Package org.keycloak.credential
Class WebAuthnCredentialProvider
java.lang.Object
org.keycloak.credential.WebAuthnCredentialProvider
- All Implemented Interfaces:
CredentialInputValidator,CredentialProvider<WebAuthnCredentialModel>,Provider
- Direct Known Subclasses:
WebAuthnPasswordlessCredentialProvider
public class WebAuthnCredentialProvider
extends Object
implements CredentialProvider<WebAuthnCredentialModel>, CredentialInputValidator
Credential provider for WebAuthn 2-factor credential of the user
-
Constructor Summary
ConstructorsConstructorDescriptionWebAuthnCredentialProvider(KeycloakSession session, com.webauthn4j.converter.util.ObjectConverter objectConverter) -
Method Summary
Modifier and TypeMethodDescriptioncreateCredential(RealmModel realm, UserModel user, WebAuthnCredentialModel credentialModel) booleandeleteCredential(RealmModel realm, UserModel user, String credentialId) voiddumpCredentialModel(WebAuthnCredentialModel credential, WebAuthnCredentialModelInput auth) getCredentialModelFromCredentialInput(CredentialInput input, String userLabel) Convert WebAuthn credential input to the model, which can be saved in the persistent storage (DB)getCredentialTypeMetadata(CredentialTypeMetadataContext metadataContext) protected KeycloakSessiongetType()protected com.webauthn4j.WebAuthnAuthenticationManagerprotected WebAuthnPolicybooleanisConfiguredFor(RealmModel realm, UserModel user, String credentialType) booleanisValid(RealmModel realm, UserModel user, CredentialInput input) Tests whether a credential is validbooleansupportsCredentialType(String credentialType) Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.keycloak.credential.CredentialProvider
close, getCredentialMetadata, getDefaultCredential, supportsCredentialType
-
Constructor Details
-
WebAuthnCredentialProvider
public WebAuthnCredentialProvider(KeycloakSession session, com.webauthn4j.converter.util.ObjectConverter objectConverter)
-
-
Method Details
-
createCredential
public CredentialModel createCredential(RealmModel realm, UserModel user, WebAuthnCredentialModel credentialModel) - Specified by:
createCredentialin interfaceCredentialProvider<WebAuthnCredentialModel>
-
deleteCredential
- Specified by:
deleteCredentialin interfaceCredentialProvider<WebAuthnCredentialModel>
-
getCredentialFromModel
- Specified by:
getCredentialFromModelin interfaceCredentialProvider<WebAuthnCredentialModel>
-
getCredentialModelFromCredentialInput
public WebAuthnCredentialModel getCredentialModelFromCredentialInput(CredentialInput input, String userLabel) Convert WebAuthn credential input to the model, which can be saved in the persistent storage (DB)- Parameters:
input- should be typically WebAuthnCredentialModelInputuserLabel- label for the credential
-
supportsCredentialType
- Specified by:
supportsCredentialTypein interfaceCredentialInputValidator- Specified by:
supportsCredentialTypein interfaceCredentialProvider<WebAuthnCredentialModel>
-
isConfiguredFor
- Specified by:
isConfiguredForin interfaceCredentialInputValidator
-
isValid
Description copied from interface:CredentialInputValidatorTests whether a credential is valid- Specified by:
isValidin interfaceCredentialInputValidator- Parameters:
realm- The realm in which to which the credential belongs touser- The user for which to test the credentialinput- the credential details to verify- Returns:
- true if the passed secret is correct
-
getWebAuthnAuthenticationManager
protected com.webauthn4j.WebAuthnAuthenticationManager getWebAuthnAuthenticationManager() -
getWebAuthnPolicy
-
getType
- Specified by:
getTypein interfaceCredentialProvider<WebAuthnCredentialModel>
-
dumpCredentialModel
public void dumpCredentialModel(WebAuthnCredentialModel credential, WebAuthnCredentialModelInput auth) -
getCredentialTypeMetadata
public CredentialTypeMetadata getCredentialTypeMetadata(CredentialTypeMetadataContext metadataContext) - Specified by:
getCredentialTypeMetadatain interfaceCredentialProvider<WebAuthnCredentialModel>
-
getKeycloakSession
-