Class LoAUtil
java.lang.Object
org.keycloak.authentication.authenticators.util.LoAUtil
- Author:
- Marek Posolda
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptiongetCredentialTypesToLoAMap
(KeycloakSession session, RealmModel realm, AuthenticationFlowModel topFlow) Return map where: - keys are credential types corresponding to authenticators available in given authentication flow - values are LoA levels of those credentials in the given flow (If not step-up authentication is used, values will be always Constants.NO_LOA) For instance if we have password as level1 and OTP or WebAuthn as available level2 authenticators it can return map like: { "password" -> 1, "otp" -> 2 "webauthn" -> 2 }static int
getCurrentLevelOfAuthentication
(AuthenticatedClientSessionModel clientSession) static Integer
getLevelFromLoaConditionConfiguration
(AuthenticatorConfigModel loaConditionConfig) static int
getMaxAgeFromLoaConditionConfiguration
(AuthenticatorConfigModel loaConditionConfig)
-
Constructor Details
-
LoAUtil
public LoAUtil()
-
-
Method Details
-
getCurrentLevelOfAuthentication
- Parameters:
clientSession
-- Returns:
- current level from client session
-
getLoAConfiguredInRealmBrowserFlow
- Parameters:
realm
-- Returns:
- All LoA numbers configured in the conditions in the realm browser flow
-
getLoaMaxAgesConfiguredInRealmBrowserFlow
- Parameters:
realm
-- Returns:
- All LoA numbers configured in the conditions in the realm browser flow. Key is level, Vaue is maxAge for particular level
-
getLevelFromLoaConditionConfiguration
public static Integer getLevelFromLoaConditionConfiguration(AuthenticatorConfigModel loaConditionConfig) -
getMaxAgeFromLoaConditionConfiguration
public static int getMaxAgeFromLoaConditionConfiguration(AuthenticatorConfigModel loaConditionConfig) -
getCredentialTypesToLoAMap
public static Map<String,Integer> getCredentialTypesToLoAMap(KeycloakSession session, RealmModel realm, AuthenticationFlowModel topFlow) Return map where: - keys are credential types corresponding to authenticators available in given authentication flow - values are LoA levels of those credentials in the given flow (If not step-up authentication is used, values will be always Constants.NO_LOA) For instance if we have password as level1 and OTP or WebAuthn as available level2 authenticators it can return map like: { "password" -> 1, "otp" -> 2 "webauthn" -> 2 }- Parameters:
session
-realm
-topFlow
-- Returns:
- map as described above. Never returns null, but can return empty map.
-