Package org.keycloak.authentication

Interface ClientAuthenticatorFactory

All Superinterfaces:
ConfigurableAuthenticatorFactory, ConfiguredPerClientProvider, ConfiguredProvider, ProviderFactory<ClientAuthenticator>
All Known Implementing Classes:
AbstractClientAuthenticator, ClientIdAndSecretAuthenticator, FederatedJWTClientAuthenticator, JWTClientAuthenticator, JWTClientSecretAuthenticator, X509ClientAuthenticator
public interface ClientAuthenticatorFactory extends ProviderFactory<ClientAuthenticator>, ConfigurableAuthenticatorFactory, ConfiguredPerClientProvider
Factory for creating ClientAuthenticator instances. This is a singleton and created when Keycloak boots. You must specify a file META-INF/services/org.keycloak.authentication.ClientAuthenticatorFactory in the jar that this class is contained in This file must have the fully qualified class name of all your ClientAuthenticatorFactory classes
Author:
Marek Posolda

  • Method Details

    • create

      ClientAuthenticator create()

    • isConfigurable

      boolean isConfigurable()
      Is this authenticator configurable globally?
      Specified by:
      isConfigurable in interface ConfigurableAuthenticatorFactory
      Returns:

    • getAdapterConfiguration

      Map<String,Object> getAdapterConfiguration(KeycloakSession session, ClientModel client)
      Get configuration, which needs to be used for adapter ( keycloak.json ) of particular client. Some implementations may return just template and user needs to edit the values according to his environment (For example fill the location of keystore file)
      Returns:

    • getProtocolAuthenticatorMethods

      Set<String> getProtocolAuthenticatorMethods(String loginProtocol)
      Get authentication methods for the specified protocol
      Parameters:
      loginProtocol - corresponds to ProviderFactory.getId()
      Returns:
      name of supported client authenticator methods in the protocol specific "language"

    • getProtocolAuthenticatorMethod

      default String getProtocolAuthenticatorMethod(ClientRepresentation client)
      Get protocol authentication method, which is set on the specified client.
      Parameters:
      client - client whose authentication method will be returned
      Returns:
      Client authentication method as specified in the related protocol specification. For example "client_secret_basic", "client_secret_post" or "private_key_jwt" might be used as returned values.

    • setClientAuthenticationMethod

      default void setClientAuthenticationMethod(ClientRepresentation client, String protocolAuthMethod)
      Set specified client authentication method to the specified client
      Parameters:
      client - client to update
      protocolAuthMethod - Client authentication method as specified in the related protocol specification. For example "client_secret_basic", "client_secret_post" or "private_key_jwt" might be used as values of this parameter.

    • supportsSecret

      default boolean supportsSecret()
      Is this authenticator supports client secret?
      Returns:
      if it supports secret