Package org.keycloak.social.gitlab

Class GitLabIdentityProvider

java.lang.Object

org.keycloak.broker.provider.AbstractIdentityProvider<C>

org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider<OIDCIdentityProviderConfig>

org.keycloak.broker.oidc.OIDCIdentityProvider

org.keycloak.social.gitlab.GitLabIdentityProvider

All Implemented Interfaces:

ClientAssertionIdentityProvider, ExchangeExternalToken, ExchangeTokenToIdentityProviderToken, IdentityProvider<OIDCIdentityProviderConfig>, SocialIdentityProvider<OIDCIdentityProviderConfig>, Provider

public class GitLabIdentityProvider
extends OIDCIdentityProvider
implements SocialIdentityProvider<OIDCIdentityProviderConfig>

Author:

Stian Thorgersen

Nested Class Summary

Nested classes/interfaces inherited from class org.keycloak.broker.oidc.OIDCIdentityProvider

OIDCIdentityProvider.OIDCEndpoint

Nested classes/interfaces inherited from class org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

AbstractOAuth2IdentityProvider.Endpoint, AbstractOAuth2IdentityProvider.OAuthResponse

Nested classes/interfaces inherited from interface org.keycloak.broker.provider.IdentityProvider

IdentityProvider.AuthenticationCallback

Field Summary

Fields

Modifier and Type	Field	Description
static final String	AUTH_URL
static final String	READ_USER_SCOPE
static final String	TOKEN_URL
static final String	USER_INFO

Fields inherited from class org.keycloak.broker.oidc.OIDCIdentityProvider

EXCHANGE_PROVIDER, FEDERATED_ACCESS_TOKEN_RESPONSE, FEDERATED_ID_TOKEN, logger, SCOPE_OPENID, VALIDATED_ACCESS_TOKEN, VALIDATED_ID_TOKEN

Fields inherited from class org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

ACCESS_DENIED, ACCESS_TOKEN_EXPIRATION, FEDERATED_REFRESH_TOKEN, FEDERATED_TOKEN_EXPIRATION, mapper, OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE, OAUTH2_GRANT_TYPE_REFRESH_TOKEN, OAUTH2_PARAMETER_ACCESS_TOKEN, OAUTH2_PARAMETER_CLIENT_ID, OAUTH2_PARAMETER_CLIENT_SECRET, OAUTH2_PARAMETER_CODE, OAUTH2_PARAMETER_GRANT_TYPE, OAUTH2_PARAMETER_REDIRECT_URI, OAUTH2_PARAMETER_RESPONSE_TYPE, OAUTH2_PARAMETER_SCOPE, OAUTH2_PARAMETER_STATE

Fields inherited from class org.keycloak.broker.provider.AbstractIdentityProvider

ACCOUNT_LINK_URL, BROKER_REGISTERED_NEW_USER, session, UPDATE_PROFILE_EMAIL_CHANGED, UPDATE_PROFILE_USERNAME_CHANGED

Fields inherited from interface org.keycloak.broker.provider.IdentityProvider

EXTERNAL_IDENTITY_PROVIDER, FEDERATED_ACCESS_TOKEN

Constructor Summary

Constructors

Constructor	Description
GitLabIdentityProvider(KeycloakSession session, OIDCIdentityProviderConfig config)

Method Summary

Modifier and Type	Method	Description
protected BrokeredIdentityContext	exchangeExternalTokenV1Impl(EventBuilder event, jakarta.ws.rs.core.MultivaluedMap<String,String> params)	Usage with token-exchange V1
protected BrokeredIdentityContext	extractIdentity(AccessTokenResponse tokenResponse, String accessToken, JsonWebToken idToken)
protected BrokeredIdentityContext	extractIdentityFromProfile(EventBuilder event, com.fasterxml.jackson.databind.JsonNode profile)
protected String	getProfileEndpointForValidation(EventBuilder event)
protected String	getusernameClaimNameForIdToken()
protected String	getUsernameFromUserInfo(com.fasterxml.jackson.databind.JsonNode userInfo)
boolean	isIssuer(String issuer, jakarta.ws.rs.core.MultivaluedMap<String,String> params)
protected boolean	supportsExternalExchange()

