Package org.keycloak.credential
Class WebAuthnCredentialProvider
java.lang.Object
org.keycloak.credential.WebAuthnCredentialProvider
- All Implemented Interfaces:
CredentialInputValidator
,CredentialProvider<WebAuthnCredentialModel>
,Provider
- Direct Known Subclasses:
WebAuthnPasswordlessCredentialProvider
public class WebAuthnCredentialProvider
extends Object
implements CredentialProvider<WebAuthnCredentialModel>, CredentialInputValidator
Credential provider for WebAuthn 2-factor credential of the user
-
Constructor Summary
ConstructorDescriptionWebAuthnCredentialProvider
(KeycloakSession session, com.webauthn4j.converter.util.ObjectConverter objectConverter) -
Method Summary
Modifier and TypeMethodDescriptioncreateCredential
(RealmModel realm, UserModel user, WebAuthnCredentialModel credentialModel) boolean
deleteCredential
(RealmModel realm, UserModel user, String credentialId) void
dumpCredentialModel
(WebAuthnCredentialModel credential, WebAuthnCredentialModelInput auth) getCredentialModelFromCredentialInput
(CredentialInput input, String userLabel) Convert WebAuthn credential input to the model, which can be saved in the persistent storage (DB)getCredentialTypeMetadata
(CredentialTypeMetadataContext metadataContext) protected KeycloakSession
getType()
boolean
isConfiguredFor
(RealmModel realm, UserModel user, String credentialType) boolean
isValid
(RealmModel realm, UserModel user, CredentialInput input) Tests whether a credential is validboolean
supportsCredentialType
(String credentialType) Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.keycloak.credential.CredentialProvider
close, getCredentialMetadata, getDefaultCredential
-
Constructor Details
-
WebAuthnCredentialProvider
public WebAuthnCredentialProvider(KeycloakSession session, com.webauthn4j.converter.util.ObjectConverter objectConverter)
-
-
Method Details
-
createCredential
public CredentialModel createCredential(RealmModel realm, UserModel user, WebAuthnCredentialModel credentialModel) - Specified by:
createCredential
in interfaceCredentialProvider<WebAuthnCredentialModel>
-
deleteCredential
- Specified by:
deleteCredential
in interfaceCredentialProvider<WebAuthnCredentialModel>
-
getCredentialFromModel
- Specified by:
getCredentialFromModel
in interfaceCredentialProvider<WebAuthnCredentialModel>
-
getCredentialModelFromCredentialInput
public WebAuthnCredentialModel getCredentialModelFromCredentialInput(CredentialInput input, String userLabel) Convert WebAuthn credential input to the model, which can be saved in the persistent storage (DB)- Parameters:
input
- should be typically WebAuthnCredentialModelInputuserLabel
- label for the credential
-
supportsCredentialType
- Specified by:
supportsCredentialType
in interfaceCredentialInputValidator
-
isConfiguredFor
- Specified by:
isConfiguredFor
in interfaceCredentialInputValidator
-
isValid
Description copied from interface:CredentialInputValidator
Tests whether a credential is valid- Specified by:
isValid
in interfaceCredentialInputValidator
- Parameters:
realm
- The realm in which to which the credential belongs touser
- The user for which to test the credentialinput
- the credential details to verify- Returns:
- true if the passed secret is correct
-
getType
- Specified by:
getType
in interfaceCredentialProvider<WebAuthnCredentialModel>
-
dumpCredentialModel
public void dumpCredentialModel(WebAuthnCredentialModel credential, WebAuthnCredentialModelInput auth) -
getCredentialTypeMetadata
public CredentialTypeMetadata getCredentialTypeMetadata(CredentialTypeMetadataContext metadataContext) - Specified by:
getCredentialTypeMetadata
in interfaceCredentialProvider<WebAuthnCredentialModel>
-
getKeycloakSession
-