified by:
getNotesin interfaceSingleUseObjectValueModel- Returns:
- see description. Returns empty map if no note is set, never returns
null.
-
getNote
public String getNote(String name)
Description copied from interface:SingleUseObjectValueModelReturns value of the given note (ornullwhen no note of this name is present)- Specified by:
getNotein interfaceSingleUseObjectValueModel- Returns:
- see description
-
setNote
public final String setNote(String name, String value)
Sets value of the given note- Returns:
- original value (or
nullwhen no value was present)
-
removeNote
public final String removeNote(String name)
Removes given note, and returns original value (ornullwhen no value was present)- Returns:
- see description
-
setEmail
public void setEmail(String email)
-
getEmail
public String getEmail()
-
serialize
public String serialize(KeycloakSession session, RealmModel realm, javax.ws.rs.core.UriInfo uri)
Updates the following fields and serializes this token into a signed JWT. The list of updated fields follows:id: random nonceissuedAt: Current timeissuer: URI of the given realmaudience: URI of the given realm (same as issuer)
- Parameters:
session-realm-uri-- Returns:
-
-