Package org.keycloak.protocol

Class AuthorizationEndpointBase

java.lang.Object

org.keycloak.protocol.AuthorizationEndpointBase

Direct Known Subclasses:

AuthorizationEndpoint, DeviceEndpoint, DockerEndpoint, SamlService

public abstract class AuthorizationEndpointBase
extends Object

Common base class for Authorization REST endpoints implementation, which have to be implemented by each protocol.

Author:

Vlastimil Elias (velias at redhat dot com)

Field Summary

Fields

Modifier and Type	Field	Description
static String	APP_INITIATED_FLOW
protected AuthenticationManager	authManager
protected ClientConnection	clientConnection
protected EventBuilder	event
protected javax.ws.rs.core.HttpHeaders	headers
protected HttpRequest	httpRequest
protected RealmModel	realm
protected KeycloakSession	session

Constructor Summary

Constructors

Constructor	Description
AuthorizationEndpointBase(KeycloakSession session, EventBuilder event)

Method Summary

Modifier and Type	Method	Description
protected void	checkRealm()
protected void	checkSsl()
protected AuthenticationSessionModel	createAuthenticationSession(ClientModel client, String requestState)
protected AuthenticationProcessor	createProcessor(AuthenticationSessionModel authSession, String flowId, String flowPath)
protected AuthenticationFlowModel	getAuthenticationFlow(AuthenticationSessionModel authSession)
protected javax.ws.rs.core.Response	handleBrowserAuthenticationRequest(AuthenticationSessionModel authSession, LoginProtocol protocol, boolean isPassive, boolean redirectToAuthentication)	Common method to handle browser authentication request in protocols unified way.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

APP_INITIATED_FLOW

public static final String APP_INITIATED_FLOW

See Also:

Constant Field Values

realm

protected final RealmModel realm

event

protected final EventBuilder event

authManager

protected AuthenticationManager authManager

headers

protected final javax.ws.rs.core.HttpHeaders headers

httpRequest

protected final HttpRequest httpRequest

session

protected final KeycloakSession session

clientConnection

protected final ClientConnection clientConnection

Constructor Detail

AuthorizationEndpointBase

public AuthorizationEndpointBase(KeycloakSession session,
                                 EventBuilder event)

Method Detail

createProcessor

protected AuthenticationProcessor createProcessor(AuthenticationSessionModel authSession,
                                                  String flowId,
                                                  String flowPath)

handleBrowserAuthenticationRequest

protected javax.ws.rs.core.Response handleBrowserAuthenticationRequest(AuthenticationSessionModel authSession,
                                                                       LoginProtocol protocol,
                                                                       boolean isPassive,
                                                                       boolean redirectToAuthentication)

Common method to handle browser authentication request in protocols unified way.

Parameters:

authSession - for current request

protocol - handler for protocol used to initiate login

isPassive - set to true if login should be passive (without login screen shown)

redirectToAuthentication - if true redirect to flow url. If initial call to protocol is a POST, you probably want to do this. This is so we can disable the back button on browser

Returns:

response to be returned to the browser

getAuthenticationFlow

protected AuthenticationFlowModel getAuthenticationFlow(AuthenticationSessionModel authSession)

checkSsl

protected void checkSsl()

checkRealm

protected void checkRealm()

createAuthenticationSession

protected AuthenticationSessionModel createAuthenticationSession(ClientModel client,
                                                                 String requestState)