Package org.keycloak.authentication

Interface AuthenticationFlowContext

    • Method Detail

      • getUser

        UserModel getUser()
        Current user attached to this flow. It can return null if no user has been identified yet
        Returns:

      • setUser

        void setUser​(UserModel user)
        Attach a specific user to this flow.
        Parameters:
        user -

      • clearUser

        void clearUser()
        Clear the user from the flow.

      • getAuthenticationSession

        AuthenticationSessionModel getAuthenticationSession()
        AuthenticationSessionModel attached to this flow
        Returns:

      • getFlowPath

        String getFlowPath()
        Returns:
        current flow path (EG. authenticate, reset-credentials)

      • form

        LoginFormsProvider form()
        Create a Freemarker form builder that presets the user, action URI, and a generated access code
        Returns:

      • getActionUrl

        URI getActionUrl​(String code)
        Get the action URL for the required action.
        Parameters:
        code - authentication session access code
        Returns:

      • getActionTokenUrl

        URI getActionTokenUrl​(String tokenString)
        Get the action URL for the action token executor.
        Parameters:
        tokenString - String representation (JWT) of action token
        Returns:

      • getRefreshExecutionUrl

        URI getRefreshExecutionUrl()
        Get the refresh URL for the required action.
        Returns:

      • getRefreshUrl

        URI getRefreshUrl​(boolean authSessionIdParam)
        Get the refresh URL for the flow.
        Parameters:
        authSessionIdParam - will include auth_session query param for clients that don't process cookies
        Returns:

      • cancelLogin

        void cancelLogin()
        End the flow and redirect browser based on protocol specific respones. This should only be executed in browser-based flows.

      • resetFlow

        void resetFlow()
        Reset the current flow to the beginning and restarts it.

      • resetFlow

        void resetFlow​(Runnable afterResetListener)
        Reset the current flow to the beginning and restarts it. Allows to add additional listener, which is triggered after flow restarted

      • fork

        void fork()
        Fork the current flow. The authentication session will be cloned and set to point at the realm's browser login flow. The Response will be the result of this fork. The previous flow will still be set at the current execution. This is used by reset password when it sends an email. It sends an email linking to the current flow and redirects the browser to a new browser login flow.

      • forkWithSuccessMessage

        void forkWithSuccessMessage​(FormMessage message)
        Fork the current flow. The authentication session will be cloned and set to point at the realm's browser login flow. The Response will be the result of this fork. The previous flow will still be set at the current execution. This is used by reset password when it sends an email. It sends an email linking to the current flow and redirects the browser to a new browser login flow. This method will set up a success message that will be displayed in the first page of the new flow
        Parameters:
        message - Corresponds to raw text or a message property defined in a message bundle

      • forkWithErrorMessage

        void forkWithErrorMessage​(FormMessage message)
        Fork the current flow. The authentication session will be cloned and set to point at the realm's browser login flow. The Response will be the result of this fork. The previous flow will still be set at the current execution. This is used by reset password when it sends an email. It sends an email linking to the current flow and redirects the browser to a new browser login flow. This method will set up an error message that will be displayed in the first page of the new flow
        Parameters:
        message - Corresponds to raw text or a message property defined in a message bundle