Class AbstractIdpAuthenticator
java.lang.Object
org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator
- All Implemented Interfaces:
Authenticator
,Provider
- Direct Known Subclasses:
IdpAutoLinkAuthenticator
,IdpConfirmLinkAuthenticator
,IdpCreateUserIfUniqueAuthenticator
,IdpEmailVerificationAuthenticator
,IdpReviewProfileAuthenticator
- Author:
- Marek Posolda
-
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
action
(AuthenticationFlowContext context) Called from a form action invocation.protected abstract void
actionImpl
(AuthenticationFlowContext context, SerializedBrokeredIdentityContext serializedCtx, BrokeredIdentityContext brokerContext) void
authenticate
(AuthenticationFlowContext context) Initial call for the authenticator.protected abstract void
authenticateImpl
(AuthenticationFlowContext context, SerializedBrokeredIdentityContext serializedCtx, BrokeredIdentityContext brokerContext) void
close()
static UserModel
getExistingUser
(KeycloakSession session, RealmModel realm, AuthenticationSessionModel authSession) protected void
sendFailureChallenge
(AuthenticationFlowContext context, jakarta.ws.rs.core.Response.Status status, String eventError, String errorMessage, AuthenticationFlowError flowError) void
setRequiredActions
(KeycloakSession session, RealmModel realm, UserModel user) Set actions to configure authenticatorMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.keycloak.authentication.Authenticator
areRequiredActionsEnabled, configuredFor, getRequiredActions, requiresUser
-
Field Details
-
BROKERED_CONTEXT_NOTE
- See Also:
-
EXISTING_USER_INFO
- See Also:
-
UPDATE_PROFILE_EMAIL_CHANGED
- See Also:
-
ENFORCE_UPDATE_PROFILE
- See Also:
-
BROKER_REGISTERED_NEW_USER
- See Also:
-
FIRST_BROKER_LOGIN_SUCCESS
- See Also:
-
NESTED_FIRST_BROKER_CONTEXT
- See Also:
-
-
Constructor Details
-
AbstractIdpAuthenticator
public AbstractIdpAuthenticator()
-
-
Method Details
-
authenticate
Description copied from interface:Authenticator
Initial call for the authenticator. This method should check the current HTTP request to determine if the request satifies the Authenticator's requirements. If it doesn't, it should send back a challenge response by calling the AuthenticationFlowContext.challenge(Response). If this challenge is a authentication, the action URL of the form must point to /realms/{realm}/login-actions/authenticate?code={session-code}&execution={executionId} or /realms/{realm}/login-actions/registration?code={session-code}&execution={executionId} {session-code} pertains to the code generated from AuthenticationFlowContext.generateAccessCode(). The {executionId} pertains to the AuthenticationExecutionModel.getId() value obtained from AuthenticationFlowContext.getExecution(). The action URL will invoke the action() method described below.- Specified by:
authenticate
in interfaceAuthenticator
-
action
Description copied from interface:Authenticator
Called from a form action invocation.- Specified by:
action
in interfaceAuthenticator
-
authenticateImpl
protected abstract void authenticateImpl(AuthenticationFlowContext context, SerializedBrokeredIdentityContext serializedCtx, BrokeredIdentityContext brokerContext) -
actionImpl
protected abstract void actionImpl(AuthenticationFlowContext context, SerializedBrokeredIdentityContext serializedCtx, BrokeredIdentityContext brokerContext) -
sendFailureChallenge
protected void sendFailureChallenge(AuthenticationFlowContext context, jakarta.ws.rs.core.Response.Status status, String eventError, String errorMessage, AuthenticationFlowError flowError) -
setRequiredActions
Description copied from interface:Authenticator
Set actions to configure authenticator- Specified by:
setRequiredActions
in interfaceAuthenticator
-
close
public void close() -
getExistingUser
public static UserModel getExistingUser(KeycloakSession session, RealmModel realm, AuthenticationSessionModel authSession)
-