Class DeviceGrantType
java.lang.Object
org.keycloak.protocol.oidc.grants.OAuth2GrantTypeBase
org.keycloak.protocol.oidc.grants.device.DeviceGrantType
- All Implemented Interfaces:
OAuth2GrantType,Provider
OAuth 2.0 Device Authorization Grant
https://datatracker.ietf.org/doc/html/rfc8628#section-3.4
- Author:
- Hiroyuki Wada, Michito Okai
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.keycloak.protocol.oidc.grants.OAuth2GrantType
OAuth2GrantType.Context -
Field Summary
FieldsFields inherited from class org.keycloak.protocol.oidc.grants.OAuth2GrantTypeBase
client, clientAuthAttributes, clientConfig, clientConnection, context, cors, event, formParams, headers, realm, request, response, session, tokenManager -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic jakarta.ws.rs.core.ResponseapproveOAuth2DeviceAuthorization(AuthenticationSessionModel authSession, AuthenticatedClientSessionModel clientSession, KeycloakSession session) static booleanapproveUserCode(KeycloakSession session, RealmModel realm, String userCode, String userSessionId, Map<String, String> additionalParams) static jakarta.ws.rs.core.ResponsedenyOAuth2DeviceAuthorization(AuthenticationSessionModel authSession, LoginProtocol.Error error, KeycloakSession session) static booleandenyUserCode(KeycloakSession session, RealmModel realm, String userCode) static OAuth2DeviceCodeModelgetDeviceByDeviceCode(KeycloakSession session, RealmModel realm, ClientModel client, EventBuilder event, String deviceCode) Returns the event type associated with this OAuth 2.0 grant type.static booleanisDeviceCodeDeniedForDeviceVerificationFlow(KeycloakSession session, RealmModel realm, AuthenticationSessionModel authSession) static booleanisOAuth2DeviceVerificationFlow(AuthenticationSessionModel authSession) static booleanisPollingAllowed(KeycloakSession session, OAuth2DeviceCodeModel deviceCodeModel) static jakarta.ws.rs.core.UriBuilderoauth2DeviceAuthUrl(jakarta.ws.rs.core.UriBuilder baseUriBuilder) static jakarta.ws.rs.core.UriBuilderoauth2DeviceVerificationCompletedUrl(jakarta.ws.rs.core.UriInfo baseUri) static jakarta.ws.rs.core.UriBuilderoauth2DeviceVerificationUrl(jakarta.ws.rs.core.UriInfo uriInfo) jakarta.ws.rs.core.Responseprocess(OAuth2GrantType.Context context) Processes grant request.static URIrealmOAuth2DeviceVerificationAction(URI baseUri, String realmName) static voidremoveDeviceByDeviceCode(KeycloakSession session, String deviceCode) static voidremoveDeviceByUserCode(KeycloakSession session, RealmModel realm, String userCode) Methods inherited from class org.keycloak.protocol.oidc.grants.OAuth2GrantTypeBase
addCustomTokenResponseClaims, checkAndBindMtlsHoKToken, checkClient, close, createTokenResponse, getRequestedScopes, handleMissingAuthorizationDetails, processAuthorizationDetails, setContext, updateClientSession, updateUserSessionFromClientAuthMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.keycloak.protocol.oidc.grants.OAuth2GrantType
getSupportedMultivaluedRequestParameters
-
Field Details
-
OAUTH2_DEVICE_VERIFIED_USER_CODE
- See Also:
-
OAUTH2_DEVICE_USER_CODE
- See Also:
-
OAUTH2_USER_CODE_VERIFY
- See Also:
-
-
Constructor Details
-
DeviceGrantType
public DeviceGrantType()
-
-
Method Details
-
oauth2DeviceVerificationUrl
public static jakarta.ws.rs.core.UriBuilder oauth2DeviceVerificationUrl(jakarta.ws.rs.core.UriInfo uriInfo) -
realmOAuth2DeviceVerificationAction
-
oauth2DeviceAuthUrl
public static jakarta.ws.rs.core.UriBuilder oauth2DeviceAuthUrl(jakarta.ws.rs.core.UriBuilder baseUriBuilder) -
oauth2DeviceVerificationCompletedUrl
public static jakarta.ws.rs.core.UriBuilder oauth2DeviceVerificationCompletedUrl(jakarta.ws.rs.core.UriInfo baseUri) -
denyOAuth2DeviceAuthorization
public static jakarta.ws.rs.core.Response denyOAuth2DeviceAuthorization(AuthenticationSessionModel authSession, LoginProtocol.Error error, KeycloakSession session) -
approveOAuth2DeviceAuthorization
public static jakarta.ws.rs.core.Response approveOAuth2DeviceAuthorization(AuthenticationSessionModel authSession, AuthenticatedClientSessionModel clientSession, KeycloakSession session) -
isOAuth2DeviceVerificationFlow
-
getDeviceByDeviceCode
public static OAuth2DeviceCodeModel getDeviceByDeviceCode(KeycloakSession session, RealmModel realm, ClientModel client, EventBuilder event, String deviceCode) -
isDeviceCodeDeniedForDeviceVerificationFlow
public static boolean isDeviceCodeDeniedForDeviceVerificationFlow(KeycloakSession session, RealmModel realm, AuthenticationSessionModel authSession) -
removeDeviceByDeviceCode
-
removeDeviceByUserCode
public static void removeDeviceByUserCode(KeycloakSession session, RealmModel realm, String userCode) -
isPollingAllowed
public static boolean isPollingAllowed(KeycloakSession session, OAuth2DeviceCodeModel deviceCodeModel) -
approveUserCode
public static boolean approveUserCode(KeycloakSession session, RealmModel realm, String userCode, String userSessionId, Map<String, String> additionalParams) -
denyUserCode
-
process
Description copied from interface:OAuth2GrantTypeProcesses grant request.- Parameters:
context- grant request context- Returns:
- token response
-
getEventType
Description copied from interface:OAuth2GrantTypeReturns the event type associated with this OAuth 2.0 grant type.- Returns:
- event type
-