Interface ActionTokenHandler<T extends JsonWebToken>
- Type Parameters:
T
- Class implementing the action token
- All Superinterfaces:
Provider
- All Known Implementing Classes:
AbstractActionTokenHandler
,ExecuteActionsActionTokenHandler
,IdpVerifyAccountLinkActionTokenHandler
,ResetCredentialsActionTokenHandler
,UpdateEmailActionTokenHandler
,VerifyEmailActionTokenHandler
Handler of the action token.
- Author:
- hmlnarik
-
Method Summary
Modifier and TypeMethodDescriptionboolean
canUseTokenRepeatedly
(T token, ActionTokenContext<T> tokenContext) Returnstrue
when the token can be used repeatedly to invoke the action,false
when the token is intended to be for single use only.Returns a event type logged withEventBuilder
class.getAuthenticationSessionIdFromToken
(T token, ActionTokenContext<T> tokenContext, AuthenticationSessionModel currentAuthSession) Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.Returns an error to be shown in the response when token handling fails and no more specific error message is provided.Returns an error to be shown in theEventBuilder
detail when token handling fails and no more specific error is provided.Returns the Java token class for use with deserialization.default TokenVerifier.Predicate<? super T>[]
getVerifiers
(ActionTokenContext<T> tokenContext) Returns an array of verifiers that are tested prior to handling the token.jakarta.ws.rs.core.Response
handleToken
(T token, ActionTokenContext<T> tokenContext) Performs the action as per the token details.startFreshAuthenticationSession
(T token, ActionTokenContext<T> tokenContext) Creates a fresh authentication session according to the information from the token.
-
Method Details
-
handleToken
Performs the action as per the token details. This method is only called if all verifiers returned inhandleToken(T, org.keycloak.authentication.actiontoken.ActionTokenContext<T>)
succeed.- Parameters:
token
-tokenContext
-- Returns:
-
getTokenClass
Returns the Java token class for use with deserialization.- Returns:
-
getVerifiers
Returns an array of verifiers that are tested prior to handling the token. All verifiers have to pass successfully for token to be handled. The returned array must not benull
.- Parameters:
tokenContext
-- Returns:
- Verifiers or an empty array. The returned array must not be
null
.
-
getAuthenticationSessionIdFromToken
String getAuthenticationSessionIdFromToken(T token, ActionTokenContext<T> tokenContext, AuthenticationSessionModel currentAuthSession) Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.- Parameters:
token
- Token. Can benull
tokenContext
-currentAuthSession
- Authentication session that is currently in progress,null
if no authentication session is not set- Returns:
- Authentication session ID (can be
null
if the token does not contain authentication session ID) - See Also:
-
eventType
EventType eventType()Returns a event type logged withEventBuilder
class.- Returns:
-
getDefaultEventError
String getDefaultEventError()Returns an error to be shown in theEventBuilder
detail when token handling fails and no more specific error is provided.- Returns:
-
getDefaultErrorMessage
String getDefaultErrorMessage()Returns an error to be shown in the response when token handling fails and no more specific error message is provided.- Returns:
-
startFreshAuthenticationSession
AuthenticationSessionModel startFreshAuthenticationSession(T token, ActionTokenContext<T> tokenContext) throws VerificationException Creates a fresh authentication session according to the information from the token. The default implementation creates a new authentication session that requests termination after required actions.- Parameters:
token
-tokenContext
-- Returns:
- Throws:
VerificationException
-
canUseTokenRepeatedly
Returnstrue
when the token can be used repeatedly to invoke the action,false
when the token is intended to be for single use only.- Returns:
- see above
-