Package org.keycloak.protocol.oidc

Class OIDCLoginProtocolFactory

java.lang.Object

org.keycloak.protocol.AbstractLoginProtocolFactory

org.keycloak.protocol.oidc.OIDCLoginProtocolFactory

All Implemented Interfaces:

LoginProtocolFactory, ProviderFactory<LoginProtocol>

public class OIDCLoginProtocolFactory
extends AbstractLoginProtocolFactory

Version:

$Revision: 1 $

Author:

Bill Burke

Field Summary

Fields

Modifier and Type	Field	Description
static final String	ACR
static final String	ACR_SCOPE
static final String	ADDRESS
static final String	ADDRESS_SCOPE_CONSENT_TEXT
static final String	ALLOWED_WEB_ORIGINS
static final String	AUDIENCE_RESOLVE
static final String	BASIC_SCOPE
static final String	BIRTHDATE
static final String	CLIENT_ROLES
static final String	CONFIG_OIDC_ALLOW_MULTIPLE_AUDIENCES_FOR_JWT_CLIENT_AUTHENTICATION	Deprecated. To be removed in Keycloak 27
static final String	CONFIG_OIDC_REQ_PARAMS_FAIL_FAST
static final String	CONFIG_OIDC_REQ_PARAMS_MAX_NUMBER
static final String	CONFIG_OIDC_REQ_PARAMS_MAX_OVERALL_SIZE
static final String	CONFIG_OIDC_REQ_PARAMS_MAX_SIZE
static final String	EMAIL
static final String	EMAIL_SCOPE_CONSENT_TEXT
static final String	EMAIL_VERIFIED
static final String	FAMILY_NAME
static final String	FULL_NAME
static final String	GENDER
static final String	GIVEN_NAME
static final String	GROUPS
static final String	LOCALE
static final String	MICROPROFILE_JWT_SCOPE
static final String	MIDDLE_NAME
static final String	NICKNAME
static final String	OFFLINE_ACCESS_SCOPE_CONSENT_TEXT
static final String	ORGANIZATION
static final String	ORGANIZATION_SCOPE_CONSENT_TEXT
static final String	PHONE_NUMBER
static final String	PHONE_NUMBER_VERIFIED
static final String	PHONE_SCOPE_CONSENT_TEXT
static final String	PICTURE
static final String	PROFILE_CLAIM
static final String	PROFILE_SCOPE_CONSENT_TEXT
static final String	REALM_ROLES
static final String	ROLES_SCOPE
static final String	ROLES_SCOPE_CONSENT_TEXT
static final String	UPDATED_AT
static final String	UPN
static final String	USERNAME
static final String	WEB_ORIGINS_SCOPE
static final String	WEBSITE
static final String	ZONEINFO

Constructor Summary

Constructors

Constructor	Description
OIDCLoginProtocolFactory()

Method Summary

Modifier and Type	Method	Description
ClientScopeModel	addAcrClientScope(RealmModel newRealm)
ClientScopeModel	addBasicClientScope(RealmModel newRealm)
protected void	addDefaults(ClientModel client)
ClientScopeModel	addMicroprofileJWTClientScope(RealmModel newRealm)	Adds the microprofile-jwt optional client scope to the specified realm.
ClientScopeModel	addRolesClientScope(RealmModel newRealm)
ClientScopeModel	addServiceAccountClientScope(RealmModel newRealm)
ClientScopeModel	addWebOriginsClientScope(RealmModel newRealm)
LoginProtocol	create(KeycloakSession session)
protected void	createDefaultClientScopesImpl(RealmModel newRealm)	Impl should create default client scopes.
Object	createProtocolEndpoint(KeycloakSession session, EventBuilder event)
Map<String,ProtocolMapperModel>	getBuiltinMappers()	List of built in protocol mappers that can be used to apply to clients.
String	getId()
void	init(Config.Scope config)	Only called once when the factory is first created.
void	setupClientDefaults(ClientRepresentation rep, ClientModel newClient)	Setup default values for new clients.

