Package org.keycloak.credential

Interface CredentialProvider<T extends CredentialModel>

All Superinterfaces:

Provider

All Known Implementing Classes:

OTPCredentialProvider, PasswordCredentialProvider, RecoveryAuthnCodesCredentialProvider, WebAuthnCredentialProvider, WebAuthnPasswordlessCredentialProvider

public interface CredentialProvider<T extends CredentialModel>
extends Provider

Version:

$Revision: 1 $

Author:

Bill Burke

Method Summary

Modifier and Type	Method	Description
default void	close()
CredentialModel	createCredential(RealmModel realm, UserModel user, T credentialModel)
boolean	deleteCredential(RealmModel realm, UserModel user, String credentialId)
default T	getCredentialForPresentationFromModel(CredentialModel model)	Get the credential (usually stored credential retrieved from the DB) and decorates it with additional metadata to be present for example in the admin console.
T	getCredentialFromModel(CredentialModel model)
default CredentialMetadata	getCredentialMetadata(T credentialModel, CredentialTypeMetadata credentialTypeMetadata)
CredentialTypeMetadata	getCredentialTypeMetadata(CredentialTypeMetadataContext metadataContext)
default T	getDefaultCredential(KeycloakSession session, RealmModel realm, UserModel user)
String	getType()
default boolean	supportsCredentialType(String type)
default boolean	supportsCredentialType(CredentialModel credential)

Method Details

close

default void close()

Specified by:

close in interface Provider

getType

String getType()

createCredential

CredentialModel createCredential(RealmModel realm,
 UserModel user,
 T credentialModel)

deleteCredential

boolean deleteCredential(RealmModel realm,
 UserModel user,
 String credentialId)

getCredentialFromModel

T getCredentialFromModel(CredentialModel model)

getCredentialForPresentationFromModel

default T getCredentialForPresentationFromModel(CredentialModel model)

Get the credential (usually stored credential retrieved from the DB) and decorates it with additional metadata to be present for example in the admin console. Those additional metadata could be various metadata, which are not saved in the DB, but can be retrieved from saved data to be presented to admins/users in the nice way (For example display "authenticator Provider" for WebAuthn credential based on the AAGUID of WebAuthn credential)

Parameters:

model - stored credential retrieved from the DB

Returns:

credential model useful for the presentation (not necessarily only stored data, but possibly some other metadata added)

getDefaultCredential

default T getDefaultCredential(KeycloakSession session,
 RealmModel realm,
 UserModel user)

getCredentialTypeMetadata

CredentialTypeMetadata getCredentialTypeMetadata(CredentialTypeMetadataContext metadataContext)

getCredentialMetadata

default CredentialMetadata getCredentialMetadata(T credentialModel,
 CredentialTypeMetadata credentialTypeMetadata)

supportsCredentialType

default boolean supportsCredentialType(CredentialModel credential)

supportsCredentialType

default boolean supportsCredentialType(String type)