Class BasicAuthAuthenticator
- java.lang.Object
-
- org.keycloak.authentication.AbstractFormAuthenticator
-
- org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator
-
- org.keycloak.authentication.authenticators.challenge.BasicAuthAuthenticator
-
- All Implemented Interfaces:
Authenticator
,Provider
- Direct Known Subclasses:
BasicAuthOTPAuthenticator
public class BasicAuthAuthenticator extends AbstractUsernameFormAuthenticator implements Authenticator
- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
-
Field Summary
-
Fields inherited from class org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator
ATTEMPTED_USERNAME, REGISTRATION_FORM_ACTION, USER_SET_BEFORE_USERNAME_PASSWORD_AUTH
-
-
Constructor Summary
Constructors Constructor Description BasicAuthAuthenticator()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
action(AuthenticationFlowContext context)
Called from a form action invocation.void
authenticate(AuthenticationFlowContext context)
Initial call for the authenticator.protected javax.ws.rs.core.Response
challenge(AuthenticationFlowContext context, String error)
protected javax.ws.rs.core.Response
challenge(AuthenticationFlowContext context, String error, String field)
protected boolean
checkUsernameAndPassword(AuthenticationFlowContext context, String username, String password)
void
close()
boolean
configuredFor(KeycloakSession session, RealmModel realm, UserModel user)
Is this authenticator configured for this user.protected String
getAuthorizationHeader(AuthenticationFlowContext context)
protected String[]
getChallenge(String authorizationHeader)
protected boolean
onAuthenticate(AuthenticationFlowContext context, String[] challenge)
boolean
requiresUser()
Does this authenticator require that the user has already been identified? That AuthenticatorContext.getUser() is not null?protected javax.ws.rs.core.Response
setDuplicateUserChallenge(AuthenticationFlowContext context, String eventError, String loginFormError, AuthenticationFlowError authenticatorError)
void
setRequiredActions(KeycloakSession session, RealmModel realm, UserModel user)
Set actions to configure authenticator-
Methods inherited from class org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator
createLoginForm, disabledByBruteForceError, disabledByBruteForceFieldError, dummyHash, enabledUser, getDefaultChallengeMessage, isDisabledByBruteForce, isUserAlreadySetBeforeUsernamePasswordAuth, runDefaultDummyHash, testInvalidUser, validatePassword, validateUser, validateUserAndPassword
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.authentication.Authenticator
areRequiredActionsEnabled, getRequiredActions
-
-
-
-
Method Detail
-
requiresUser
public boolean requiresUser()
Description copied from interface:Authenticator
Does this authenticator require that the user has already been identified? That AuthenticatorContext.getUser() is not null?- Specified by:
requiresUser
in interfaceAuthenticator
- Returns:
-
authenticate
public void authenticate(AuthenticationFlowContext context)
Description copied from interface:Authenticator
Initial call for the authenticator. This method should check the current HTTP request to determine if the request satifies the Authenticator's requirements. If it doesn't, it should send back a challenge response by calling the AuthenticationFlowContext.challenge(Response). If this challenge is a authentication, the action URL of the form must point to /realms/{realm}/login-actions/authenticate?code={session-code}&execution={executionId} or /realms/{realm}/login-actions/registration?code={session-code}&execution={executionId} {session-code} pertains to the code generated from AuthenticationFlowContext.generateAccessCode(). The {executionId} pertains to the AuthenticationExecutionModel.getId() value obtained from AuthenticationFlowContext.getExecution(). The action URL will invoke the action() method described below.- Specified by:
authenticate
in interfaceAuthenticator
-
onAuthenticate
protected boolean onAuthenticate(AuthenticationFlowContext context, String[] challenge)
-
getAuthorizationHeader
protected String getAuthorizationHeader(AuthenticationFlowContext context)
-
checkUsernameAndPassword
protected boolean checkUsernameAndPassword(AuthenticationFlowContext context, String username, String password)
-
setDuplicateUserChallenge
protected javax.ws.rs.core.Response setDuplicateUserChallenge(AuthenticationFlowContext context, String eventError, String loginFormError, AuthenticationFlowError authenticatorError)
- Overrides:
setDuplicateUserChallenge
in classAbstractUsernameFormAuthenticator
-
challenge
protected javax.ws.rs.core.Response challenge(AuthenticationFlowContext context, String error)
- Overrides:
challenge
in classAbstractUsernameFormAuthenticator
-
challenge
protected javax.ws.rs.core.Response challenge(AuthenticationFlowContext context, String error, String field)
- Overrides:
challenge
in classAbstractUsernameFormAuthenticator
-
action
public void action(AuthenticationFlowContext context)
Description copied from interface:Authenticator
Called from a form action invocation.- Specified by:
action
in interfaceAuthenticator
- Overrides:
action
in classAbstractUsernameFormAuthenticator
-
configuredFor
public boolean configuredFor(KeycloakSession session, RealmModel realm, UserModel user)
Description copied from interface:Authenticator
Is this authenticator configured for this user.- Specified by:
configuredFor
in interfaceAuthenticator
- Returns:
-
setRequiredActions
public void setRequiredActions(KeycloakSession session, RealmModel realm, UserModel user)
Description copied from interface:Authenticator
Set actions to configure authenticator- Specified by:
setRequiredActions
in interfaceAuthenticator
-
close
public void close()
- Specified by:
close
in interfaceProvider
- Overrides:
close
in classAbstractFormAuthenticator
-
-