Package org.keycloak.authentication.authenticators.x509

Class AbstractX509ClientCertificateDirectGrantAuthenticator

java.lang.Object

org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator

org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateDirectGrantAuthenticator

All Implemented Interfaces:

Authenticator, Provider

Direct Known Subclasses:

ValidateX509CertificateUsername

public abstract class AbstractX509ClientCertificateDirectGrantAuthenticator
extends AbstractX509ClientCertificateAuthenticator

Version:

$Revision: 1 $

Author:

Peter Nalyvayko

Nested Class Summary

Nested classes/interfaces inherited from class org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator

AbstractX509ClientCertificateAuthenticator.CertificateValidatorConfigBuilder, AbstractX509ClientCertificateAuthenticator.UserIdentityExtractorBuilder, AbstractX509ClientCertificateAuthenticator.UserIdentityToModelMapperBuilder

Field Summary

Fields inherited from class org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator

CANONICAL_DN, CERTIFICATE_EXTENDED_KEY_USAGE, CERTIFICATE_KEY_USAGE, CERTIFICATE_POLICY, CERTIFICATE_POLICY_MODE, CERTIFICATE_POLICY_MODE_ALL, CERTIFICATE_POLICY_MODE_ANY, CONFIRMATION_PAGE_DISALLOWED, CRL_RELATIVE_PATH, CUSTOM_ATTRIBUTE_NAME, DEFAULT_ATTRIBUTE_NAME, ENABLE_CRL, ENABLE_CRLDP, ENABLE_OCSP, logger, MAPPING_SOURCE_CERT_CERTIFICATE_PEM, MAPPING_SOURCE_CERT_ISSUERDN, MAPPING_SOURCE_CERT_SERIALNUMBER, MAPPING_SOURCE_CERT_SERIALNUMBER_ISSUERDN, MAPPING_SOURCE_CERT_SHA256_THUMBPRINT, MAPPING_SOURCE_CERT_SUBJECTALTNAME_EMAIL, MAPPING_SOURCE_CERT_SUBJECTALTNAME_OTHERNAME, MAPPING_SOURCE_CERT_SUBJECTDN, MAPPING_SOURCE_CERT_SUBJECTDN_CN, MAPPING_SOURCE_CERT_SUBJECTDN_EMAIL, MAPPING_SOURCE_SELECTION, OCSP_FAIL_OPEN, OCSPRESPONDER_CERTIFICATE, OCSPRESPONDER_URI, REGULAR_EXPRESSION, REVALIDATE_CERTIFICATE, SERIALNUMBER_HEX, TIMESTAMP_VALIDATION, USER_ATTRIBUTE_MAPPER, USER_MAPPER_SELECTION, USERNAME_EMAIL_MAPPER

Constructor Summary

Constructors

Constructor	Description
AbstractX509ClientCertificateDirectGrantAuthenticator()

Method Summary

Modifier and Type	Method	Description
void	action(AuthenticationFlowContext context)	Called from a form action invocation.
javax.ws.rs.core.Response	errorResponse(int status, String error, String errorDescription)

Methods inherited from class org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator

certificateValidationParameters, close, configuredFor, createInfoResponse, getCertificateChain, getUserIdentityExtractor, getUserIdentityToModelMapper, recordX509CertificateAuditDataViaContextEvent, requiresUser, saveX509CertificateAuditDataToAuthSession, setRequiredActions

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.authentication.Authenticator

areRequiredActionsEnabled, authenticate, getRequiredActions

Constructor Detail

AbstractX509ClientCertificateDirectGrantAuthenticator

public AbstractX509ClientCertificateDirectGrantAuthenticator()

Method Detail

errorResponse

public javax.ws.rs.core.Response errorResponse(int status,
                                               String error,
                                               String errorDescription)

action

public void action(AuthenticationFlowContext context)

Description copied from interface: Authenticator

Called from a form action invocation.