Package org.keycloak.authentication.authenticators.client

Class X509ClientAuthenticator

java.lang.Object

org.keycloak.authentication.authenticators.client.AbstractClientAuthenticator

org.keycloak.authentication.authenticators.client.X509ClientAuthenticator

All Implemented Interfaces:

ClientAuthenticator, ClientAuthenticatorFactory, ConfigurableAuthenticatorFactory, ConfiguredProvider, Provider, ProviderFactory<ClientAuthenticator>

public class X509ClientAuthenticator
extends AbstractClientAuthenticator

Field Summary

Fields

Modifier and Type	Field	Description
static String	ATTR_ALLOW_REGEX_PATTERN_COMPARISON
static String	ATTR_PREFIX
static String	ATTR_SUBJECT_DN
protected static ServicesLogger	logger
static String	PROVIDER_ID

Fields inherited from interface org.keycloak.authentication.ConfigurableAuthenticatorFactory

REQUIREMENT_CHOICES

Constructor Summary

Constructors

Constructor	Description
X509ClientAuthenticator()

Method Summary

Modifier and Type	Method	Description
void	authenticateClient(ClientAuthenticationFlowContext context)	Initial call for the authenticator.
Map<String,Object>	getAdapterConfiguration(ClientModel client)	Get configuration, which needs to be used for adapter ( keycloak.json ) of particular client.
List<ProviderConfigProperty>	getConfigProperties()
List<ProviderConfigProperty>	getConfigPropertiesPerClient()	List of config properties for this client implementation.
String	getDisplayType()	Friendly name for the authenticator
String	getHelpText()
String	getId()
Set<String>	getProtocolAuthenticatorMethods(String loginProtocol)	Get authentication methods for the specified protocol
AuthenticationExecutionModel.Requirement[]	getRequirementChoices()	What requirement settings are allowed.
boolean	isConfigurable()	Is this authenticator configurable globally?

Methods inherited from class org.keycloak.authentication.authenticators.client.AbstractClientAuthenticator

close, create, create, getReferenceCategory, init, isFormDataRequest, isUserSetupAllowed, postInit

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.authentication.ClientAuthenticatorFactory

supportsSecret

Methods inherited from interface org.keycloak.provider.ConfiguredProvider

getConfig

Methods inherited from interface org.keycloak.provider.ProviderFactory

getConfigMetadata, order

Field Detail

PROVIDER_ID

public static final String PROVIDER_ID

See Also:

Constant Field Values

ATTR_PREFIX

public static final String ATTR_PREFIX

See Also:

Constant Field Values

ATTR_SUBJECT_DN

public static final String ATTR_SUBJECT_DN

See Also:

Constant Field Values

ATTR_ALLOW_REGEX_PATTERN_COMPARISON

public static final String ATTR_ALLOW_REGEX_PATTERN_COMPARISON

See Also:

Constant Field Values

logger

protected static ServicesLogger logger

Constructor Detail

X509ClientAuthenticator

public X509ClientAuthenticator()

Method Detail

authenticateClient

public void authenticateClient(ClientAuthenticationFlowContext context)

Description copied from interface: ClientAuthenticator

Initial call for the authenticator. This method should check the current HTTP request to determine if the request satisfies the ClientAuthenticator's requirements. If it doesn't, it should send back a challenge response by calling the ClientAuthenticationFlowContext.challenge(Response).

getDisplayType

public String getDisplayType()

Description copied from interface: ConfigurableAuthenticatorFactory

Friendly name for the authenticator

Returns:

isConfigurable

public boolean isConfigurable()

Description copied from interface: ClientAuthenticatorFactory

Is this authenticator configurable globally?

Returns:

getRequirementChoices

public AuthenticationExecutionModel.Requirement[] getRequirementChoices()

Description copied from interface: ConfigurableAuthenticatorFactory

What requirement settings are allowed.

Returns:

getConfigPropertiesPerClient

public List<ProviderConfigProperty> getConfigPropertiesPerClient()

Description copied from interface: ClientAuthenticatorFactory

List of config properties for this client implementation. Those will be shown in admin console in clients credentials tab and can be configured per client. Applicable only if "isConfigurablePerClient" is true

Returns:

getAdapterConfiguration

public Map<String,Object> getAdapterConfiguration(ClientModel client)

Description copied from interface: ClientAuthenticatorFactory

Get configuration, which needs to be used for adapter ( keycloak.json ) of particular client. Some implementations may return just template and user needs to edit the values according to his environment (For example fill the location of keystore file)

Returns:

getProtocolAuthenticatorMethods

public Set<String> getProtocolAuthenticatorMethods(String loginProtocol)

Description copied from interface: ClientAuthenticatorFactory

Get authentication methods for the specified protocol

Parameters:

loginProtocol - corresponds to ProviderFactory.getId()

Returns:

name of supported client authenticator methods in the protocol specific "language"

getHelpText

public String getHelpText()

getConfigProperties

public List<ProviderConfigProperty> getConfigProperties()

getId

public String getId()