Package org.keycloak.protocol.oidc.tokenexchange

Class ExternalToInternalTokenExchangeProvider

java.lang.Object

org.keycloak.protocol.oidc.tokenexchange.AbstractTokenExchangeProvider

org.keycloak.protocol.oidc.tokenexchange.StandardTokenExchangeProvider

org.keycloak.protocol.oidc.tokenexchange.ExternalToInternalTokenExchangeProvider

All Implemented Interfaces:

TokenExchangeProvider, Provider

public class ExternalToInternalTokenExchangeProvider
extends StandardTokenExchangeProvider

Provider for external-internal token exchange

Author:

Marek Posolda

Nested Class Summary

Nested classes/interfaces inherited from class org.keycloak.protocol.oidc.tokenexchange.AbstractTokenExchangeProvider

AbstractTokenExchangeProvider.ExternalExchangeContext

Field Summary

Fields inherited from class org.keycloak.protocol.oidc.tokenexchange.AbstractTokenExchangeProvider

client, clientAuthAttributes, clientConnection, context, cors, event, formParams, headers, params, realm, session, tokenManager

Constructor Summary

Constructors

Constructor	Description
ExternalToInternalTokenExchangeProvider()

Method Summary

Modifier and Type	Method	Description
protected jakarta.ws.rs.core.Response	exchangeExternalToken(String subjectIssuer, String subjectToken)
protected String	getRequestedTokenType()
protected List<String>	getSupportedOAuthResponseTokenTypes()
int	getVersion()
boolean	supports(TokenExchangeContext context)	Check if exchange request is supported by this provider
protected jakarta.ws.rs.core.Response	tokenExchange()

Methods inherited from class org.keycloak.protocol.oidc.tokenexchange.StandardTokenExchangeProvider

checkRequestedAudiences, exchangeClientToOIDCClient, exchangeClientToSAML2Client, getRequestedScope, validateAudience, validateConsents

Methods inherited from class org.keycloak.protocol.oidc.tokenexchange.AbstractTokenExchangeProvider

close, createSessionModel, exchange, exchangeClientToClient, exchangeToIdentityProvider, forbiddenIfClientIsNotTokenHolder, forbiddenIfClientIsNotWithinTokenAudience, getSubjectIssuer, getTargetAudienceClients, importUserFromExternalIdentity, isExternalInternalTokenExchangeRequest, locateExchangeExternalTokenByAlias, setClientToContext, updateUserSessionFromClientAuth

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ExternalToInternalTokenExchangeProvider

public ExternalToInternalTokenExchangeProvider()

Method Details

supports

public boolean supports(TokenExchangeContext context)

Description copied from interface: TokenExchangeProvider

Check if exchange request is supported by this provider

Specified by:

supports in interface TokenExchangeProvider

Overrides:

supports in class StandardTokenExchangeProvider

Parameters:

context - token exchange context

Returns:

true if the request is supported

getVersion

public int getVersion()

Specified by:

getVersion in interface TokenExchangeProvider

Overrides:

getVersion in class StandardTokenExchangeProvider

Returns:

version of the token-exchange provider. Could be useful by various components (like for example identity-providers), which need to interact with the token-exchange provider to doublecheck if it should have a "legacy" behaviour (for older version of token-exchange provider) or a "new" behaviour

tokenExchange

protected jakarta.ws.rs.core.Response tokenExchange()

Overrides:

tokenExchange in class StandardTokenExchangeProvider

getSupportedOAuthResponseTokenTypes

protected List<String> getSupportedOAuthResponseTokenTypes()

Overrides:

getSupportedOAuthResponseTokenTypes in class StandardTokenExchangeProvider

getRequestedTokenType

protected String getRequestedTokenType()

Overrides:

getRequestedTokenType in class StandardTokenExchangeProvider

exchangeExternalToken

protected jakarta.ws.rs.core.Response exchangeExternalToken(String subjectIssuer,
 String subjectToken)

Overrides:

exchangeExternalToken in class AbstractTokenExchangeProvider