Class AcrStore
java.lang.Object
org.keycloak.authentication.authenticators.util.AcrStore
CRUD data in the authentication session, which are related to step-up authentication
- Author:
- Marek Posolda
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic int
getCurrentLevelOfAuthentication
(AuthenticatedClientSessionModel clientSession) int
int
return level, which was either: - directly authenticated in current authentication - or was already verified that can be re-used from previous authenticationint
boolean
isLevelAuthenticatedInPreviousAuth
(int level, int maxAge) boolean
boolean
void
setLevelAuthenticated
(int level) Save authenticated level to authenticationSession (for current authentication) and loa map (for future authentications)void
setLevelAuthenticatedToCurrentRequest
(int level) Set level to the current authentication session
-
Constructor Details
-
AcrStore
-
-
Method Details
-
isLevelOfAuthenticationForced
public boolean isLevelOfAuthenticationForced() -
getRequestedLevelOfAuthentication
public int getRequestedLevelOfAuthentication() -
isLevelOfAuthenticationSatisfiedFromCurrentAuthentication
public boolean isLevelOfAuthenticationSatisfiedFromCurrentAuthentication() -
getCurrentLevelOfAuthentication
-
isLevelAuthenticatedInPreviousAuth
public boolean isLevelAuthenticatedInPreviousAuth(int level, int maxAge) - Parameters:
level
- level of authenticationmaxAge
- maxAge for which this level is considered valid- Returns:
- True if the particular level was already authenticated before in this userSession and is still valid
-
getLevelOfAuthenticationFromCurrentAuthentication
public int getLevelOfAuthenticationFromCurrentAuthentication()return level, which was either: - directly authenticated in current authentication - or was already verified that can be re-used from previous authentication- Returns:
- see above
-
setLevelAuthenticated
public void setLevelAuthenticated(int level) Save authenticated level to authenticationSession (for current authentication) and loa map (for future authentications)- Parameters:
level
- level to save
-
setLevelAuthenticatedToCurrentRequest
public void setLevelAuthenticatedToCurrentRequest(int level) Set level to the current authentication session- Parameters:
level
- , which was authenticated by user
-
getHighestAuthenticatedLevelFromPreviousAuthentication
public int getHighestAuthenticatedLevelFromPreviousAuthentication()- Returns:
- highest authenticated level from previous authentication, which is still valid (not yet expired)
-