Package org.keycloak.broker.provider
Class AbstractIdentityProvider<C extends IdentityProviderModel>
- java.lang.Object
-
- org.keycloak.broker.provider.AbstractIdentityProvider<C>
-
- All Implemented Interfaces:
IdentityProvider<C>
,Provider
- Direct Known Subclasses:
AbstractOAuth2IdentityProvider
,SAMLIdentityProvider
,TwitterIdentityProvider
public abstract class AbstractIdentityProvider<C extends IdentityProviderModel> extends Object implements IdentityProvider<C>
- Author:
- Pedro Igor
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.keycloak.broker.provider.IdentityProvider
IdentityProvider.AuthenticationCallback
-
-
Field Summary
Fields Modifier and Type Field Description static String
ACCOUNT_LINK_URL
protected KeycloakSession
session
-
Fields inherited from interface org.keycloak.broker.provider.IdentityProvider
EXTERNAL_IDENTITY_PROVIDER, FEDERATED_ACCESS_TOKEN
-
-
Constructor Summary
Constructors Constructor Description AbstractIdentityProvider(KeycloakSession session, C config)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
authenticationFinished(AuthenticationSessionModel authSession, BrokeredIdentityContext context)
void
backchannelLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)
Object
callback(RealmModel realm, IdentityProvider.AuthenticationCallback callback, EventBuilder event)
JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.void
close()
protected javax.ws.rs.core.Response
exchangeErrorResponse(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession, String errorCode, String reason)
javax.ws.rs.core.Response
exchangeNotLinked(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession, UserModel tokenSubject)
javax.ws.rs.core.Response
exchangeNotLinkedNoStore(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession, UserModel tokenSubject)
javax.ws.rs.core.Response
exchangeNotSupported()
javax.ws.rs.core.Response
exchangeTokenExpired(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession, UserModel tokenSubject)
javax.ws.rs.core.Response
exchangeUnsupportedRequiredType()
javax.ws.rs.core.Response
export(javax.ws.rs.core.UriInfo uriInfo, RealmModel realm, String format)
Export a representation of the IdentityProvider in a specific format.C
getConfig()
protected String
getLinkingUrl(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession)
IdentityProviderDataMarshaller
getMarshaller()
Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSessionvoid
importNewUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)
javax.ws.rs.core.Response
keycloakInitiatedBrowserLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)
Called when a Keycloak application initiates a logout through the browser.javax.ws.rs.core.Response
performLogin(AuthenticationRequest request)
Initiates the authentication process by sending an authentication request to an identity provider.void
preprocessFederatedIdentity(KeycloakSession session, RealmModel realm, BrokeredIdentityContext context)
void
updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.broker.provider.IdentityProvider
retrieveToken
-
-
-
-
Field Detail
-
ACCOUNT_LINK_URL
public static final String ACCOUNT_LINK_URL
- See Also:
- Constant Field Values
-
session
protected final KeycloakSession session
-
-
Constructor Detail
-
AbstractIdentityProvider
public AbstractIdentityProvider(KeycloakSession session, C config)
-
-
Method Detail
-
getConfig
public C getConfig()
-
export
public javax.ws.rs.core.Response export(javax.ws.rs.core.UriInfo uriInfo, RealmModel realm, String format)
Description copied from interface:IdentityProvider
Export a representation of the IdentityProvider in a specific format. For example, a SAML EntityDescriptor- Specified by:
export
in interfaceIdentityProvider<C extends IdentityProviderModel>
- Returns:
-
callback
public Object callback(RealmModel realm, IdentityProvider.AuthenticationCallback callback, EventBuilder event)
Description copied from interface:IdentityProvider
JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.- Specified by:
callback
in interfaceIdentityProvider<C extends IdentityProviderModel>
- Returns:
-
performLogin
public javax.ws.rs.core.Response performLogin(AuthenticationRequest request)
Description copied from interface:IdentityProvider
Initiates the authentication process by sending an authentication request to an identity provider. This method is called only once during the authentication.
- Specified by:
performLogin
in interfaceIdentityProvider<C extends IdentityProviderModel>
- Parameters:
request
- The initial authentication request. Contains all the contextual information in order to build an authentication request to the identity provider.- Returns:
-
keycloakInitiatedBrowserLogout
public javax.ws.rs.core.Response keycloakInitiatedBrowserLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)
Description copied from interface:IdentityProvider
Called when a Keycloak application initiates a logout through the browser. This is expected to do a logout with the IDP- Specified by:
keycloakInitiatedBrowserLogout
in interfaceIdentityProvider<C extends IdentityProviderModel>
- Returns:
- null if this is not supported by this provider
-
backchannelLogout
public void backchannelLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)
- Specified by:
backchannelLogout
in interfaceIdentityProvider<C extends IdentityProviderModel>
-
exchangeNotSupported
public javax.ws.rs.core.Response exchangeNotSupported()
-
exchangeNotLinked
public javax.ws.rs.core.Response exchangeNotLinked(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession, UserModel tokenSubject)
-
exchangeNotLinkedNoStore
public javax.ws.rs.core.Response exchangeNotLinkedNoStore(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession, UserModel tokenSubject)
-
exchangeErrorResponse
protected javax.ws.rs.core.Response exchangeErrorResponse(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession, String errorCode, String reason)
-
getLinkingUrl
protected String getLinkingUrl(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession)
-
exchangeTokenExpired
public javax.ws.rs.core.Response exchangeTokenExpired(javax.ws.rs.core.UriInfo uriInfo, ClientModel authorizedClient, UserSessionModel tokenUserSession, UserModel tokenSubject)
-
exchangeUnsupportedRequiredType
public javax.ws.rs.core.Response exchangeUnsupportedRequiredType()
-
authenticationFinished
public void authenticationFinished(AuthenticationSessionModel authSession, BrokeredIdentityContext context)
- Specified by:
authenticationFinished
in interfaceIdentityProvider<C extends IdentityProviderModel>
-
preprocessFederatedIdentity
public void preprocessFederatedIdentity(KeycloakSession session, RealmModel realm, BrokeredIdentityContext context)
- Specified by:
preprocessFederatedIdentity
in interfaceIdentityProvider<C extends IdentityProviderModel>
-
importNewUser
public void importNewUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)
- Specified by:
importNewUser
in interfaceIdentityProvider<C extends IdentityProviderModel>
-
updateBrokeredUser
public void updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)
- Specified by:
updateBrokeredUser
in interfaceIdentityProvider<C extends IdentityProviderModel>
-
getMarshaller
public IdentityProviderDataMarshaller getMarshaller()
Description copied from interface:IdentityProvider
Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSession- Specified by:
getMarshaller
in interfaceIdentityProvider<C extends IdentityProviderModel>
- Returns:
-
-