Class AbstractActionTokenHandler<T extends JsonWebToken>
java.lang.Object
org.keycloak.authentication.actiontoken.AbstractActionTokenHandler<T>
- All Implemented Interfaces:
ActionTokenHandler<T>
,ActionTokenHandlerFactory<T>
,Provider
,ProviderFactory<ActionTokenHandler<T>>
- Direct Known Subclasses:
ExecuteActionsActionTokenHandler
,IdpVerifyAccountLinkActionTokenHandler
,InviteOrgActionTokenHandler
,ResetCredentialsActionTokenHandler
,UpdateEmailActionTokenHandler
,VerifyEmailActionTokenHandler
public abstract class AbstractActionTokenHandler<T extends JsonWebToken>
extends Object
implements ActionTokenHandler<T>, ActionTokenHandlerFactory<T>
- Author:
- hmlnarik
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionboolean
canUseTokenRepeatedly
(T token, ActionTokenContext<T> tokenContext) Returnstrue
when the token can be used repeatedly to invoke the action,false
when the token is intended to be for single use only.void
close()
This is called when the server shuts down.create
(KeycloakSession session) Returns a event type logged withEventBuilder
class.getAuthenticationSessionIdFromToken
(T token, ActionTokenContext<T> tokenContext, AuthenticationSessionModel currentAuthSession) Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.Returns an error to be shown in the response when token handling fails and no more specific error message is provided.Returns an error to be shown in theEventBuilder
detail when token handling fails and no more specific error is provided.getId()
Returns the Java token class for use with deserialization.void
init
(Config.Scope config) Only called once when the factory is first created.void
postInit
(KeycloakSessionFactory factory) Called after all provider factories have been initializedstartFreshAuthenticationSession
(T token, ActionTokenContext<T> tokenContext) Creates a fresh authentication session according to the information from the token.protected TokenVerifier.Predicate<DefaultActionToken>
verifyEmail
(ActionTokenContext<? extends DefaultActionToken> context) Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.keycloak.authentication.actiontoken.ActionTokenHandler
getVerifiers, handleToken
Methods inherited from interface org.keycloak.provider.ProviderFactory
getConfigMetadata, order
-
Constructor Details
-
AbstractActionTokenHandler
-
-
Method Details
-
create
- Specified by:
create
in interfaceProviderFactory<T extends JsonWebToken>
-
init
Description copied from interface:ProviderFactory
Only called once when the factory is first created. This config is pulled from keycloak_server.json- Specified by:
init
in interfaceProviderFactory<T extends JsonWebToken>
-
postInit
Description copied from interface:ProviderFactory
Called after all provider factories have been initialized- Specified by:
postInit
in interfaceProviderFactory<T extends JsonWebToken>
-
getId
- Specified by:
getId
in interfaceProviderFactory<T extends JsonWebToken>
-
close
public void close()Description copied from interface:ProviderFactory
This is called when the server shuts down.- Specified by:
close
in interfaceProvider
- Specified by:
close
in interfaceProviderFactory<T extends JsonWebToken>
-
getTokenClass
Description copied from interface:ActionTokenHandler
Returns the Java token class for use with deserialization.- Specified by:
getTokenClass
in interfaceActionTokenHandler<T extends JsonWebToken>
- Returns:
-
eventType
Description copied from interface:ActionTokenHandler
Returns a event type logged withEventBuilder
class.- Specified by:
eventType
in interfaceActionTokenHandler<T extends JsonWebToken>
- Returns:
-
getDefaultErrorMessage
Description copied from interface:ActionTokenHandler
Returns an error to be shown in the response when token handling fails and no more specific error message is provided.- Specified by:
getDefaultErrorMessage
in interfaceActionTokenHandler<T extends JsonWebToken>
- Returns:
-
getDefaultEventError
Description copied from interface:ActionTokenHandler
Returns an error to be shown in theEventBuilder
detail when token handling fails and no more specific error is provided.- Specified by:
getDefaultEventError
in interfaceActionTokenHandler<T extends JsonWebToken>
- Returns:
-
getAuthenticationSessionIdFromToken
public String getAuthenticationSessionIdFromToken(T token, ActionTokenContext<T> tokenContext, AuthenticationSessionModel currentAuthSession) Description copied from interface:ActionTokenHandler
Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.- Specified by:
getAuthenticationSessionIdFromToken
in interfaceActionTokenHandler<T extends JsonWebToken>
- Parameters:
token
- Token. Can benull
currentAuthSession
- Authentication session that is currently in progress,null
if no authentication session is not set- Returns:
- Authentication session ID (can be
null
if the token does not contain authentication session ID) - See Also:
-
startFreshAuthenticationSession
public AuthenticationSessionModel startFreshAuthenticationSession(T token, ActionTokenContext<T> tokenContext) Description copied from interface:ActionTokenHandler
Creates a fresh authentication session according to the information from the token. The default implementation creates a new authentication session that requests termination after required actions.- Specified by:
startFreshAuthenticationSession
in interfaceActionTokenHandler<T extends JsonWebToken>
- Returns:
-
canUseTokenRepeatedly
Description copied from interface:ActionTokenHandler
Returnstrue
when the token can be used repeatedly to invoke the action,false
when the token is intended to be for single use only.- Specified by:
canUseTokenRepeatedly
in interfaceActionTokenHandler<T extends JsonWebToken>
- Returns:
- see above
-
verifyEmail
protected TokenVerifier.Predicate<DefaultActionToken> verifyEmail(ActionTokenContext<? extends DefaultActionToken> context)
-