Package org.keycloak.authentication.authenticators.util

Class AuthenticatorUtils

java.lang.Object

org.keycloak.authentication.authenticators.util.AuthenticatorUtils

public final class AuthenticatorUtils
extends Object

Author:

Vaclav Muzikar <vmuzikar@redhat.com>

Constructor Summary

Constructors

Constructor	Description
AuthenticatorUtils()

Method Summary

Modifier and Type	Method	Description
static void	dummyHash(AuthenticationFlowContext context)	This method exists to simulate hashing of some "dummy" password.
static String	getDisabledByBruteForceEventError(AuthenticationFlowContext authnFlowContext, UserModel authenticatedUser)
static String	getDisabledByBruteForceEventError(BruteForceProtector protector, KeycloakSession session, RealmModel realm, UserModel user)
static Map<String,Integer>	parseCompletedExecutions(String note)	Get all completed authenticator executions from the user session notes.
static void	processRememberMe(AuthenticationFlowContext context, jakarta.ws.rs.core.MultivaluedMap<String,String> inputData)	Process the rememberMe input for authentication.
static void	setupReauthenticationInUsernamePasswordFormError(AuthenticationFlowContext context)
static void	updateCompletedExecutions(AuthenticationSessionModel authSession, UserSessionModel userSession, String executionId)	Update the completed authenticators note on the new auth session

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AuthenticatorUtils

public AuthenticatorUtils()

Method Details

getDisabledByBruteForceEventError

public static String getDisabledByBruteForceEventError(BruteForceProtector protector,
 KeycloakSession session,
 RealmModel realm,
 UserModel user)

getDisabledByBruteForceEventError

public static String getDisabledByBruteForceEventError(AuthenticationFlowContext authnFlowContext,
 UserModel authenticatedUser)

dummyHash

public static void dummyHash(AuthenticationFlowContext context)

This method exists to simulate hashing of some "dummy" password. The purpose is to make the user enumeration harder, so the authentication request with non-existing username also need to simulate the password hashing overhead and takes same time like the request with existing username, but incorrect password.

Parameters:

context -

parseCompletedExecutions

public static Map<String,Integer> parseCompletedExecutions(String note)

Get all completed authenticator executions from the user session notes.

Parameters:

note - The serialized note value to parse

Returns:

A list of execution ids that were successfully completed to create this authentication session

updateCompletedExecutions

public static void updateCompletedExecutions(AuthenticationSessionModel authSession,
 UserSessionModel userSession,
 String executionId)

Update the completed authenticators note on the new auth session

Parameters:

authSession - The current authentication session

userSession - The previous user session

executionId - The completed execution id

setupReauthenticationInUsernamePasswordFormError

public static void setupReauthenticationInUsernamePasswordFormError(AuthenticationFlowContext context)

processRememberMe

public static void processRememberMe(AuthenticationFlowContext context,
 jakarta.ws.rs.core.MultivaluedMap<String,String> inputData)

Process the rememberMe input for authentication. If the inputData contains the rememberMe attribute set to on and the realm is configured with the rememberMe option, the auth note is added to the authentication session; otherwise, the note is removed from the auth session.

Parameters:

context - The flow context

inputData - The form data