Package org.keycloak.authentication.authenticators.client

Class ClientIdAndSecretAuthenticator

java.lang.Object
org.keycloak.authentication.authenticators.client.AbstractClientAuthenticator
org.keycloak.authentication.authenticators.client.ClientIdAndSecretAuthenticator
All Implemented Interfaces:
ClientAuthenticator, ClientAuthenticatorFactory, ConfigurableAuthenticatorFactory, ConfiguredPerClientProvider, ConfiguredProvider, Provider, ProviderFactory<ClientAuthenticator>
public class ClientIdAndSecretAuthenticator extends AbstractClientAuthenticator
Validates client based on "client_id" and "client_secret" sent either in request parameters or in "Authorization: Basic" header . See org.keycloak.adapters.authentication.ClientIdAndSecretAuthenticator for the adapter
Author:
Marek Posolda

  • Field Details

  • Constructor Details

    • ClientIdAndSecretAuthenticator

      public ClientIdAndSecretAuthenticator()

  • Method Details

    • authenticateClient

      public void authenticateClient(ClientAuthenticationFlowContext context)
      Description copied from interface: ClientAuthenticator
      Initial call for the authenticator. This method should check the current HTTP request to determine if the request satisfies the ClientAuthenticator's requirements. If it doesn't, it should send back a challenge response by calling the ClientAuthenticationFlowContext.challenge(Response).

    • getDisplayType

      public String getDisplayType()
      Description copied from interface: ConfigurableAuthenticatorFactory
      Friendly name for the authenticator
      Returns:

    • isConfigurable

      public boolean isConfigurable()
      Description copied from interface: ClientAuthenticatorFactory
      Is this authenticator configurable globally?
      Returns:

    • getRequirementChoices

      public AuthenticationExecutionModel.Requirement[] getRequirementChoices()
      Description copied from interface: ConfigurableAuthenticatorFactory
      What requirement settings are allowed.
      Returns:

    • getHelpText

      public String getHelpText()

    • getConfigProperties

      public List<ProviderConfigProperty> getConfigProperties()

    • getConfigPropertiesPerClient

      public List<ProviderConfigProperty> getConfigPropertiesPerClient()
      Description copied from interface: ConfiguredPerClientProvider
      List of config properties for this client implementation. Those will be shown in admin console in clients credentials tab and can be configured per client.
      Returns:

    • getAdapterConfiguration

      public Map<String,Object> getAdapterConfiguration(ClientModel client)
      Description copied from interface: ClientAuthenticatorFactory
      Get configuration, which needs to be used for adapter ( keycloak.json ) of particular client. Some implementations may return just template and user needs to edit the values according to his environment (For example fill the location of keystore file)
      Returns:

    • getId

      public String getId()

    • getProtocolAuthenticatorMethods

      public Set<String> getProtocolAuthenticatorMethods(String loginProtocol)
      Description copied from interface: ClientAuthenticatorFactory
      Get authentication methods for the specified protocol
      Parameters:
      loginProtocol - corresponds to ProviderFactory.getId()
      Returns:
      name of supported client authenticator methods in the protocol specific "language"

    • supportsSecret

      public boolean supportsSecret()
      Description copied from interface: ClientAuthenticatorFactory
      Is this authenticator supports client secret?
      Returns:
      if it supports secret