Package org.keycloak.broker.provider

Interface IdentityProvider<C extends IdentityProviderModel>

All Superinterfaces:
Provider
All Known Subinterfaces:
SocialIdentityProvider<C>
All Known Implementing Classes:
AbstractIdentityProvider, AbstractOAuth2IdentityProvider, BitbucketIdentityProvider, FacebookIdentityProvider, GitHubIdentityProvider, GitLabIdentityProvider, GoogleIdentityProvider, InstagramIdentityProvider, KeycloakOIDCIdentityProvider, LinkedInIdentityProvider, LinkedInOIDCIdentityProvider, MicrosoftIdentityProvider, OIDCIdentityProvider, OpenshiftV3IdentityProvider, OpenshiftV4IdentityProvider, PayPalIdentityProvider, SAMLIdentityProvider, StackoverflowIdentityProvider, TwitterIdentityProvider
public interface IdentityProvider<C extends IdentityProviderModel> extends Provider
Author:
Pedro Igor

  • Field Details

  • Method Details

    • preprocessFederatedIdentity

      void preprocessFederatedIdentity(KeycloakSession session, RealmModel realm, BrokeredIdentityContext context)

    • authenticationFinished

      void authenticationFinished(AuthenticationSessionModel authSession, BrokeredIdentityContext context)

    • importNewUser

      void importNewUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)

    • updateBrokeredUser

      void updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)

    • callback

      Object callback(RealmModel realm, IdentityProvider.AuthenticationCallback callback, EventBuilder event)
      JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.
      Returns:

    • performLogin

      jakarta.ws.rs.core.Response performLogin(AuthenticationRequest request)

      Initiates the authentication process by sending an authentication request to an identity provider. This method is called only once during the authentication.

      Parameters:
      request - The initial authentication request. Contains all the contextual information in order to build an authentication request to the identity provider.
      Returns:

    • retrieveToken

      jakarta.ws.rs.core.Response retrieveToken(KeycloakSession session, FederatedIdentityModel identity)

      Returns a Response containing the token previously stored during the authentication process for a specific user.

      Parameters:
      identity -
      Returns:

    • backchannelLogout

      void backchannelLogout(KeycloakSession session, UserSessionModel userSession, jakarta.ws.rs.core.UriInfo uriInfo, RealmModel realm)

    • keycloakInitiatedBrowserLogout

      jakarta.ws.rs.core.Response keycloakInitiatedBrowserLogout(KeycloakSession session, UserSessionModel userSession, jakarta.ws.rs.core.UriInfo uriInfo, RealmModel realm)
      Called when a Keycloak application initiates a logout through the browser. This is expected to do a logout with the IDP
      Parameters:
      userSession -
      uriInfo -
      realm -
      Returns:
      null if this is not supported by this provider

    • export

      jakarta.ws.rs.core.Response export(jakarta.ws.rs.core.UriInfo uriInfo, RealmModel realm, String format)
      Export a representation of the IdentityProvider in a specific format. For example, a SAML EntityDescriptor
      Returns:

    • getMarshaller

      IdentityProviderDataMarshaller getMarshaller()
      Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSession
      Returns: