Class AcrStore
- java.lang.Object
-
- org.keycloak.authentication.authenticators.util.AcrStore
-
public class AcrStore extends Object
CRUD data in the authentication session, which are related to step-up authentication- Author:
- Marek Posolda
-
-
Constructor Summary
Constructors Constructor Description AcrStore(AuthenticationSessionModel authSession)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static int
getCurrentLevelOfAuthentication(AuthenticatedClientSessionModel clientSession)
int
getHighestAuthenticatedLevelFromPreviousAuthentication()
int
getLevelOfAuthenticationFromCurrentAuthentication()
return level, which was either: - directly authenticated in current authentication - or was already verified that can be re-used from previous authenticationint
getRequestedLevelOfAuthentication()
boolean
isLevelAuthenticatedInPreviousAuth(int level, int maxAge)
boolean
isLevelOfAuthenticationForced()
boolean
isLevelOfAuthenticationSatisfiedFromCurrentAuthentication()
void
setLevelAuthenticated(int level)
Save authenticated level to authenticationSession (for current authentication) and loa map (for future authentications)void
setLevelAuthenticatedToCurrentRequest(int level)
Set level to the current authentication session
-
-
-
Constructor Detail
-
AcrStore
public AcrStore(AuthenticationSessionModel authSession)
-
-
Method Detail
-
isLevelOfAuthenticationForced
public boolean isLevelOfAuthenticationForced()
-
getRequestedLevelOfAuthentication
public int getRequestedLevelOfAuthentication()
-
isLevelOfAuthenticationSatisfiedFromCurrentAuthentication
public boolean isLevelOfAuthenticationSatisfiedFromCurrentAuthentication()
-
getCurrentLevelOfAuthentication
public static int getCurrentLevelOfAuthentication(AuthenticatedClientSessionModel clientSession)
-
isLevelAuthenticatedInPreviousAuth
public boolean isLevelAuthenticatedInPreviousAuth(int level, int maxAge)
- Parameters:
level
- level of authenticationmaxAge
- maxAge for which this level is considered valid- Returns:
- True if the particular level was already authenticated before in this userSession and is still valid
-
getLevelOfAuthenticationFromCurrentAuthentication
public int getLevelOfAuthenticationFromCurrentAuthentication()
return level, which was either: - directly authenticated in current authentication - or was already verified that can be re-used from previous authentication- Returns:
- see above
-
setLevelAuthenticated
public void setLevelAuthenticated(int level)
Save authenticated level to authenticationSession (for current authentication) and loa map (for future authentications)- Parameters:
level
- level to save
-
setLevelAuthenticatedToCurrentRequest
public void setLevelAuthenticatedToCurrentRequest(int level)
Set level to the current authentication session- Parameters:
level
- , which was authenticated by user
-
getHighestAuthenticatedLevelFromPreviousAuthentication
public int getHighestAuthenticatedLevelFromPreviousAuthentication()
- Returns:
- highest authenticated level from previous authentication, which is still valid (not yet expired)
-
-