Class DeviceGrantType
java.lang.Object
org.keycloak.protocol.oidc.grants.OAuth2GrantTypeBase
org.keycloak.protocol.oidc.grants.device.DeviceGrantType
- All Implemented Interfaces:
OAuth2GrantType
,Provider
OAuth 2.0 Device Authorization Grant
https://datatracker.ietf.org/doc/html/rfc8628#section-3.4
- Author:
- Hiroyuki Wada, Michito Okai
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.keycloak.protocol.oidc.grants.OAuth2GrantType
OAuth2GrantType.Context
-
Field Summary
Fields inherited from class org.keycloak.protocol.oidc.grants.OAuth2GrantTypeBase
client, clientAuthAttributes, clientConfig, clientConnection, context, cors, dPoP, event, formParams, headers, realm, request, response, session, tokenManager
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic jakarta.ws.rs.core.Response
approveOAuth2DeviceAuthorization
(AuthenticationSessionModel authSession, AuthenticatedClientSessionModel clientSession, KeycloakSession session) static boolean
approveUserCode
(KeycloakSession session, RealmModel realm, String userCode, String userSessionId, Map<String, String> additionalParams) static jakarta.ws.rs.core.Response
denyOAuth2DeviceAuthorization
(AuthenticationSessionModel authSession, LoginProtocol.Error error, KeycloakSession session) static boolean
denyUserCode
(KeycloakSession session, RealmModel realm, String userCode) static OAuth2DeviceCodeModel
getDeviceByDeviceCode
(KeycloakSession session, RealmModel realm, ClientModel client, EventBuilder event, String deviceCode) Returns the event type associated with this OAuth 2.0 grant type.static boolean
isOAuth2DeviceVerificationFlow
(AuthenticationSessionModel authSession) static boolean
isPollingAllowed
(KeycloakSession session, OAuth2DeviceCodeModel deviceCodeModel) static jakarta.ws.rs.core.UriBuilder
oauth2DeviceAuthUrl
(jakarta.ws.rs.core.UriBuilder baseUriBuilder) static jakarta.ws.rs.core.UriBuilder
oauth2DeviceVerificationCompletedUrl
(jakarta.ws.rs.core.UriInfo baseUri) static jakarta.ws.rs.core.UriBuilder
oauth2DeviceVerificationUrl
(jakarta.ws.rs.core.UriInfo uriInfo) jakarta.ws.rs.core.Response
process
(OAuth2GrantType.Context context) Processes grant request.static URI
realmOAuth2DeviceVerificationAction
(URI baseUri, String realmName) static void
removeDeviceByDeviceCode
(KeycloakSession session, String deviceCode) static void
removeDeviceByUserCode
(KeycloakSession session, RealmModel realm, String userCode) Methods inherited from class org.keycloak.protocol.oidc.grants.OAuth2GrantTypeBase
checkAndBindDPoPToken, checkAndBindMtlsHoKToken, checkAndRetrieveDPoPProof, checkClient, close, createTokenResponse, getRequestedScopes, setContext, updateClientSession, updateUserSessionFromClientAuth
-
Field Details
-
OAUTH2_DEVICE_VERIFIED_USER_CODE
- See Also:
-
OAUTH2_DEVICE_USER_CODE
- See Also:
-
OAUTH2_USER_CODE_VERIFY
- See Also:
-
-
Constructor Details
-
DeviceGrantType
public DeviceGrantType()
-
-
Method Details
-
oauth2DeviceVerificationUrl
public static jakarta.ws.rs.core.UriBuilder oauth2DeviceVerificationUrl(jakarta.ws.rs.core.UriInfo uriInfo) -
realmOAuth2DeviceVerificationAction
-
oauth2DeviceAuthUrl
public static jakarta.ws.rs.core.UriBuilder oauth2DeviceAuthUrl(jakarta.ws.rs.core.UriBuilder baseUriBuilder) -
oauth2DeviceVerificationCompletedUrl
public static jakarta.ws.rs.core.UriBuilder oauth2DeviceVerificationCompletedUrl(jakarta.ws.rs.core.UriInfo baseUri) -
denyOAuth2DeviceAuthorization
public static jakarta.ws.rs.core.Response denyOAuth2DeviceAuthorization(AuthenticationSessionModel authSession, LoginProtocol.Error error, KeycloakSession session) -
approveOAuth2DeviceAuthorization
public static jakarta.ws.rs.core.Response approveOAuth2DeviceAuthorization(AuthenticationSessionModel authSession, AuthenticatedClientSessionModel clientSession, KeycloakSession session) -
isOAuth2DeviceVerificationFlow
-
getDeviceByDeviceCode
public static OAuth2DeviceCodeModel getDeviceByDeviceCode(KeycloakSession session, RealmModel realm, ClientModel client, EventBuilder event, String deviceCode) -
removeDeviceByDeviceCode
-
removeDeviceByUserCode
public static void removeDeviceByUserCode(KeycloakSession session, RealmModel realm, String userCode) -
isPollingAllowed
public static boolean isPollingAllowed(KeycloakSession session, OAuth2DeviceCodeModel deviceCodeModel) -
approveUserCode
public static boolean approveUserCode(KeycloakSession session, RealmModel realm, String userCode, String userSessionId, Map<String, String> additionalParams) -
denyUserCode
-
process
Description copied from interface:OAuth2GrantType
Processes grant request.- Parameters:
context
- grant request context- Returns:
- token response
-
getEventType
Description copied from interface:OAuth2GrantType
Returns the event type associated with this OAuth 2.0 grant type.- Returns:
- event type
-