Package org.keycloak.social.google

Class GoogleIdentityProvider

java.lang.Object

org.keycloak.broker.provider.AbstractIdentityProvider<C>

org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider<OIDCIdentityProviderConfig>

org.keycloak.broker.oidc.OIDCIdentityProvider

org.keycloak.social.google.GoogleIdentityProvider

All Implemented Interfaces:

ExchangeExternalToken, ExchangeTokenToIdentityProviderToken, IdentityProvider<OIDCIdentityProviderConfig>, SocialIdentityProvider<OIDCIdentityProviderConfig>, Provider

public class GoogleIdentityProvider
extends OIDCIdentityProvider
implements SocialIdentityProvider<OIDCIdentityProviderConfig>

Author:

Stian Thorgersen

Nested Class Summary

Nested classes/interfaces inherited from class org.keycloak.broker.oidc.OIDCIdentityProvider

OIDCIdentityProvider.OIDCEndpoint

Nested classes/interfaces inherited from class org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

AbstractOAuth2IdentityProvider.Endpoint

Nested classes/interfaces inherited from interface org.keycloak.broker.provider.IdentityProvider

IdentityProvider.AuthenticationCallback

Field Summary

Fields

Modifier and Type	Field	Description
static final String	AUTH_URL
static final String	DEFAULT_SCOPE
static final String	PROFILE_URL
static final String	TOKEN_INFO_URL
static final String	TOKEN_URL

Fields inherited from class org.keycloak.broker.oidc.OIDCIdentityProvider

ACCESS_TOKEN_EXPIRATION, EXCHANGE_PROVIDER, FEDERATED_ACCESS_TOKEN_RESPONSE, FEDERATED_ID_TOKEN, logger, SCOPE_OPENID, USER_INFO, VALIDATED_ACCESS_TOKEN, VALIDATED_ID_TOKEN

Fields inherited from class org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

ACCESS_DENIED, FEDERATED_REFRESH_TOKEN, FEDERATED_TOKEN_EXPIRATION, mapper, OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE, OAUTH2_GRANT_TYPE_REFRESH_TOKEN, OAUTH2_PARAMETER_ACCESS_TOKEN, OAUTH2_PARAMETER_CLIENT_ID, OAUTH2_PARAMETER_CLIENT_SECRET, OAUTH2_PARAMETER_CODE, OAUTH2_PARAMETER_GRANT_TYPE, OAUTH2_PARAMETER_REDIRECT_URI, OAUTH2_PARAMETER_RESPONSE_TYPE, OAUTH2_PARAMETER_SCOPE, OAUTH2_PARAMETER_STATE

Fields inherited from class org.keycloak.broker.provider.AbstractIdentityProvider

ACCOUNT_LINK_URL, BROKER_REGISTERED_NEW_USER, session, UPDATE_PROFILE_EMAIL_CHANGED, UPDATE_PROFILE_USERNAME_CHANGED

Fields inherited from interface org.keycloak.broker.provider.IdentityProvider

EXTERNAL_IDENTITY_PROVIDER, FEDERATED_ACCESS_TOKEN

Constructor Summary

Constructors

Constructor	Description
GoogleIdentityProvider(KeycloakSession session, GoogleIdentityProviderConfig config)

Method Summary

Modifier and Type	Method	Description
protected jakarta.ws.rs.core.UriBuilder	createAuthorizationUrl(AuthenticationRequest request)
protected BrokeredIdentityContext	exchangeExternalTokenV1Impl(EventBuilder event, jakarta.ws.rs.core.MultivaluedMap<String,String> params)	Usage with token-exchange V1
protected BrokeredIdentityContext	exchangeExternalTokenV2Impl(TokenExchangeContext tokenExchangeContext)	Usage with external-internal token-exchange v2.
protected String	getDefaultScopes()
protected String	getUserInfoUrl()
boolean	isIssuer(String issuer, jakarta.ws.rs.core.MultivaluedMap<String,String> params)
protected boolean	supportsExternalExchange()
protected JsonWebToken	validateToken(String encodedToken, boolean ignoreAudience)

