Package org.keycloak.authentication.authenticators.util

Class LoAUtil

java.lang.Object

org.keycloak.authentication.authenticators.util.LoAUtil

public class LoAUtil
extends Object

Author:

Marek Posolda

Constructor Summary

Constructors

Constructor	Description
LoAUtil()

Method Summary

Modifier and Type	Method	Description
static Map<String,Integer>	getCredentialTypesToLoAMap(KeycloakSession session, RealmModel realm, AuthenticationFlowModel topFlow)	Return map where: - keys are credential types corresponding to authenticators available in given authentication flow - values are LoA levels of those credentials in the given flow (If not step-up authentication is used, values will be always Constants.NO_LOA) For instance if we have password as level1 and OTP or WebAuthn as available level2 authenticators it can return map like: { "password" -> 1, "otp" -> 2 "webauthn" -> 2 }
static int	getCurrentLevelOfAuthentication(AuthenticatedClientSessionModel clientSession)
static Integer	getLevelFromLoaConditionConfiguration(AuthenticatorConfigModel loaConditionConfig)
static Stream<Integer>	getLoAConfiguredInRealmBrowserFlow(RealmModel realm)
static Map<Integer,Integer>	getLoaMaxAgesConfiguredInRealmBrowserFlow(RealmModel realm)
static Map<Integer,Integer>	getLoaMaxAgesConfiguredInRealmFlow(RealmModel realm, String flowId)
static int	getMaxAgeFromLoaConditionConfiguration(AuthenticatorConfigModel loaConditionConfig)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

LoAUtil

public LoAUtil()

Method Details

getCurrentLevelOfAuthentication

public static int getCurrentLevelOfAuthentication(AuthenticatedClientSessionModel clientSession)

Parameters:

clientSession -

Returns:

current level from client session

getLoAConfiguredInRealmBrowserFlow

public static Stream<Integer> getLoAConfiguredInRealmBrowserFlow(RealmModel realm)

Parameters:

realm -

Returns:

All LoA numbers configured in the conditions in the realm browser flow

getLoaMaxAgesConfiguredInRealmBrowserFlow

public static Map<Integer,Integer> getLoaMaxAgesConfiguredInRealmBrowserFlow(RealmModel realm)

Parameters:

realm -

Returns:

All LoA numbers configured in the conditions in the realm browser flow. Key is level, Value is maxAge for particular level

getLoaMaxAgesConfiguredInRealmFlow

public static Map<Integer,Integer> getLoaMaxAgesConfiguredInRealmFlow(RealmModel realm,
 String flowId)

Parameters:

realm -

flowId -

Returns:

All LoA numbers configured in the conditions in the realm flow @{param flowId}. Key is level, Vaue is maxAge for particular level

getLevelFromLoaConditionConfiguration

public static Integer getLevelFromLoaConditionConfiguration(AuthenticatorConfigModel loaConditionConfig)

getMaxAgeFromLoaConditionConfiguration

public static int getMaxAgeFromLoaConditionConfiguration(AuthenticatorConfigModel loaConditionConfig)

getCredentialTypesToLoAMap

public static Map<String,Integer> getCredentialTypesToLoAMap(KeycloakSession session,
 RealmModel realm,
 AuthenticationFlowModel topFlow)

Return map where: - keys are credential types corresponding to authenticators available in given authentication flow - values are LoA levels of those credentials in the given flow (If not step-up authentication is used, values will be always Constants.NO_LOA) For instance if we have password as level1 and OTP or WebAuthn as available level2 authenticators it can return map like: { "password" -> 1, "otp" -> 2 "webauthn" -> 2 }

Parameters:

session -

realm -

topFlow -

Returns:

map as described above. Never returns null, but can return empty map.