Class X509ClientAuthenticator
- java.lang.Object
-
- org.keycloak.authentication.authenticators.client.AbstractClientAuthenticator
-
- org.keycloak.authentication.authenticators.client.X509ClientAuthenticator
-
- All Implemented Interfaces:
ClientAuthenticator
,ClientAuthenticatorFactory
,ConfigurableAuthenticatorFactory
,ConfiguredProvider
,Provider
,ProviderFactory<ClientAuthenticator>
public class X509ClientAuthenticator extends AbstractClientAuthenticator
-
-
Field Summary
Fields Modifier and Type Field Description static String
ATTR_ALLOW_REGEX_PATTERN_COMPARISON
static String
ATTR_PREFIX
static String
ATTR_SUBJECT_DN
protected static ServicesLogger
logger
static String
PROVIDER_ID
-
Fields inherited from interface org.keycloak.authentication.ConfigurableAuthenticatorFactory
REQUIREMENT_CHOICES
-
-
Constructor Summary
Constructors Constructor Description X509ClientAuthenticator()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
authenticateClient(ClientAuthenticationFlowContext context)
Initial call for the authenticator.Map<String,Object>
getAdapterConfiguration(ClientModel client)
Get configuration, which needs to be used for adapter ( keycloak.json ) of particular client.List<ProviderConfigProperty>
getConfigProperties()
List<ProviderConfigProperty>
getConfigPropertiesPerClient()
List of config properties for this client implementation.String
getDisplayType()
Friendly name for the authenticatorString
getHelpText()
String
getId()
Set<String>
getProtocolAuthenticatorMethods(String loginProtocol)
Get authentication methods for the specified protocolAuthenticationExecutionModel.Requirement[]
getRequirementChoices()
What requirement settings are allowed.boolean
isConfigurable()
Is this authenticator configurable globally?-
Methods inherited from class org.keycloak.authentication.authenticators.client.AbstractClientAuthenticator
close, create, create, getReferenceCategory, init, isFormDataRequest, isUserSetupAllowed, postInit
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.authentication.ClientAuthenticatorFactory
supportsSecret
-
Methods inherited from interface org.keycloak.provider.ConfiguredProvider
getConfig
-
Methods inherited from interface org.keycloak.provider.ProviderFactory
getConfigMetadata, order
-
-
-
-
Field Detail
-
PROVIDER_ID
public static final String PROVIDER_ID
- See Also:
- Constant Field Values
-
ATTR_PREFIX
public static final String ATTR_PREFIX
- See Also:
- Constant Field Values
-
ATTR_SUBJECT_DN
public static final String ATTR_SUBJECT_DN
- See Also:
- Constant Field Values
-
ATTR_ALLOW_REGEX_PATTERN_COMPARISON
public static final String ATTR_ALLOW_REGEX_PATTERN_COMPARISON
- See Also:
- Constant Field Values
-
logger
protected static ServicesLogger logger
-
-
Method Detail
-
authenticateClient
public void authenticateClient(ClientAuthenticationFlowContext context)
Description copied from interface:ClientAuthenticator
Initial call for the authenticator. This method should check the current HTTP request to determine if the request satisfies the ClientAuthenticator's requirements. If it doesn't, it should send back a challenge response by calling the ClientAuthenticationFlowContext.challenge(Response).
-
getDisplayType
public String getDisplayType()
Description copied from interface:ConfigurableAuthenticatorFactory
Friendly name for the authenticator- Returns:
-
isConfigurable
public boolean isConfigurable()
Description copied from interface:ClientAuthenticatorFactory
Is this authenticator configurable globally?- Returns:
-
getRequirementChoices
public AuthenticationExecutionModel.Requirement[] getRequirementChoices()
Description copied from interface:ConfigurableAuthenticatorFactory
What requirement settings are allowed.- Returns:
-
getConfigPropertiesPerClient
public List<ProviderConfigProperty> getConfigPropertiesPerClient()
Description copied from interface:ClientAuthenticatorFactory
List of config properties for this client implementation. Those will be shown in admin console in clients credentials tab and can be configured per client. Applicable only if "isConfigurablePerClient" is true- Returns:
-
getAdapterConfiguration
public Map<String,Object> getAdapterConfiguration(ClientModel client)
Description copied from interface:ClientAuthenticatorFactory
Get configuration, which needs to be used for adapter ( keycloak.json ) of particular client. Some implementations may return just template and user needs to edit the values according to his environment (For example fill the location of keystore file)- Returns:
-
getProtocolAuthenticatorMethods
public Set<String> getProtocolAuthenticatorMethods(String loginProtocol)
Description copied from interface:ClientAuthenticatorFactory
Get authentication methods for the specified protocol- Parameters:
loginProtocol
- corresponds toProviderFactory.getId()
- Returns:
- name of supported client authenticator methods in the protocol specific "language"
-
getHelpText
public String getHelpText()
-
getConfigProperties
public List<ProviderConfigProperty> getConfigProperties()
-
getId
public String getId()
-
-