Class ValidateOTP
- java.lang.Object
-
- org.keycloak.authentication.authenticators.directgrant.AbstractDirectGrantAuthenticator
-
- org.keycloak.authentication.authenticators.directgrant.ValidateOTP
-
- All Implemented Interfaces:
Authenticator
,AuthenticatorFactory
,ConfigurableAuthenticatorFactory
,CredentialValidator<OTPCredentialProvider>
,ConfiguredProvider
,Provider
,ProviderFactory<Authenticator>
public class ValidateOTP extends AbstractDirectGrantAuthenticator implements CredentialValidator<OTPCredentialProvider>
- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
-
Field Summary
Fields Modifier and Type Field Description static String
PROVIDER_ID
-
Fields inherited from interface org.keycloak.authentication.ConfigurableAuthenticatorFactory
REQUIREMENT_CHOICES
-
-
Constructor Summary
Constructors Constructor Description ValidateOTP()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
authenticate(AuthenticationFlowContext context)
Initial call for the authenticator.boolean
configuredFor(KeycloakSession session, RealmModel realm, UserModel user)
Is this authenticator configured for this user.List<ProviderConfigProperty>
getConfigProperties()
OTPCredentialProvider
getCredentialProvider(KeycloakSession session)
String
getDisplayType()
Friendly name for the authenticatorString
getHelpText()
String
getId()
String
getReferenceCategory()
General authenticator type, i.e.AuthenticationExecutionModel.Requirement[]
getRequirementChoices()
What requirement settings are allowed.boolean
isConfigurable()
Is this authenticator configurable?boolean
isUserSetupAllowed()
Does this authenticator have required actions that can set if the user does not have this authenticator set up?boolean
requiresUser()
Does this authenticator require that the user has already been identified? That AuthenticatorContext.getUser() is not null?void
setRequiredActions(KeycloakSession session, RealmModel realm, UserModel user)
Set actions to configure authenticator-
Methods inherited from class org.keycloak.authentication.authenticators.directgrant.AbstractDirectGrantAuthenticator
action, close, create, errorResponse, init, postInit
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.authentication.Authenticator
areRequiredActionsEnabled, getRequiredActions
-
Methods inherited from interface org.keycloak.provider.ConfiguredProvider
getConfig
-
Methods inherited from interface org.keycloak.authentication.CredentialValidator
getCredentials, getType
-
Methods inherited from interface org.keycloak.provider.ProviderFactory
getConfigMetadata, order
-
-
-
-
Field Detail
-
PROVIDER_ID
public static final String PROVIDER_ID
- See Also:
- Constant Field Values
-
-
Method Detail
-
authenticate
public void authenticate(AuthenticationFlowContext context)
Description copied from interface:Authenticator
Initial call for the authenticator. This method should check the current HTTP request to determine if the request satifies the Authenticator's requirements. If it doesn't, it should send back a challenge response by calling the AuthenticationFlowContext.challenge(Response). If this challenge is a authentication, the action URL of the form must point to /realms/{realm}/login-actions/authenticate?code={session-code}&execution={executionId} or /realms/{realm}/login-actions/registration?code={session-code}&execution={executionId} {session-code} pertains to the code generated from AuthenticationFlowContext.generateAccessCode(). The {executionId} pertains to the AuthenticationExecutionModel.getId() value obtained from AuthenticationFlowContext.getExecution(). The action URL will invoke the action() method described below.- Specified by:
authenticate
in interfaceAuthenticator
-
requiresUser
public boolean requiresUser()
Description copied from interface:Authenticator
Does this authenticator require that the user has already been identified? That AuthenticatorContext.getUser() is not null?- Specified by:
requiresUser
in interfaceAuthenticator
- Returns:
-
configuredFor
public boolean configuredFor(KeycloakSession session, RealmModel realm, UserModel user)
Description copied from interface:Authenticator
Is this authenticator configured for this user.- Specified by:
configuredFor
in interfaceAuthenticator
- Returns:
-
setRequiredActions
public void setRequiredActions(KeycloakSession session, RealmModel realm, UserModel user)
Description copied from interface:Authenticator
Set actions to configure authenticator- Specified by:
setRequiredActions
in interfaceAuthenticator
-
isUserSetupAllowed
public boolean isUserSetupAllowed()
Description copied from interface:ConfigurableAuthenticatorFactory
Does this authenticator have required actions that can set if the user does not have this authenticator set up?- Specified by:
isUserSetupAllowed
in interfaceConfigurableAuthenticatorFactory
- Returns:
-
getDisplayType
public String getDisplayType()
Description copied from interface:ConfigurableAuthenticatorFactory
Friendly name for the authenticator- Specified by:
getDisplayType
in interfaceConfigurableAuthenticatorFactory
- Returns:
-
getReferenceCategory
public String getReferenceCategory()
Description copied from interface:ConfigurableAuthenticatorFactory
General authenticator type, i.e. totp, password, cert.- Specified by:
getReferenceCategory
in interfaceConfigurableAuthenticatorFactory
- Returns:
- null if not a referencable category
-
isConfigurable
public boolean isConfigurable()
Description copied from interface:ConfigurableAuthenticatorFactory
Is this authenticator configurable?- Specified by:
isConfigurable
in interfaceConfigurableAuthenticatorFactory
- Returns:
-
getRequirementChoices
public AuthenticationExecutionModel.Requirement[] getRequirementChoices()
Description copied from interface:ConfigurableAuthenticatorFactory
What requirement settings are allowed.- Specified by:
getRequirementChoices
in interfaceConfigurableAuthenticatorFactory
- Returns:
-
getHelpText
public String getHelpText()
- Specified by:
getHelpText
in interfaceConfiguredProvider
-
getConfigProperties
public List<ProviderConfigProperty> getConfigProperties()
- Specified by:
getConfigProperties
in interfaceConfiguredProvider
-
getId
public String getId()
- Specified by:
getId
in interfaceProviderFactory<Authenticator>
-
getCredentialProvider
public OTPCredentialProvider getCredentialProvider(KeycloakSession session)
- Specified by:
getCredentialProvider
in interfaceCredentialValidator<OTPCredentialProvider>
-
-