Package org.keycloak.social.microsoft

Class MicrosoftIdentityProvider

java.lang.Object

org.keycloak.broker.provider.AbstractIdentityProvider<C>

org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

org.keycloak.social.microsoft.MicrosoftIdentityProvider

All Implemented Interfaces:

ExchangeExternalToken, ExchangeTokenToIdentityProviderToken, IdentityProvider, SocialIdentityProvider, Provider

public class MicrosoftIdentityProvider
extends AbstractOAuth2IdentityProvider
implements SocialIdentityProvider

Identity provider for Microsoft account. Uses OAuth 2 protocol of Microsoft Graph as documented at https://docs.microsoft.com/en-us/onedrive/developer/rest-api/getting-started/graph-oauth

Author:

Vlastimil Elias (velias at redhat dot com)

Nested Class Summary

Nested classes/interfaces inherited from class org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

AbstractOAuth2IdentityProvider.Endpoint, AbstractOAuth2IdentityProvider.OAuthResponse

Nested classes/interfaces inherited from interface org.keycloak.broker.provider.IdentityProvider

IdentityProvider.AuthenticationCallback

Field Summary

Fields inherited from class org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

ACCESS_DENIED, ACCESS_TOKEN_EXPIRATION, FEDERATED_REFRESH_TOKEN, FEDERATED_TOKEN_EXPIRATION, logger, mapper, OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE, OAUTH2_GRANT_TYPE_REFRESH_TOKEN, OAUTH2_PARAMETER_ACCESS_TOKEN, OAUTH2_PARAMETER_CLIENT_ID, OAUTH2_PARAMETER_CLIENT_SECRET, OAUTH2_PARAMETER_CODE, OAUTH2_PARAMETER_GRANT_TYPE, OAUTH2_PARAMETER_REDIRECT_URI, OAUTH2_PARAMETER_RESPONSE_TYPE, OAUTH2_PARAMETER_SCOPE, OAUTH2_PARAMETER_STATE

Fields inherited from class org.keycloak.broker.provider.AbstractIdentityProvider

ACCOUNT_LINK_URL, BROKER_REGISTERED_NEW_USER, session, UPDATE_PROFILE_EMAIL_CHANGED, UPDATE_PROFILE_USERNAME_CHANGED

Fields inherited from interface org.keycloak.broker.provider.IdentityProvider

EXTERNAL_IDENTITY_PROVIDER, FEDERATED_ACCESS_TOKEN

Constructor Summary

Constructors

Constructor	Description
MicrosoftIdentityProvider(KeycloakSession session, MicrosoftIdentityProviderConfig config)

Method Summary

Modifier and Type	Method	Description
protected BrokeredIdentityContext	doGetFederatedIdentity(String accessToken)
protected BrokeredIdentityContext	extractIdentityFromProfile(EventBuilder event, com.fasterxml.jackson.databind.JsonNode profile)
protected String	getDefaultScopes()
protected String	getProfileEndpointForValidation(EventBuilder event)
protected boolean	supportsExternalExchange()

Methods inherited from class org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

asJsonNode, authenticateTokenRequest, authenticationFinished, buildUserInfoRequest, callback, createAuthorizationUrl, exchangeExternal, exchangeExternalComplete, exchangeExternalTokenV1Impl, exchangeExternalTokenV2Impl, exchangeExternalUserInfoValidationOnly, exchangeFromToken, exchangeSessionToken, exchangeStoredToken, extractTokenFromResponse, generateToken, getAccessTokenResponseParameter, getConfig, getFederatedIdentity, getJsonProperty, getRefreshTokenRequest, getSignatureContext, hasExternalExchangeToken, isIssuer, performLogin, retrieveToken, sendTokenIntrospectionRequest, supportsLongStateParameter, validateExternalTokenThroughUserInfo, validateExternalTokenWithIntrospectionEndpoint

Methods inherited from class org.keycloak.broker.provider.AbstractIdentityProvider

backchannelLogout, close, exchangeErrorResponse, exchangeNotLinked, exchangeNotLinkedNoStore, exchangeNotSupported, exchangeTokenExpired, exchangeUnsupportedRequiredType, export, getLinkingUrl, getMarshaller, importNewUser, keycloakInitiatedBrowserLogout, preprocessFederatedIdentity, setEmailVerified, updateBrokeredUser, updateEmail

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.broker.provider.IdentityProvider

authenticationFinished, backchannelLogout, callback, export, getConfig, getMarshaller, importNewUser, isMapperSupported, keycloakInitiatedBrowserLogout, performLogin, preprocessFederatedIdentity, reloadKeys, retrieveToken, supportsLongStateParameter, updateBrokeredUser

Methods inherited from interface org.keycloak.provider.Provider

close

Constructor Details

MicrosoftIdentityProvider

public MicrosoftIdentityProvider(KeycloakSession session,
 MicrosoftIdentityProviderConfig config)

Method Details

supportsExternalExchange

protected boolean supportsExternalExchange()

Overrides:

supportsExternalExchange in class AbstractOAuth2IdentityProvider

getProfileEndpointForValidation

protected String getProfileEndpointForValidation(EventBuilder event)

Overrides:

getProfileEndpointForValidation in class AbstractOAuth2IdentityProvider

doGetFederatedIdentity

protected BrokeredIdentityContext doGetFederatedIdentity(String accessToken)

Overrides:

doGetFederatedIdentity in class AbstractOAuth2IdentityProvider

extractIdentityFromProfile

protected BrokeredIdentityContext extractIdentityFromProfile(EventBuilder event,
 com.fasterxml.jackson.databind.JsonNode profile)

Overrides:

extractIdentityFromProfile in class AbstractOAuth2IdentityProvider

getDefaultScopes

protected String getDefaultScopes()

Specified by:

getDefaultScopes in class AbstractOAuth2IdentityProvider