Package org.keycloak.broker.provider

Interface IdentityProvider<C extends IdentityProviderModel>

All Superinterfaces:

Provider

All Known Subinterfaces:

SocialIdentityProvider<C>

All Known Implementing Classes:

AbstractIdentityProvider, AbstractOAuth2IdentityProvider, BitbucketIdentityProvider, FacebookIdentityProvider, GitHubIdentityProvider, GitLabIdentityProvider, GoogleIdentityProvider, InstagramIdentityProvider, KeycloakOIDCIdentityProvider, LinkedInIdentityProvider, MicrosoftIdentityProvider, OIDCIdentityProvider, OpenshiftV3IdentityProvider, OpenshiftV4IdentityProvider, PayPalIdentityProvider, SAMLIdentityProvider, StackoverflowIdentityProvider, TwitterIdentityProvider

public interface IdentityProvider<C extends IdentityProviderModel>
extends Provider

Author:

Pedro Igor

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static interface	IdentityProvider.AuthenticationCallback

Field Summary

Fields

Modifier and Type	Field	Description
static String	EXTERNAL_IDENTITY_PROVIDER
static String	FEDERATED_ACCESS_TOKEN

Method Summary

Modifier and Type	Method	Description
void	authenticationFinished(AuthenticationSessionModel authSession, BrokeredIdentityContext context)
void	backchannelLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)
Object	callback(RealmModel realm, IdentityProvider.AuthenticationCallback callback, EventBuilder event)	JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.
javax.ws.rs.core.Response	export(javax.ws.rs.core.UriInfo uriInfo, RealmModel realm, String format)	Export a representation of the IdentityProvider in a specific format.
IdentityProviderDataMarshaller	getMarshaller()	Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSession
void	importNewUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)
javax.ws.rs.core.Response	keycloakInitiatedBrowserLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)	Called when a Keycloak application initiates a logout through the browser.
javax.ws.rs.core.Response	performLogin(AuthenticationRequest request)	Initiates the authentication process by sending an authentication request to an identity provider.
void	preprocessFederatedIdentity(KeycloakSession session, RealmModel realm, BrokeredIdentityContext context)
javax.ws.rs.core.Response	retrieveToken(KeycloakSession session, FederatedIdentityModel identity)	Returns a Response containing the token previously stored during the authentication process for a specific user.
void	updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)

Methods inherited from interface org.keycloak.provider.Provider

close

Field Detail

EXTERNAL_IDENTITY_PROVIDER

static final String EXTERNAL_IDENTITY_PROVIDER

See Also:

Constant Field Values

FEDERATED_ACCESS_TOKEN

static final String FEDERATED_ACCESS_TOKEN

See Also:

Constant Field Values

Method Detail

preprocessFederatedIdentity

void preprocessFederatedIdentity(KeycloakSession session,
                                 RealmModel realm,
                                 BrokeredIdentityContext context)

authenticationFinished

void authenticationFinished(AuthenticationSessionModel authSession,
                            BrokeredIdentityContext context)

importNewUser

void importNewUser(KeycloakSession session,
                   RealmModel realm,
                   UserModel user,
                   BrokeredIdentityContext context)

updateBrokeredUser

void updateBrokeredUser(KeycloakSession session,
                        RealmModel realm,
                        UserModel user,
                        BrokeredIdentityContext context)

callback

Object callback(RealmModel realm,
                IdentityProvider.AuthenticationCallback callback,
                EventBuilder event)

JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.

Returns:

performLogin

javax.ws.rs.core.Response performLogin(AuthenticationRequest request)

Initiates the authentication process by sending an authentication request to an identity provider. This method is called only once during the authentication.

Parameters:

request - The initial authentication request. Contains all the contextual information in order to build an authentication request to the identity provider.

Returns:

retrieveToken

javax.ws.rs.core.Response retrieveToken(KeycloakSession session,
                                        FederatedIdentityModel identity)

Returns a Response containing the token previously stored during the authentication process for a specific user.

Parameters:

identity -

Returns:

backchannelLogout

void backchannelLogout(KeycloakSession session,
                       UserSessionModel userSession,
                       javax.ws.rs.core.UriInfo uriInfo,
                       RealmModel realm)

keycloakInitiatedBrowserLogout

javax.ws.rs.core.Response keycloakInitiatedBrowserLogout(KeycloakSession session,
                                                         UserSessionModel userSession,
                                                         javax.ws.rs.core.UriInfo uriInfo,
                                                         RealmModel realm)

Called when a Keycloak application initiates a logout through the browser. This is expected to do a logout with the IDP

Parameters:

userSession -

uriInfo -

realm -

Returns:

null if this is not supported by this provider

export

javax.ws.rs.core.Response export(javax.ws.rs.core.UriInfo uriInfo,
                                 RealmModel realm,
                                 String format)

Export a representation of the IdentityProvider in a specific format. For example, a SAML EntityDescriptor

Returns:

getMarshaller

IdentityProviderDataMarshaller getMarshaller()

Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSession

Returns: