Package org.keycloak.broker.provider
Interface IdentityProvider<C extends IdentityProviderModel>
-
- All Superinterfaces:
Provider
- All Known Subinterfaces:
SocialIdentityProvider<C>
- All Known Implementing Classes:
AbstractIdentityProvider
,AbstractOAuth2IdentityProvider
,BitbucketIdentityProvider
,FacebookIdentityProvider
,GitHubIdentityProvider
,GitLabIdentityProvider
,GoogleIdentityProvider
,InstagramIdentityProvider
,KeycloakOIDCIdentityProvider
,LinkedInIdentityProvider
,MicrosoftIdentityProvider
,OIDCIdentityProvider
,OpenshiftV3IdentityProvider
,OpenshiftV4IdentityProvider
,PayPalIdentityProvider
,SAMLIdentityProvider
,StackoverflowIdentityProvider
,TwitterIdentityProvider
public interface IdentityProvider<C extends IdentityProviderModel> extends Provider
- Author:
- Pedro Igor
-
-
Nested Class Summary
Nested Classes Modifier and Type Interface Description static interface
IdentityProvider.AuthenticationCallback
-
Field Summary
Fields Modifier and Type Field Description static String
EXTERNAL_IDENTITY_PROVIDER
static String
FEDERATED_ACCESS_TOKEN
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
authenticationFinished(AuthenticationSessionModel authSession, BrokeredIdentityContext context)
void
backchannelLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)
Object
callback(RealmModel realm, IdentityProvider.AuthenticationCallback callback, EventBuilder event)
JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.javax.ws.rs.core.Response
export(javax.ws.rs.core.UriInfo uriInfo, RealmModel realm, String format)
Export a representation of the IdentityProvider in a specific format.IdentityProviderDataMarshaller
getMarshaller()
Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSessionvoid
importNewUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)
javax.ws.rs.core.Response
keycloakInitiatedBrowserLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)
Called when a Keycloak application initiates a logout through the browser.javax.ws.rs.core.Response
performLogin(AuthenticationRequest request)
Initiates the authentication process by sending an authentication request to an identity provider.void
preprocessFederatedIdentity(KeycloakSession session, RealmModel realm, BrokeredIdentityContext context)
javax.ws.rs.core.Response
retrieveToken(KeycloakSession session, FederatedIdentityModel identity)
Returns aResponse
containing the token previously stored during the authentication process for a specific user.void
updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)
-
-
-
Field Detail
-
EXTERNAL_IDENTITY_PROVIDER
static final String EXTERNAL_IDENTITY_PROVIDER
- See Also:
- Constant Field Values
-
FEDERATED_ACCESS_TOKEN
static final String FEDERATED_ACCESS_TOKEN
- See Also:
- Constant Field Values
-
-
Method Detail
-
preprocessFederatedIdentity
void preprocessFederatedIdentity(KeycloakSession session, RealmModel realm, BrokeredIdentityContext context)
-
authenticationFinished
void authenticationFinished(AuthenticationSessionModel authSession, BrokeredIdentityContext context)
-
importNewUser
void importNewUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)
-
updateBrokeredUser
void updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)
-
callback
Object callback(RealmModel realm, IdentityProvider.AuthenticationCallback callback, EventBuilder event)
JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.- Returns:
-
performLogin
javax.ws.rs.core.Response performLogin(AuthenticationRequest request)
Initiates the authentication process by sending an authentication request to an identity provider. This method is called only once during the authentication.
- Parameters:
request
- The initial authentication request. Contains all the contextual information in order to build an authentication request to the identity provider.- Returns:
-
retrieveToken
javax.ws.rs.core.Response retrieveToken(KeycloakSession session, FederatedIdentityModel identity)
Returns a
Response
containing the token previously stored during the authentication process for a specific user.- Parameters:
identity
-- Returns:
-
backchannelLogout
void backchannelLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)
-
keycloakInitiatedBrowserLogout
javax.ws.rs.core.Response keycloakInitiatedBrowserLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)
Called when a Keycloak application initiates a logout through the browser. This is expected to do a logout with the IDP- Parameters:
userSession
-uriInfo
-realm
-- Returns:
- null if this is not supported by this provider
-
export
javax.ws.rs.core.Response export(javax.ws.rs.core.UriInfo uriInfo, RealmModel realm, String format)
Export a representation of the IdentityProvider in a specific format. For example, a SAML EntityDescriptor- Returns:
-
getMarshaller
IdentityProviderDataMarshaller getMarshaller()
Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSession- Returns:
-
-