Package org.keycloak.authentication

Interface AbstractAuthenticationFlowContext

All Known Subinterfaces:
AuthenticationFlowContext, ClientAuthenticationFlowContext
All Known Implementing Classes:
AuthenticationProcessor.Result
public interface AbstractAuthenticationFlowContext
Version:
$Revision: 1 $
Author:
Bill Burke

  • Method Details

    • getEvent

      EventBuilder getEvent()
      Current event builder being used
      Returns:

    • newEvent

      EventBuilder newEvent()
      Create a refresh new EventBuilder to use within this context
      Returns:

    • getExecution

      AuthenticationExecutionModel getExecution()
      The current execution in the flow
      Returns:

    • getTopLevelFlow

      AuthenticationFlowModel getTopLevelFlow()
      Returns:
      the top level flow (root flow) of this authentication

    • getRealm

      RealmModel getRealm()
      Current realm
      Returns:

    • getConnection

      ClientConnection getConnection()
      Information about the IP address from the connecting HTTP client.
      Returns:

    • getUriInfo

      jakarta.ws.rs.core.UriInfo getUriInfo()
      UriInfo of the current request
      Returns:

    • getSession

      KeycloakSession getSession()
      Current session
      Returns:

    • getHttpRequest

      HttpRequest getHttpRequest()

    • getProtector

      BruteForceProtector getProtector()

    • getAuthenticatorConfig

      AuthenticatorConfigModel getAuthenticatorConfig()
      Get any configuration associated with the current execution
      Returns:

    • getForwardedErrorMessage

      FormMessage getForwardedErrorMessage()
      This could be an error message forwarded from another authenticator that is restarting or continuing the flo. For example the brokering API sends this when the broker failed authentication and we want to continue authentication locally. forwardedErrorMessage can then be displayed by whatever form is challenging.

    • getForwardedSuccessMessage

      FormMessage getForwardedSuccessMessage()
      This could be an success message forwarded from another authenticator that is restarting or continuing the flow. For example a reset password sends an email, then resets the flow with a success message. forwardedSuccessMessage can then be displayed by whatever form is challenging.

    • getForwardedInfoMessage

      FormMessage getForwardedInfoMessage()
      This could be an info message forwarded from another authenticator. This info message will be usually displayed only once on the first screen shown to the user during authentication. The authenticator forwarding the info message does not know which the screen would be. For example during user re-authentication, the user should see info message like "Please re-authenticate", but at the beginning of the authentication, it is not 100% clear which screen will be the first shown screen where this message should be displayed

    • setForwardedInfoMessage

      void setForwardedInfoMessage(String message, Object... parameters)
      Parameters:
      message - to be forwarded
      parameters - parameters of the message if any
      See Also:

    • generateAccessCode

      String generateAccessCode()
      Generates access code and updates clientsession timestamp Access codes must be included in form action callbacks as a query parameter.
      Returns:

    • getCategoryRequirementFromCurrentFlow

      AuthenticationExecutionModel.Requirement getCategoryRequirementFromCurrentFlow(String authenticatorCategory)

    • success

      void success()
      Mark the current execution as successful. The flow will then continue

    • failure

      void failure(AuthenticationFlowError error)
      Aborts the current flow
      Parameters:
      error -

    • failure

      void failure(AuthenticationFlowError error, jakarta.ws.rs.core.Response response)
      Aborts the current flow.
      Parameters:
      error -
      response - Response that will be sent back to HTTP client

    • failure

      void failure(AuthenticationFlowError error, jakarta.ws.rs.core.Response response, String eventDetails, String userErrorMessage)
      Aborts the current flow.
      Parameters:
      error -
      response - Response that will be sent back to HTTP client
      eventDetails - Details about the error event
      userErrorMessage - A message describing the error to the user

    • challenge

      void challenge(jakarta.ws.rs.core.Response challenge)
      Sends a challenge response back to the HTTP client. If the current execution requirement is optional, this response will not be sent. If the current execution requirement is alternative, then this challenge will be sent if no other alternative execution was successful.
      Parameters:
      challenge -

    • forceChallenge

      void forceChallenge(jakarta.ws.rs.core.Response challenge)
      Sends the challenge back to the HTTP client regardless of the current execution requirement
      Parameters:
      challenge -

    • failureChallenge

      void failureChallenge(AuthenticationFlowError error, jakarta.ws.rs.core.Response challenge)
      Same behavior as forceChallenge(), but the error count in brute force attack detection will be incremented. For example, if a user enters in a bad password, the user is directed to try again, but Keycloak will keep track of how many failures have happened.
      Parameters:
      error -
      challenge -

    • attempted

      void attempted()
      There was no failure or challenge. The authenticator was attempted, but not fulfilled. If the current execution requirement is alternative or optional, then this status is ignored by the flow.

    • getStatus

      FlowStatus getStatus()
      Get the current status of the current execution.
      Returns:
      may return null if not set yet.

    • getError

      AuthenticationFlowError getError()
      Get the error condition of a failed execution.
      Returns:
      may return null if there was no error

    • getEventDetails

      String getEventDetails()
      Get details of the event that caused an error
      Returns:
      may return null if not set

    • getUserErrorMessage

      String getUserErrorMessage()
      A custom error message that can be displayed to the user
      Returns:
      Optional error message