Methods inherited from class org.keycloak.broker.oidc.OIDCIdentityProvider

authenticationFinished, backchannelLogout, backchannelLogout, callback, createAuthorizationUrl, exchangeExternalTokenV2Impl, exchangeSessionToken, exchangeStoredToken, getDefaultScopes, getFederatedIdentity, getIdentityProviderKeyWrapper, getUserInfoUrl, isAuthTimeExpired, isTokenTypeSupported, keycloakInitiatedBrowserLogout, parseTokenInput, preprocessFederatedIdentity, processAccessTokenResponse, refreshTokenForLogout, reloadKeys, setEmailVerified, validateExternalTokenThroughUserInfo, validateJwt, validateToken, validateToken, verify, verifyClientAssertion

Methods inherited from class org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider

asJsonNode, authenticateTokenRequest, buildUserInfoRequest, doGetFederatedIdentity, exchangeExternal, exchangeExternalComplete, exchangeExternalUserInfoValidationOnly, exchangeFromToken, extractTokenFromResponse, generateToken, getAccessTokenResponseParameter, getConfig, getJsonProperty, getRefreshTokenRequest, getSignatureContext, hasExternalExchangeToken, performLogin, retrieveToken, sendTokenIntrospectionRequest, supportsLongStateParameter, validateExternalTokenWithIntrospectionEndpoint

Methods inherited from class org.keycloak.broker.provider.AbstractIdentityProvider

close, exchangeErrorResponse, exchangeNotLinked, exchangeNotLinkedNoStore, exchangeNotSupported, exchangeTokenExpired, exchangeUnsupportedRequiredType, export, getLinkingUrl, getMarshaller, importNewUser, updateBrokeredUser, updateEmail

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.broker.provider.ExchangeExternalToken

exchangeExternal, exchangeExternalComplete

Methods inherited from interface org.keycloak.broker.provider.IdentityProvider

authenticationFinished, backchannelLogout, callback, export, getConfig, getMarshaller, importNewUser, isMapperSupported, keycloakInitiatedBrowserLogout, performLogin, preprocessFederatedIdentity, reloadKeys, retrieveToken, supportsLongStateParameter, updateBrokeredUser

Methods inherited from interface org.keycloak.provider.Provider

close

Field Details

AUTH_URL

public static final String AUTH_URL

See Also:

• Constant Field Values

TOKEN_URL

public static final String TOKEN_URL

See Also:

• Constant Field Values

USER_INFO

public static final String USER_INFO

See Also:

• Constant Field Values

READ_USER_SCOPE

public static final String READ_USER_SCOPE

See Also:

• Constant Field Values

Constructor Details

GitLabIdentityProvider

public GitLabIdentityProvider(KeycloakSession session,
 OIDCIdentityProviderConfig config)

Method Details

getUsernameFromUserInfo

protected String getUsernameFromUserInfo(com.fasterxml.jackson.databind.JsonNode userInfo)

Overrides:

getUsernameFromUserInfo in class OIDCIdentityProvider

getusernameClaimNameForIdToken

protected String getusernameClaimNameForIdToken()

Overrides:

getusernameClaimNameForIdToken in class OIDCIdentityProvider

supportsExternalExchange

protected boolean supportsExternalExchange()

Overrides:

supportsExternalExchange in class OIDCIdentityProvider

getProfileEndpointForValidation

protected String getProfileEndpointForValidation(EventBuilder event)

Overrides:

getProfileEndpointForValidation in class OIDCIdentityProvider

isIssuer

public boolean isIssuer(String issuer,
 jakarta.ws.rs.core.MultivaluedMap<String,String> params)

Specified by:

isIssuer in interface ExchangeExternalToken

Overrides:

isIssuer in class OIDCIdentityProvider

exchangeExternalTokenV1Impl

protected BrokeredIdentityContext exchangeExternalTokenV1Impl(EventBuilder event,
 jakarta.ws.rs.core.MultivaluedMap<String,String> params)

Description copied from class: AbstractOAuth2IdentityProvider

Usage with token-exchange V1

Overrides:

exchangeExternalTokenV1Impl in class OIDCIdentityProvider

Parameters:

event - event builder

params - parameters of the token-exchange request

Returns:

brokered identity context with the details about user from the IDP

extractIdentityFromProfile

protected BrokeredIdentityContext extractIdentityFromProfile(EventBuilder event,
 com.fasterxml.jackson.databind.JsonNode profile)

Overrides:

extractIdentityFromProfile in class OIDCIdentityProvider

extractIdentity

protected BrokeredIdentityContext extractIdentity(AccessTokenResponse tokenResponse,
 String accessToken,
 JsonWebToken idToken)
                                           throws IOException

Overrides:

extractIdentity in class OIDCIdentityProvider

Throws:

IOException