Package org.keycloak.authentication

Interface AuthenticationFlowContext

All Superinterfaces:
AbstractAuthenticationFlowContext
All Known Implementing Classes:
AuthenticationProcessor.Result
public interface AuthenticationFlowContext extends AbstractAuthenticationFlowContext
This interface encapsulates information about an execution in an AuthenticationFlow. It is also used to set the status of the execution being performed.
Version:
$Revision: 1 $
Author:
Bill Burke

  • Method Details

    • getUser

      UserModel getUser()
      Current user attached to this flow. It can return null if no user has been identified yet
      Returns:

    • setUser

      void setUser(UserModel user)
      Attach a specific user to this flow.
      Parameters:
      user -

    • getAuthenticationSelections

      List<AuthenticationSelectionOption> getAuthenticationSelections()

    • setAuthenticationSelections

      void setAuthenticationSelections(List<AuthenticationSelectionOption> credentialAuthExecMap)

    • clearUser

      void clearUser()
      Clear the user from the flow.

    • attachUserSession

      void attachUserSession(UserSessionModel userSession)

    • getAuthenticationSession

      AuthenticationSessionModel getAuthenticationSession()
      AuthenticationSessionModel attached to this flow
      Returns:

    • getFlowPath

      String getFlowPath()
      Returns:
      current flow path (EG. authenticate, reset-credentials)

    • form

      LoginFormsProvider form()
      Create a Freemarker form builder that presets the user, action URI, and a generated access code
      Returns:

    • getActionUrl

      URI getActionUrl(String code)
      Get the action URL for the required action.
      Parameters:
      code - authentication session access code
      Returns:

    • getActionTokenUrl

      URI getActionTokenUrl(String tokenString)
      Get the action URL for the action token executor.
      Parameters:
      tokenString - String representation (JWT) of action token
      Returns:

    • getRefreshExecutionUrl

      URI getRefreshExecutionUrl()
      Get the refresh URL for the required action.
      Returns:

    • getRefreshUrl

      URI getRefreshUrl(boolean authSessionIdParam)
      Get the refresh URL for the flow.
      Parameters:
      authSessionIdParam - will include auth_session query param for clients that don't process cookies
      Returns:

    • cancelLogin

      void cancelLogin()
      End the flow and redirect browser based on protocol specific response. This should only be executed in browser-based flows.

    • resetFlow

      void resetFlow()
      Reset the current flow to the beginning and restarts it.

    • resetFlow

      void resetFlow(Runnable afterResetListener)
      Reset the current flow to the beginning and restarts it. Allows to add additional listener, which is triggered after flow restarted

    • fork

      void fork()
      Fork the current flow. The authentication session will be cloned and set to point at the realm's browser login flow. The Response will be the result of this fork. The previous flow will still be set at the current execution. This is used by reset password when it sends an email. It sends an email linking to the current flow and redirects the browser to a new browser login flow.

    • forkWithSuccessMessage

      void forkWithSuccessMessage(FormMessage message)
      Fork the current flow. The authentication session will be cloned and set to point at the realm's browser login flow. The Response will be the result of this fork. The previous flow will still be set at the current execution. This is used by reset password when it sends an email. It sends an email linking to the current flow and redirects the browser to a new browser login flow. This method will set up a success message that will be displayed in the first page of the new flow
      Parameters:
      message - Corresponds to raw text or a message property defined in a message bundle

    • forkWithErrorMessage

      void forkWithErrorMessage(FormMessage message)
      Fork the current flow. The authentication session will be cloned and set to point at the realm's browser login flow. The Response will be the result of this fork. The previous flow will still be set at the current execution. This is used by reset password when it sends an email. It sends an email linking to the current flow and redirects the browser to a new browser login flow. This method will set up an error message that will be displayed in the first page of the new flow
      Parameters:
      message - Corresponds to raw text or a message property defined in a message bundle