Class AuthenticationSessionManager

java.lang.Object
org.keycloak.services.managers.AuthenticationSessionManager

public class AuthenticationSessionManager extends Object
Author:
Marek Posolda
  • Field Details

  • Constructor Details

    • AuthenticationSessionManager

      public AuthenticationSessionManager(KeycloakSession session)
  • Method Details

    • createAuthenticationSession

      public RootAuthenticationSessionModel createAuthenticationSession(RealmModel realm, boolean browserCookie)
      Creates a fresh authentication session for the given realm . Optionally sets the browser authentication session cookie AUTH_SESSION_ID with the ID of the new session.
      Parameters:
      realm -
      browserCookie - Set the cookie in the browser for the
      Returns:
    • getCurrentRootAuthenticationSession

      public RootAuthenticationSessionModel getCurrentRootAuthenticationSession(RealmModel realm)
    • getUserSessionFromAuthCookie

      public UserSessionModel getUserSessionFromAuthCookie(RealmModel realm)
    • getCurrentAuthenticationSession

      public AuthenticationSessionModel getCurrentAuthenticationSession(RealmModel realm, ClientModel client, String tabId)
      Returns current authentication session if it exists, otherwise returns null.
      Parameters:
      realm -
      Returns:
    • setAuthSessionCookie

      public void setAuthSessionCookie(String authSessionId, RealmModel realm)
      Parameters:
      authSessionId - decoded authSessionId (without route info attached)
      realm -
    • removeAuthenticationSession

      public void removeAuthenticationSession(RealmModel realm, AuthenticationSessionModel authSession, boolean expireRestartCookie)
    • removeTabIdInAuthenticationSession

      public boolean removeTabIdInAuthenticationSession(RealmModel realm, AuthenticationSessionModel authSession)
      Remove authentication session from root session. Possibly remove whole root authentication session if there are no other browser tabs
      Parameters:
      realm -
      authSession -
      Returns:
      true if whole root authentication session was removed. False just if single tab was removed
    • updateAuthenticationSessionAfterSuccessfulAuthentication

      public void updateAuthenticationSessionAfterSuccessfulAuthentication(RealmModel realm, AuthenticationSessionModel authSession)
      This happens when one browser tab successfully finished authentication (including required actions and consent screen if applicable) Just authenticationSession of the current browser tab is removed from "root authentication session" and other tabs are kept, so authentication can be automatically finished in other browser tabs (typically with authChecker.js javascript)
      Parameters:
      realm -
      authSession -
    • getUserSession

      public UserSessionModel getUserSession(AuthenticationSessionModel authSession)
    • getAuthenticationSessionByIdAndClient

      public AuthenticationSessionModel getAuthenticationSessionByIdAndClient(RealmModel realm, String authSessionId, ClientModel client, String tabId)