Package org.keycloak.authentication.actiontoken

Interface ActionTokenHandler<T extends JsonWebToken>

Type Parameters:

T - Class implementing the action token

All Superinterfaces:

Provider

All Known Implementing Classes:

AbstractActionTokenHandler, ExecuteActionsActionTokenHandler, IdpVerifyAccountLinkActionTokenHandler, ResetCredentialsActionTokenHandler, UpdateEmailActionTokenHandler, VerifyEmailActionTokenHandler

public interface ActionTokenHandler<T extends JsonWebToken>
extends Provider

Handler of the action token.

Author:

hmlnarik

Method Summary

Modifier and Type	Method	Description
boolean	canUseTokenRepeatedly(T token, ActionTokenContext<T> tokenContext)	Returns true when the token can be used repeatedly to invoke the action, false when the token is intended to be for single use only.
EventType	eventType()	Returns a event type logged with EventBuilder class.
String	getAuthenticationSessionIdFromToken(T token, ActionTokenContext<T> tokenContext, AuthenticationSessionModel currentAuthSession)	Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.
String	getDefaultErrorMessage()	Returns an error to be shown in the response when token handling fails and no more specific error message is provided.
String	getDefaultEventError()	Returns an error to be shown in the EventBuilder detail when token handling fails and no more specific error is provided.
Class<T>	getTokenClass()	Returns the Java token class for use with deserialization.
default TokenVerifier.Predicate<? super T>[]	getVerifiers(ActionTokenContext<T> tokenContext)	Returns an array of verifiers that are tested prior to handling the token.
javax.ws.rs.core.Response	handleToken(T token, ActionTokenContext<T> tokenContext)	Performs the action as per the token details.
AuthenticationSessionModel	startFreshAuthenticationSession(T token, ActionTokenContext<T> tokenContext)	Creates a fresh authentication session according to the information from the token.

Methods inherited from interface org.keycloak.provider.Provider

close

Method Detail

handleToken

javax.ws.rs.core.Response handleToken(T token,
                                      ActionTokenContext<T> tokenContext)

Performs the action as per the token details. This method is only called if all verifiers returned in handleToken(T, org.keycloak.authentication.actiontoken.ActionTokenContext<T>) succeed.

Parameters:

token -

tokenContext -

Returns:

getTokenClass

Class<T> getTokenClass()

Returns the Java token class for use with deserialization.

Returns:

getVerifiers

default TokenVerifier.Predicate<? super T>[] getVerifiers(ActionTokenContext<T> tokenContext)

Returns an array of verifiers that are tested prior to handling the token. All verifiers have to pass successfully for token to be handled. The returned array must not be null.

Parameters:

tokenContext -

Returns:

Verifiers or an empty array. The returned array must not be null.

getAuthenticationSessionIdFromToken

String getAuthenticationSessionIdFromToken(T token,
                                           ActionTokenContext<T> tokenContext,
                                           AuthenticationSessionModel currentAuthSession)

Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.

Parameters:

token - Token. Can be null

tokenContext -

currentAuthSession - Authentication session that is currently in progress, null if no authentication session is not set

Returns:

Authentication session ID (can be null if the token does not contain authentication session ID)

See Also:

AuthenticationSessionCompoundId

eventType

EventType eventType()

Returns a event type logged with EventBuilder class.

Returns:

getDefaultEventError

String getDefaultEventError()

Returns an error to be shown in the EventBuilder detail when token handling fails and no more specific error is provided.

Returns:

getDefaultErrorMessage

String getDefaultErrorMessage()

Returns an error to be shown in the response when token handling fails and no more specific error message is provided.

Returns:

startFreshAuthenticationSession

AuthenticationSessionModel startFreshAuthenticationSession(T token,
                                                           ActionTokenContext<T> tokenContext)
                                                    throws VerificationException

Creates a fresh authentication session according to the information from the token. The default implementation creates a new authentication session that requests termination after required actions.

Parameters:

token -

tokenContext -

Returns:

Throws:

VerificationException

canUseTokenRepeatedly

boolean canUseTokenRepeatedly(T token,
                              ActionTokenContext<T> tokenContext)

Returns true when the token can be used repeatedly to invoke the action, false when the token is intended to be for single use only.

Returns:

see above