Package org.keycloak.authentication
Interface RequiredActionProvider
- All Superinterfaces:
Provider
- All Known Implementing Classes:
DeleteAccount
,RecoveryAuthnCodesAction
,TermsAndConditions
,UpdateEmail
,UpdatePassword
,UpdateProfile
,UpdateTotp
,UpdateUserLocaleAction
,VerifyEmail
,VerifyUserProfile
,WebAuthnPasswordlessRegister
,WebAuthnRegister
RequiredAction provider. Required actions are one-time actions that a user must perform before they are logged in.
- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
Method Summary
Modifier and TypeMethodDescriptionvoid
evaluateTriggers
(RequiredActionContext context) Called every time a user authenticates.default int
Defines the max time after a user login, after which re-authentication is requested for an AIA.default void
initiatedActionCanceled
(KeycloakSession session, AuthenticationSessionModel authSession) Callback to let the action know that an application-initiated action was canceled.default InitiatedActionSupport
Determines what type of support is provided for application-initiated actions.void
processAction
(RequiredActionContext context) Called when a required action has form input you want to process.void
If the user has a required action set, this method will be the initial call to obtain what to display to the user's browser.
-
Method Details
-
initiatedActionSupport
Determines what type of support is provided for application-initiated actions.- Returns:
- InititatedActionsSupport
-
initiatedActionCanceled
default void initiatedActionCanceled(KeycloakSession session, AuthenticationSessionModel authSession) Callback to let the action know that an application-initiated action was canceled.- Parameters:
session
- The Keycloak session.authSession
- The authentication session.
-
evaluateTriggers
Called every time a user authenticates. This checks to see if this required action should be triggered. The implementation of this method is responsible for setting the required action on the UserModel. For example, the UpdatePassword required actions checks the password policies to see if the password has expired.- Parameters:
context
-
-
requiredActionChallenge
If the user has a required action set, this method will be the initial call to obtain what to display to the user's browser. Return null if no action should be done.- Parameters:
context
-
-
processAction
Called when a required action has form input you want to process.- Parameters:
context
-
-
getMaxAuthAge
default int getMaxAuthAge()Defines the max time after a user login, after which re-authentication is requested for an AIA. 0 means that re-authentication is always requested.
-