Package org.keycloak.broker.oidc

Class KeycloakOIDCIdentityProvider

java.lang.Object

org.keycloak.broker.provider.AbstractIdentityProvider<C>

org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider<OIDCIdentityProviderConfig>

org.keycloak.broker.oidc.OIDCIdentityProvider

org.keycloak.broker.oidc.KeycloakOIDCIdentityProvider

All Implemented Interfaces:

ClientAssertionIdentityProvider, ExchangeExternalToken, ExchangeTokenToIdentityProviderToken, IdentityProvider<OIDCIdentityProviderConfig>, Provider

public class KeycloakOIDCIdentityProvider
extends OIDCIdentityProvider

Version:

$Revision: 1 $

Author:

Bill Burke

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
protected static class	KeycloakOIDCIdentityProvider.KeycloakEndpoint

Nested classes/interfaces inherited from class org.keycloak.broker.oidc.OIDCIdentityProvider

OIDCIdentityProvider.OIDCEndpoint

Nested classes/interfaces inherited from class org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

AbstractOAuth2IdentityProvider.Endpoint, AbstractOAuth2IdentityProvider.OAuthResponse

Nested classes/interfaces inherited from interface org.keycloak.broker.provider.IdentityProvider

IdentityProvider.AuthenticationCallback

Field Summary

Fields inherited from class org.keycloak.broker.oidc.OIDCIdentityProvider

EXCHANGE_PROVIDER, FEDERATED_ACCESS_TOKEN_RESPONSE, FEDERATED_ID_TOKEN, logger, SCOPE_OPENID, USER_INFO, VALIDATED_ACCESS_TOKEN, VALIDATED_ID_TOKEN

Fields inherited from class org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

ACCESS_DENIED, ACCESS_TOKEN_EXPIRATION, FEDERATED_REFRESH_TOKEN, FEDERATED_TOKEN_EXPIRATION, mapper, OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE, OAUTH2_GRANT_TYPE_REFRESH_TOKEN, OAUTH2_PARAMETER_ACCESS_TOKEN, OAUTH2_PARAMETER_CLIENT_ID, OAUTH2_PARAMETER_CLIENT_SECRET, OAUTH2_PARAMETER_CODE, OAUTH2_PARAMETER_GRANT_TYPE, OAUTH2_PARAMETER_REDIRECT_URI, OAUTH2_PARAMETER_RESPONSE_TYPE, OAUTH2_PARAMETER_SCOPE, OAUTH2_PARAMETER_STATE

Fields inherited from class org.keycloak.broker.provider.AbstractIdentityProvider

ACCOUNT_LINK_URL, BROKER_REGISTERED_NEW_USER, session, UPDATE_PROFILE_EMAIL_CHANGED, UPDATE_PROFILE_USERNAME_CHANGED

Fields inherited from interface org.keycloak.broker.provider.IdentityProvider

EXTERNAL_IDENTITY_PROVIDER, FEDERATED_ACCESS_TOKEN

Constructor Summary

Constructors

Constructor	Description
KeycloakOIDCIdentityProvider(KeycloakSession session, OIDCIdentityProviderConfig config)

Method Summary

Modifier and Type	Method	Description
Object	callback(RealmModel realm, IdentityProvider.AuthenticationCallback callback, EventBuilder event)	JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.
protected BrokeredIdentityContext	exchangeExternalTokenV1Impl(EventBuilder event, jakarta.ws.rs.core.MultivaluedMap<String,String> params)	Usage with token-exchange V1

Methods inherited from class org.keycloak.broker.oidc.OIDCIdentityProvider

authenticationFinished, backchannelLogout, backchannelLogout, createAuthorizationUrl, exchangeExternalTokenV2Impl, exchangeSessionToken, exchangeStoredToken, extractIdentity, extractIdentityFromProfile, getDefaultScopes, getFederatedIdentity, getIdentityProviderKeyWrapper, getProfileEndpointForValidation, getUserInfoUrl, getusernameClaimNameForIdToken, getUsernameFromUserInfo, isAuthTimeExpired, isIssuer, isTokenTypeSupported, keycloakInitiatedBrowserLogout, parseTokenInput, preprocessFederatedIdentity, processAccessTokenResponse, refreshTokenForLogout, reloadKeys, setEmailVerified, supportsExternalExchange, validateExternalTokenThroughUserInfo, validateJwt, validateToken, validateToken, verify, verifyClientAssertion

Methods inherited from class org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

asJsonNode, authenticateTokenRequest, buildUserInfoRequest, doGetFederatedIdentity, exchangeExternal, exchangeExternalComplete, exchangeExternalUserInfoValidationOnly, exchangeFromToken, extractTokenFromResponse, generateToken, getAccessTokenResponseParameter, getConfig, getJsonProperty, getRefreshTokenRequest, getSignatureContext, hasExternalExchangeToken, performLogin, retrieveToken, sendTokenIntrospectionRequest, supportsLongStateParameter, validateExternalTokenWithIntrospectionEndpoint

Methods inherited from class org.keycloak.broker.provider.AbstractIdentityProvider

close, exchangeErrorResponse, exchangeNotLinked, exchangeNotLinkedNoStore, exchangeNotSupported, exchangeTokenExpired, exchangeUnsupportedRequiredType, export, getLinkingUrl, getMarshaller, importNewUser, updateBrokeredUser, updateEmail

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.broker.provider.ExchangeExternalToken

exchangeExternal, exchangeExternalComplete

Methods inherited from interface org.keycloak.broker.provider.IdentityProvider

isMapperSupported

Constructor Details

KeycloakOIDCIdentityProvider

public KeycloakOIDCIdentityProvider(KeycloakSession session,
 OIDCIdentityProviderConfig config)

Method Details

callback

public Object callback(RealmModel realm,
 IdentityProvider.AuthenticationCallback callback,
 EventBuilder event)

Description copied from interface: IdentityProvider

JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.

Specified by:

callback in interface IdentityProvider<OIDCIdentityProviderConfig>

Overrides:

callback in class OIDCIdentityProvider

Returns:

exchangeExternalTokenV1Impl

protected BrokeredIdentityContext exchangeExternalTokenV1Impl(EventBuilder event,
 jakarta.ws.rs.core.MultivaluedMap<String,String> params)

Description copied from class: AbstractOAuth2IdentityProvider

Usage with token-exchange V1

Overrides:

exchangeExternalTokenV1Impl in class OIDCIdentityProvider

Parameters:

event - event builder

params - parameters of the token-exchange request

Returns:

brokered identity context with the details about user from the IDP