Methods inherited from class org.keycloak.protocol.AbstractLoginProtocolFactory

addDefaultClientScopes, addDefaultClientScopes, close, createDefaultClientScopes, postInit

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.provider.ProviderFactory

dependsOn, getConfigMetadata, order

Field Details

USERNAME

public static final String USERNAME

See Also:

• Constant Field Values

EMAIL

public static final String EMAIL

See Also:

• Constant Field Values

EMAIL_VERIFIED

public static final String EMAIL_VERIFIED

See Also:

• Constant Field Values

GIVEN_NAME

public static final String GIVEN_NAME

See Also:

• Constant Field Values

FAMILY_NAME

public static final String FAMILY_NAME

See Also:

• Constant Field Values

MIDDLE_NAME

public static final String MIDDLE_NAME

See Also:

• Constant Field Values

NICKNAME

public static final String NICKNAME

See Also:

• Constant Field Values

PROFILE_CLAIM

public static final String PROFILE_CLAIM

See Also:

• Constant Field Values

PICTURE

public static final String PICTURE

See Also:

• Constant Field Values

WEBSITE

public static final String WEBSITE

See Also:

• Constant Field Values

GENDER

public static final String GENDER

See Also:

• Constant Field Values

BIRTHDATE

public static final String BIRTHDATE

See Also:

• Constant Field Values

ZONEINFO

public static final String ZONEINFO

See Also:

• Constant Field Values

UPDATED_AT

public static final String UPDATED_AT

See Also:

• Constant Field Values

FULL_NAME

public static final String FULL_NAME

See Also:

• Constant Field Values

LOCALE

public static final String LOCALE

See Also:

• Constant Field Values

ADDRESS

public static final String ADDRESS

See Also:

• Constant Field Values

PHONE_NUMBER

public static final String PHONE_NUMBER

See Also:

• Constant Field Values

PHONE_NUMBER_VERIFIED

public static final String PHONE_NUMBER_VERIFIED

See Also:

• Constant Field Values

REALM_ROLES

public static final String REALM_ROLES

See Also:

• Constant Field Values

CLIENT_ROLES

public static final String CLIENT_ROLES

See Also:

• Constant Field Values

AUDIENCE_RESOLVE

public static final String AUDIENCE_RESOLVE

See Also:

• Constant Field Values

ALLOWED_WEB_ORIGINS

public static final String ALLOWED_WEB_ORIGINS

See Also:

• Constant Field Values

ACR

public static final String ACR

See Also:

• Constant Field Values

ORGANIZATION

public static final String ORGANIZATION

See Also:

• Constant Field Values

UPN

public static final String UPN

See Also:

• Constant Field Values

GROUPS

public static final String GROUPS

See Also:

• Constant Field Values

ROLES_SCOPE

public static final String ROLES_SCOPE

See Also:

• Constant Field Values

WEB_ORIGINS_SCOPE

public static final String WEB_ORIGINS_SCOPE

See Also:

• Constant Field Values

MICROPROFILE_JWT_SCOPE

public static final String MICROPROFILE_JWT_SCOPE

See Also:

• Constant Field Values

ACR_SCOPE

public static final String ACR_SCOPE

See Also:

• Constant Field Values

BASIC_SCOPE

public static final String BASIC_SCOPE

See Also:

• Constant Field Values

PROFILE_SCOPE_CONSENT_TEXT

public static final String PROFILE_SCOPE_CONSENT_TEXT

See Also:

• Constant Field Values

EMAIL_SCOPE_CONSENT_TEXT

public static final String EMAIL_SCOPE_CONSENT_TEXT

See Also:

• Constant Field Values

ADDRESS_SCOPE_CONSENT_TEXT

public static final String ADDRESS_SCOPE_CONSENT_TEXT

See Also:

• Constant Field Values

PHONE_SCOPE_CONSENT_TEXT

public static final String PHONE_SCOPE_CONSENT_TEXT

See Also:

• Constant Field Values

OFFLINE_ACCESS_SCOPE_CONSENT_TEXT

public static final String OFFLINE_ACCESS_SCOPE_CONSENT_TEXT

See Also:

• Constant Field Values

ROLES_SCOPE_CONSENT_TEXT

public static final String ROLES_SCOPE_CONSENT_TEXT

See Also:

• Constant Field Values

ORGANIZATION_SCOPE_CONSENT_TEXT

public static final String ORGANIZATION_SCOPE_CONSENT_TEXT

See Also:

• Constant Field Values

CONFIG_OIDC_REQ_PARAMS_MAX_NUMBER

public static final String CONFIG_OIDC_REQ_PARAMS_MAX_NUMBER

See Also:

• Constant Field Values

CONFIG_OIDC_REQ_PARAMS_MAX_SIZE

public static final String CONFIG_OIDC_REQ_PARAMS_MAX_SIZE

See Also:

• Constant Field Values

CONFIG_OIDC_REQ_PARAMS_MAX_OVERALL_SIZE

public static final String CONFIG_OIDC_REQ_PARAMS_MAX_OVERALL_SIZE

See Also:

• Constant Field Values

CONFIG_OIDC_REQ_PARAMS_FAIL_FAST

public static final String CONFIG_OIDC_REQ_PARAMS_FAIL_FAST

See Also:

• Constant Field Values

CONFIG_OIDC_ALLOW_MULTIPLE_AUDIENCES_FOR_JWT_CLIENT_AUTHENTICATION

public static final String CONFIG_OIDC_ALLOW_MULTIPLE_AUDIENCES_FOR_JWT_CLIENT_AUTHENTICATION

Deprecated.

To be removed in Keycloak 27

See Also:

• Constant Field Values

Constructor Details

OIDCLoginProtocolFactory

public OIDCLoginProtocolFactory()

Method Details

init

public void init(Config.Scope config)

Description copied from interface: ProviderFactory

Only called once when the factory is first created. This config is pulled from keycloak_server.json

Specified by:

init in interface ProviderFactory<LoginProtocol>

Overrides:

init in class AbstractLoginProtocolFactory

create

public LoginProtocol create(KeycloakSession session)

getBuiltinMappers

public Map<String,ProtocolMapperModel> getBuiltinMappers()

Description copied from interface: LoginProtocolFactory

List of built in protocol mappers that can be used to apply to clients.

Returns:

createDefaultClientScopesImpl

protected void createDefaultClientScopesImpl(RealmModel newRealm)

Description copied from class: AbstractLoginProtocolFactory

Impl should create default client scopes. This is called usually when new realm is created

Specified by:

createDefaultClientScopesImpl in class AbstractLoginProtocolFactory

addRolesClientScope

public ClientScopeModel addRolesClientScope(RealmModel newRealm)

addWebOriginsClientScope

public ClientScopeModel addWebOriginsClientScope(RealmModel newRealm)

addMicroprofileJWTClientScope

public ClientScopeModel addMicroprofileJWTClientScope(RealmModel newRealm)

Adds the microprofile-jwt optional client scope to the specified realm. If a microprofile-jwt client scope already exists in the realm then the existing scope is returned. Otherwise, a new scope is created and returned.

Parameters:

newRealm - the realm to which the microprofile-jwt scope is to be added.

Returns:

a reference to the microprofile-jwt client scope that was either created or already exists in the realm.

addAcrClientScope

public ClientScopeModel addAcrClientScope(RealmModel newRealm)

addBasicClientScope

public ClientScopeModel addBasicClientScope(RealmModel newRealm)

addServiceAccountClientScope

public ClientScopeModel addServiceAccountClientScope(RealmModel newRealm)

addDefaults

protected void addDefaults(ClientModel client)

Specified by:

addDefaults in class AbstractLoginProtocolFactory

createProtocolEndpoint

public Object createProtocolEndpoint(KeycloakSession session,
 EventBuilder event)

getId

public String getId()

setupClientDefaults

public void setupClientDefaults(ClientRepresentation rep,
 ClientModel newClient)

Description copied from interface: LoginProtocolFactory

Setup default values for new clients. This expects that the representation has already set up the client