Package org.keycloak.protocol.oidc

Class AccessTokenIntrospectionProvider<T extends AccessToken>

java.lang.Object

org.keycloak.protocol.oidc.AccessTokenIntrospectionProvider<T>

All Implemented Interfaces:

TokenIntrospectionProvider, Provider

Direct Known Subclasses:

RefreshTokenIntrospectionProvider, RPTIntrospectionProvider

public class AccessTokenIntrospectionProvider<T extends AccessToken>
extends Object
implements TokenIntrospectionProvider

Author:

Pedro Igor

Field Summary

Fields

Modifier and Type	Field	Description
protected ClientModel	client
protected EventBuilder	eventBuilder
protected final RealmModel	realm
protected final KeycloakSession	session
protected T	token
protected final TokenManager	tokenManager
protected UserModel	user
protected UserSessionModel	userSession

Constructor Summary

Constructors

Constructor	Description
AccessTokenIntrospectionProvider(KeycloakSession session)

Method Summary

Modifier and Type	Method	Description
void	close()
protected Class<T>	getTokenClass()
jakarta.ws.rs.core.Response	introspect(String tokenStr, EventBuilder eventBuilder)	Introspect the token.
protected boolean	introspectionChecks(String tokenStr)	Performs introspection checks related to token, client, userSession, user etc.
AccessToken	transformAccessToken(AccessToken token, UserSessionModel userSession)
protected boolean	verifyClient()
protected boolean	verifyToken(String tokenStr)
protected boolean	verifyTokenReuse()
protected UserSessionUtil.UserSessionValidationResult	verifyUserSession()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

session

protected final KeycloakSession session

tokenManager

protected final TokenManager tokenManager

realm

protected final RealmModel realm

eventBuilder

protected EventBuilder eventBuilder

token

protected T extends AccessToken token

client

protected ClientModel client

userSession

protected UserSessionModel userSession

user

protected UserModel user

Constructor Details

AccessTokenIntrospectionProvider

public AccessTokenIntrospectionProvider(KeycloakSession session)

Method Details

introspect

public jakarta.ws.rs.core.Response introspect(String tokenStr,
 EventBuilder eventBuilder)

Description copied from interface: TokenIntrospectionProvider

Introspect the token.

Specified by:

introspect in interface TokenIntrospectionProvider

Parameters:

tokenStr - the token to introspect.

Returns:

the response with the information about the token

transformAccessToken

public AccessToken transformAccessToken(AccessToken token,
 UserSessionModel userSession)

introspectionChecks

protected boolean introspectionChecks(String tokenStr)

Performs introspection checks related to token, client, userSession, user etc. If some of the checks failed, this method is supposed to already set an error event. If all the checks are successful, the instance variables are supposed to be set

Returns:

true just if all the checks are working

verifyToken

protected boolean verifyToken(String tokenStr)

getTokenClass

protected Class<T> getTokenClass()

verifyClient

protected boolean verifyClient()

verifyUserSession

protected UserSessionUtil.UserSessionValidationResult verifyUserSession()

verifyTokenReuse

protected boolean verifyTokenReuse()

close

public void close()

Specified by:

close in interface Provider