Methods inherited from class org.keycloak.broker.oidc.OIDCIdentityProvider

authenticationFinished, backchannelLogout, backchannelLogout, callback, exchangeSessionToken, exchangeStoredToken, extractIdentity, extractIdentityFromProfile, getFederatedIdentity, getIdentityProviderKeyWrapper, getProfileEndpointForValidation, getRefreshTokenRequest, getusernameClaimNameForIdToken, getUsernameFromUserInfo, isAuthTimeExpired, isTokenTypeSupported, keycloakInitiatedBrowserLogout, parseTokenInput, preprocessFederatedIdentity, processAccessTokenResponse, refreshTokenForLogout, reloadKeys, setEmailVerified, validateExternalTokenThroughUserInfo, validateJwt, validateToken, verify

Methods inherited from class org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

asJsonNode, authenticateTokenRequest, buildUserInfoRequest, doGetFederatedIdentity, exchangeExternal, exchangeExternalComplete, exchangeExternalUserInfoValidationOnly, exchangeFromToken, extractTokenFromResponse, generateToken, getAccessTokenResponseParameter, getConfig, getJsonProperty, getSignatureContext, hasExternalExchangeToken, performLogin, retrieveToken

Methods inherited from class org.keycloak.broker.provider.AbstractIdentityProvider

close, exchangeErrorResponse, exchangeNotLinked, exchangeNotLinkedNoStore, exchangeNotSupported, exchangeTokenExpired, exchangeUnsupportedRequiredType, export, getLinkingUrl, getMarshaller, importNewUser, updateBrokeredUser, updateEmail

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.broker.provider.ExchangeExternalToken

exchangeExternal, exchangeExternalComplete

Methods inherited from interface org.keycloak.broker.provider.IdentityProvider

authenticationFinished, backchannelLogout, callback, export, getConfig, getMarshaller, importNewUser, isMapperSupported, keycloakInitiatedBrowserLogout, performLogin, preprocessFederatedIdentity, reloadKeys, retrieveToken, supportsLongStateParameter, updateBrokeredUser

Methods inherited from interface org.keycloak.provider.Provider

close

Field Details

AUTH_URL

public static final String AUTH_URL

See Also:

• Constant Field Values

TOKEN_URL

public static final String TOKEN_URL

See Also:

• Constant Field Values

PROFILE_URL

public static final String PROFILE_URL

See Also:

• Constant Field Values

TOKEN_INFO_URL

public static final String TOKEN_INFO_URL

See Also:

• Constant Field Values

DEFAULT_SCOPE

public static final String DEFAULT_SCOPE

See Also:

• Constant Field Values

Constructor Details

GoogleIdentityProvider

public GoogleIdentityProvider(KeycloakSession session,
 GoogleIdentityProviderConfig config)

Method Details

getDefaultScopes

protected String getDefaultScopes()

Overrides:

getDefaultScopes in class OIDCIdentityProvider

getUserInfoUrl

protected String getUserInfoUrl()

Overrides:

getUserInfoUrl in class OIDCIdentityProvider

supportsExternalExchange

protected boolean supportsExternalExchange()

Overrides:

supportsExternalExchange in class OIDCIdentityProvider

isIssuer

public boolean isIssuer(String issuer,
 jakarta.ws.rs.core.MultivaluedMap<String,String> params)

Specified by:

isIssuer in interface ExchangeExternalToken

Overrides:

isIssuer in class OIDCIdentityProvider

exchangeExternalTokenV1Impl

protected BrokeredIdentityContext exchangeExternalTokenV1Impl(EventBuilder event,
 jakarta.ws.rs.core.MultivaluedMap<String,String> params)

Description copied from class: AbstractOAuth2IdentityProvider

Usage with token-exchange V1

Overrides:

exchangeExternalTokenV1Impl in class OIDCIdentityProvider

Parameters:

event - event builder

params - parameters of the token-exchange request

Returns:

brokered identity context with the details about user from the IDP

exchangeExternalTokenV2Impl

protected BrokeredIdentityContext exchangeExternalTokenV2Impl(TokenExchangeContext tokenExchangeContext)

Description copied from class: AbstractOAuth2IdentityProvider

Usage with external-internal token-exchange v2.

Overrides:

exchangeExternalTokenV2Impl in class AbstractOAuth2IdentityProvider<OIDCIdentityProviderConfig>

Parameters:

tokenExchangeContext - data about token-exchange request

Returns:

brokered identity context with the details about user from the IDP

createAuthorizationUrl

protected jakarta.ws.rs.core.UriBuilder createAuthorizationUrl(AuthenticationRequest request)

Overrides:

createAuthorizationUrl in class OIDCIdentityProvider

validateToken

protected JsonWebToken validateToken(String encodedToken,
 boolean ignoreAudience)

Overrides:

validateToken in class OIDCIdentityProvider