Package org.keycloak.credential
Class WebAuthnCredentialProvider
- java.lang.Object
-
- org.keycloak.credential.WebAuthnCredentialProvider
-
- All Implemented Interfaces:
CredentialInputValidator
,CredentialProvider<WebAuthnCredentialModel>
,Provider
- Direct Known Subclasses:
WebAuthnPasswordlessCredentialProvider
public class WebAuthnCredentialProvider extends Object implements CredentialProvider<WebAuthnCredentialModel>, CredentialInputValidator
Credential provider for WebAuthn 2-factor credential of the user
-
-
Constructor Summary
Constructors Constructor Description WebAuthnCredentialProvider(KeycloakSession session, com.webauthn4j.converter.util.ObjectConverter objectConverter)
-
Method Summary
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.credential.CredentialProvider
close, getCredentialMetadata, getDefaultCredential
-
-
-
-
Constructor Detail
-
WebAuthnCredentialProvider
public WebAuthnCredentialProvider(KeycloakSession session, com.webauthn4j.converter.util.ObjectConverter objectConverter)
-
-
Method Detail
-
createCredential
public CredentialModel createCredential(RealmModel realm, UserModel user, WebAuthnCredentialModel credentialModel)
- Specified by:
createCredential
in interfaceCredentialProvider<WebAuthnCredentialModel>
-
deleteCredential
public boolean deleteCredential(RealmModel realm, UserModel user, String credentialId)
- Specified by:
deleteCredential
in interfaceCredentialProvider<WebAuthnCredentialModel>
-
getCredentialFromModel
public WebAuthnCredentialModel getCredentialFromModel(CredentialModel model)
- Specified by:
getCredentialFromModel
in interfaceCredentialProvider<WebAuthnCredentialModel>
-
getCredentialModelFromCredentialInput
public WebAuthnCredentialModel getCredentialModelFromCredentialInput(CredentialInput input, String userLabel)
Convert WebAuthn credential input to the model, which can be saved in the persistent storage (DB)- Parameters:
input
- should be typically WebAuthnCredentialModelInputuserLabel
- label for the credential
-
supportsCredentialType
public boolean supportsCredentialType(String credentialType)
- Specified by:
supportsCredentialType
in interfaceCredentialInputValidator
-
isConfiguredFor
public boolean isConfiguredFor(RealmModel realm, UserModel user, String credentialType)
- Specified by:
isConfiguredFor
in interfaceCredentialInputValidator
-
isValid
public boolean isValid(RealmModel realm, UserModel user, CredentialInput input)
Description copied from interface:CredentialInputValidator
Tests whether a credential is valid- Specified by:
isValid
in interfaceCredentialInputValidator
- Parameters:
realm
- The realm in which to which the credential belongs touser
- The user for which to test the credentialinput
- the credential details to verify- Returns:
- true if the passed secret is correct
-
getType
public String getType()
- Specified by:
getType
in interfaceCredentialProvider<WebAuthnCredentialModel>
-
dumpCredentialModel
public void dumpCredentialModel(WebAuthnCredentialModel credential, WebAuthnCredentialModelInput auth)
-
getCredentialTypeMetadata
public CredentialTypeMetadata getCredentialTypeMetadata(CredentialTypeMetadataContext metadataContext)
- Specified by:
getCredentialTypeMetadata
in interfaceCredentialProvider<WebAuthnCredentialModel>
-
getKeycloakSession
protected KeycloakSession getKeycloakSession()
-
-