Package org.keycloak.protocol.oid4vc.issuance

Class OID4VCAuthorizationDetailsProcessor

java.lang.Object

org.keycloak.protocol.oid4vc.issuance.OID4VCAuthorizationDetailsProcessor

All Implemented Interfaces:

AuthorizationDetailsProcessor<OID4VCAuthorizationDetail>, Provider

public class OID4VCAuthorizationDetailsProcessor
extends Object
implements AuthorizationDetailsProcessor<OID4VCAuthorizationDetail>

Constructor Summary

Constructors

Constructor	Description
OID4VCAuthorizationDetailsProcessor(KeycloakSession session)

Method Summary

Modifier and Type	Method	Description
void	close()
Class<OID4VCAuthorizationDetail>	getSupportedResponseJavaType()
String	getSupportedType()
List<OID4VCAuthorizationDetail>	handleMissingAuthorizationDetails(UserSessionModel userSession, ClientSessionContext clientSessionCtx)	Method is invoked in cases when authorization_details parameter is missing in the request.
boolean	isSupported()	Checks if this processor should be regarded as supported in the running context.
OID4VCAuthorizationDetail	process(UserSessionModel userSession, ClientSessionContext clientSessionCtx, AuthorizationDetailsJSONRepresentation authzDetail)	Processes the authorization_details parameter and returns a response if this processor is able to handle the given authorization_details parameter.
OID4VCAuthorizationDetail	processStoredAuthorizationDetails(UserSessionModel userSession, ClientSessionContext clientSessionCtx, AuthorizationDetailsJSONRepresentation storedAuthDetails)	Method is invoked when authorization_details was used in the authorization request but is missing from the token request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.protocol.oidc.rar.AuthorizationDetailsProcessor

getSupportedAuthorizationDetails

Constructor Details

OID4VCAuthorizationDetailsProcessor

public OID4VCAuthorizationDetailsProcessor(KeycloakSession session)

Method Details

isSupported

public boolean isSupported()

Description copied from interface: AuthorizationDetailsProcessor

Checks if this processor should be regarded as supported in the running context.

Specified by:

isSupported in interface AuthorizationDetailsProcessor<OID4VCAuthorizationDetail>

getSupportedType

public String getSupportedType()

Specified by:

getSupportedType in interface AuthorizationDetailsProcessor<OID4VCAuthorizationDetail>

Returns:

supported type of authorization_details "type" claim, which this processor is able to process. This should usually correspond with the "providerId" of the AuthorizationDetailsProcessorFactory, which created this processor

getSupportedResponseJavaType

public Class<OID4VCAuthorizationDetail> getSupportedResponseJavaType()

Specified by:

getSupportedResponseJavaType in interface AuthorizationDetailsProcessor<OID4VCAuthorizationDetail>

Returns:

supported Java type of AuthorizationDetailsJSONRepresentation subclass, which this processor can create in the token response

process

public OID4VCAuthorizationDetail process(UserSessionModel userSession,
 ClientSessionContext clientSessionCtx,
 AuthorizationDetailsJSONRepresentation authzDetail)

Description copied from interface: AuthorizationDetailsProcessor

Processes the authorization_details parameter and returns a response if this processor is able to handle the given authorization_details parameter.

Specified by:

process in interface AuthorizationDetailsProcessor<OID4VCAuthorizationDetail>

Parameters:

userSession - the user session

clientSessionCtx - the client session context

authzDetail - the authorization_details member (usually one member from the list) sent in the "authorization_details" request parameter

Returns:

authorization details response if this processor can handle the parameter, null if the parameter is incompatible with this processor

handleMissingAuthorizationDetails

public List<OID4VCAuthorizationDetail> handleMissingAuthorizationDetails(UserSessionModel userSession,
 ClientSessionContext clientSessionCtx)

Description copied from interface: AuthorizationDetailsProcessor

Method is invoked in cases when authorization_details parameter is missing in the request. It allows processor to generate authorization details response in such a case

Specified by:

handleMissingAuthorizationDetails in interface AuthorizationDetailsProcessor<OID4VCAuthorizationDetail>

Parameters:

userSession - the user session

clientSessionCtx - the client session context

Returns:

authorization details response if this processor can handle current request in case that authorization_details parameter was not provided

processStoredAuthorizationDetails

public OID4VCAuthorizationDetail processStoredAuthorizationDetails(UserSessionModel userSession,
 ClientSessionContext clientSessionCtx,
 AuthorizationDetailsJSONRepresentation storedAuthDetails)
                                                            throws InvalidAuthorizationDetailsException

Description copied from interface: AuthorizationDetailsProcessor

Method is invoked when authorization_details was used in the authorization request but is missing from the token request. This method should process the stored authorization_details and ensure they are returned in the token response.

Specified by:

processStoredAuthorizationDetails in interface AuthorizationDetailsProcessor<OID4VCAuthorizationDetail>

Parameters:

userSession - the user session

clientSessionCtx - the client session context

storedAuthDetails - the parsed member (usually one member of the list) from the authorization_details parameter that were stored during the authorization request

Returns:

authorization details response if this processor can handle the stored authorization_details, null if the processor cannot handle the stored authorization_details

Throws:

InvalidAuthorizationDetailsException

close

public void close()

Specified by:

close in interface Provider