Package org.keycloak.broker.provider
Interface IdentityProvider<C extends IdentityProviderModel>
- All Superinterfaces:
Provider
- All Known Subinterfaces:
SocialIdentityProvider<C>
- All Known Implementing Classes:
AbstractIdentityProvider
,AbstractOAuth2IdentityProvider
,BitbucketIdentityProvider
,FacebookIdentityProvider
,GitHubIdentityProvider
,GitLabIdentityProvider
,GoogleIdentityProvider
,InstagramIdentityProvider
,KeycloakOIDCIdentityProvider
,LinkedInIdentityProvider
,LinkedInOIDCIdentityProvider
,MicrosoftIdentityProvider
,OIDCIdentityProvider
,OpenshiftV3IdentityProvider
,OpenshiftV4IdentityProvider
,PayPalIdentityProvider
,SAMLIdentityProvider
,StackoverflowIdentityProvider
,TwitterIdentityProvider
- Author:
- Pedro Igor
-
Nested Class Summary
-
Field Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
authenticationFinished
(AuthenticationSessionModel authSession, BrokeredIdentityContext context) void
backchannelLogout
(KeycloakSession session, UserSessionModel userSession, jakarta.ws.rs.core.UriInfo uriInfo, RealmModel realm) callback
(RealmModel realm, IdentityProvider.AuthenticationCallback callback, EventBuilder event) JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.jakarta.ws.rs.core.Response
export
(jakarta.ws.rs.core.UriInfo uriInfo, RealmModel realm, String format) Export a representation of the IdentityProvider in a specific format.Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSessionvoid
importNewUser
(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context) default boolean
Checks whether a mapper is supported for this Identity Provider.jakarta.ws.rs.core.Response
keycloakInitiatedBrowserLogout
(KeycloakSession session, UserSessionModel userSession, jakarta.ws.rs.core.UriInfo uriInfo, RealmModel realm) Called when a Keycloak application initiates a logout through the browser.jakarta.ws.rs.core.Response
performLogin
(AuthenticationRequest request) Initiates the authentication process by sending an authentication request to an identity provider.void
preprocessFederatedIdentity
(KeycloakSession session, RealmModel realm, BrokeredIdentityContext context) jakarta.ws.rs.core.Response
retrieveToken
(KeycloakSession session, FederatedIdentityModel identity) Returns aResponse
containing the token previously stored during the authentication process for a specific user.void
updateBrokeredUser
(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context)
-
Field Details
-
EXTERNAL_IDENTITY_PROVIDER
- See Also:
-
FEDERATED_ACCESS_TOKEN
- See Also:
-
-
Method Details
-
getConfig
C getConfig() -
preprocessFederatedIdentity
void preprocessFederatedIdentity(KeycloakSession session, RealmModel realm, BrokeredIdentityContext context) -
authenticationFinished
void authenticationFinished(AuthenticationSessionModel authSession, BrokeredIdentityContext context) -
importNewUser
void importNewUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context) -
updateBrokeredUser
void updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, BrokeredIdentityContext context) -
callback
Object callback(RealmModel realm, IdentityProvider.AuthenticationCallback callback, EventBuilder event) JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.- Returns:
-
performLogin
Initiates the authentication process by sending an authentication request to an identity provider. This method is called only once during the authentication.
- Parameters:
request
- The initial authentication request. Contains all the contextual information in order to build an authentication request to the identity provider.- Returns:
-
retrieveToken
Returns a
Response
containing the token previously stored during the authentication process for a specific user.- Parameters:
identity
-- Returns:
-
backchannelLogout
void backchannelLogout(KeycloakSession session, UserSessionModel userSession, jakarta.ws.rs.core.UriInfo uriInfo, RealmModel realm) -
keycloakInitiatedBrowserLogout
jakarta.ws.rs.core.Response keycloakInitiatedBrowserLogout(KeycloakSession session, UserSessionModel userSession, jakarta.ws.rs.core.UriInfo uriInfo, RealmModel realm) Called when a Keycloak application initiates a logout through the browser. This is expected to do a logout with the IDP- Parameters:
userSession
-uriInfo
-realm
-- Returns:
- null if this is not supported by this provider
-
export
jakarta.ws.rs.core.Response export(jakarta.ws.rs.core.UriInfo uriInfo, RealmModel realm, String format) Export a representation of the IdentityProvider in a specific format. For example, a SAML EntityDescriptor- Returns:
-
getMarshaller
IdentityProviderDataMarshaller getMarshaller()Implementation of marshaller to serialize/deserialize attached data to Strings, which can be saved in clientSession- Returns:
-
isMapperSupported
Checks whether a mapper is supported for this Identity Provider.
-