Class AbstractActionTokenHandler<T extends JsonWebToken>
- java.lang.Object
-
- org.keycloak.authentication.actiontoken.AbstractActionTokenHandler<T>
-
- All Implemented Interfaces:
ActionTokenHandler<T>
,ActionTokenHandlerFactory<T>
,Provider
,ProviderFactory<ActionTokenHandler<T>>
- Direct Known Subclasses:
ExecuteActionsActionTokenHandler
,IdpVerifyAccountLinkActionTokenHandler
,ResetCredentialsActionTokenHandler
,UpdateEmailActionTokenHandler
,VerifyEmailActionTokenHandler
public abstract class AbstractActionTokenHandler<T extends JsonWebToken> extends Object implements ActionTokenHandler<T>, ActionTokenHandlerFactory<T>
- Author:
- hmlnarik
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
canUseTokenRepeatedly(T token, ActionTokenContext<T> tokenContext)
Returnstrue
when the token can be used repeatedly to invoke the action,false
when the token is intended to be for single use only.void
close()
This is called when the server shuts down.ActionTokenHandler<T>
create(KeycloakSession session)
EventType
eventType()
Returns a event type logged withEventBuilder
class.String
getAuthenticationSessionIdFromToken(T token, ActionTokenContext<T> tokenContext, AuthenticationSessionModel currentAuthSession)
Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.String
getDefaultErrorMessage()
Returns an error to be shown in the response when token handling fails and no more specific error message is provided.String
getDefaultEventError()
Returns an error to be shown in theEventBuilder
detail when token handling fails and no more specific error is provided.String
getId()
Class<T>
getTokenClass()
Returns the Java token class for use with deserialization.void
init(Config.Scope config)
Only called once when the factory is first created.void
postInit(KeycloakSessionFactory factory)
Called after all provider factories have been initializedAuthenticationSessionModel
startFreshAuthenticationSession(T token, ActionTokenContext<T> tokenContext)
Creates a fresh authentication session according to the information from the token.protected TokenVerifier.Predicate<DefaultActionToken>
verifyEmail(ActionTokenContext<? extends DefaultActionToken> context)
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.authentication.actiontoken.ActionTokenHandler
getVerifiers, handleToken
-
Methods inherited from interface org.keycloak.provider.ProviderFactory
getConfigMetadata, order
-
-
-
-
Method Detail
-
create
public ActionTokenHandler<T> create(KeycloakSession session)
- Specified by:
create
in interfaceProviderFactory<T extends JsonWebToken>
-
init
public void init(Config.Scope config)
Description copied from interface:ProviderFactory
Only called once when the factory is first created. This config is pulled from keycloak_server.json- Specified by:
init
in interfaceProviderFactory<T extends JsonWebToken>
-
postInit
public void postInit(KeycloakSessionFactory factory)
Description copied from interface:ProviderFactory
Called after all provider factories have been initialized- Specified by:
postInit
in interfaceProviderFactory<T extends JsonWebToken>
-
getId
public String getId()
- Specified by:
getId
in interfaceProviderFactory<T extends JsonWebToken>
-
close
public void close()
Description copied from interface:ProviderFactory
This is called when the server shuts down.- Specified by:
close
in interfaceProvider
- Specified by:
close
in interfaceProviderFactory<T extends JsonWebToken>
-
getTokenClass
public Class<T> getTokenClass()
Description copied from interface:ActionTokenHandler
Returns the Java token class for use with deserialization.- Specified by:
getTokenClass
in interfaceActionTokenHandler<T extends JsonWebToken>
- Returns:
-
eventType
public EventType eventType()
Description copied from interface:ActionTokenHandler
Returns a event type logged withEventBuilder
class.- Specified by:
eventType
in interfaceActionTokenHandler<T extends JsonWebToken>
- Returns:
-
getDefaultErrorMessage
public String getDefaultErrorMessage()
Description copied from interface:ActionTokenHandler
Returns an error to be shown in the response when token handling fails and no more specific error message is provided.- Specified by:
getDefaultErrorMessage
in interfaceActionTokenHandler<T extends JsonWebToken>
- Returns:
-
getDefaultEventError
public String getDefaultEventError()
Description copied from interface:ActionTokenHandler
Returns an error to be shown in theEventBuilder
detail when token handling fails and no more specific error is provided.- Specified by:
getDefaultEventError
in interfaceActionTokenHandler<T extends JsonWebToken>
- Returns:
-
getAuthenticationSessionIdFromToken
public String getAuthenticationSessionIdFromToken(T token, ActionTokenContext<T> tokenContext, AuthenticationSessionModel currentAuthSession)
Description copied from interface:ActionTokenHandler
Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.- Specified by:
getAuthenticationSessionIdFromToken
in interfaceActionTokenHandler<T extends JsonWebToken>
- Parameters:
token
- Token. Can benull
currentAuthSession
- Authentication session that is currently in progress,null
if no authentication session is not set- Returns:
- Authentication session ID (can be
null
if the token does not contain authentication session ID) - See Also:
AuthenticationSessionCompoundId
-
startFreshAuthenticationSession
public AuthenticationSessionModel startFreshAuthenticationSession(T token, ActionTokenContext<T> tokenContext)
Description copied from interface:ActionTokenHandler
Creates a fresh authentication session according to the information from the token. The default implementation creates a new authentication session that requests termination after required actions.- Specified by:
startFreshAuthenticationSession
in interfaceActionTokenHandler<T extends JsonWebToken>
- Returns:
-
canUseTokenRepeatedly
public boolean canUseTokenRepeatedly(T token, ActionTokenContext<T> tokenContext)
Description copied from interface:ActionTokenHandler
Returnstrue
when the token can be used repeatedly to invoke the action,false
when the token is intended to be for single use only.- Specified by:
canUseTokenRepeatedly
in interfaceActionTokenHandler<T extends JsonWebToken>
- Returns:
- see above
-
verifyEmail
protected TokenVerifier.Predicate<DefaultActionToken> verifyEmail(ActionTokenContext<? extends DefaultActionToken> context)
-
-