Class AbstractActionTokenHandler<T extends JsonWebToken>
java.lang.Object
org.keycloak.authentication.actiontoken.AbstractActionTokenHandler<T>
- All Implemented Interfaces:
ActionTokenHandler<T>,ActionTokenHandlerFactory<T>,Provider,ProviderFactory<ActionTokenHandler<T>>
- Direct Known Subclasses:
ExecuteActionsActionTokenHandler,IdpVerifyAccountLinkActionTokenHandler,InviteOrgActionTokenHandler,ResetCredentialsActionTokenHandler,UpdateEmailActionTokenHandler,VerifyEmailActionTokenHandler
public abstract class AbstractActionTokenHandler<T extends JsonWebToken>
extends Object
implements ActionTokenHandler<T>, ActionTokenHandlerFactory<T>
- Author:
- hmlnarik
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionbooleancanUseTokenRepeatedly(T token, ActionTokenContext<T> tokenContext) Returnstruewhen the token can be used repeatedly to invoke the action,falsewhen the token is intended to be for single use only.voidclose()This is called when the server shuts down.create(KeycloakSession session) Returns a event type logged withEventBuilderclass.getAuthenticationSessionIdFromToken(T token, ActionTokenContext<T> tokenContext, AuthenticationSessionModel currentAuthSession) Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.Returns an error to be shown in the response when token handling fails and no more specific error message is provided.Returns an error to be shown in theEventBuilderdetail when token handling fails and no more specific error is provided.getId()Returns the Java token class for use with deserialization.voidinit(Config.Scope config) Only called once when the factory is first created.voidpostInit(KeycloakSessionFactory factory) Called after all provider factories have been initializedstartFreshAuthenticationSession(T token, ActionTokenContext<T> tokenContext) Creates a fresh authentication session according to the information from the token.protected TokenVerifier.Predicate<DefaultActionToken>verifyEmail(ActionTokenContext<? extends DefaultActionToken> context) Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.keycloak.authentication.actiontoken.ActionTokenHandler
getVerifiers, handleToken, preHandleTokenMethods inherited from interface org.keycloak.provider.ProviderFactory
getConfigMetadata, order
-
Constructor Details
-
AbstractActionTokenHandler
-
-
Method Details
-
create
- Specified by:
createin interfaceProviderFactory<T extends JsonWebToken>
-
init
Description copied from interface:ProviderFactoryOnly called once when the factory is first created. This config is pulled from keycloak_server.json- Specified by:
initin interfaceProviderFactory<T extends JsonWebToken>
-
postInit
Description copied from interface:ProviderFactoryCalled after all provider factories have been initialized- Specified by:
postInitin interfaceProviderFactory<T extends JsonWebToken>
-
getId
- Specified by:
getIdin interfaceProviderFactory<T extends JsonWebToken>
-
close
public void close()Description copied from interface:ProviderFactoryThis is called when the server shuts down.- Specified by:
closein interfaceProvider- Specified by:
closein interfaceProviderFactory<T extends JsonWebToken>
-
getTokenClass
Description copied from interface:ActionTokenHandlerReturns the Java token class for use with deserialization.- Specified by:
getTokenClassin interfaceActionTokenHandler<T extends JsonWebToken>- Returns:
-
eventType
Description copied from interface:ActionTokenHandlerReturns a event type logged withEventBuilderclass.- Specified by:
eventTypein interfaceActionTokenHandler<T extends JsonWebToken>- Returns:
-
getDefaultErrorMessage
Description copied from interface:ActionTokenHandlerReturns an error to be shown in the response when token handling fails and no more specific error message is provided.- Specified by:
getDefaultErrorMessagein interfaceActionTokenHandler<T extends JsonWebToken>- Returns:
-
getDefaultEventError
Description copied from interface:ActionTokenHandlerReturns an error to be shown in theEventBuilderdetail when token handling fails and no more specific error is provided.- Specified by:
getDefaultEventErrorin interfaceActionTokenHandler<T extends JsonWebToken>- Returns:
-
getAuthenticationSessionIdFromToken
public String getAuthenticationSessionIdFromToken(T token, ActionTokenContext<T> tokenContext, AuthenticationSessionModel currentAuthSession) Description copied from interface:ActionTokenHandlerReturns a compound authentication session ID requested from within the given token that the handler should attempt to join.- Specified by:
getAuthenticationSessionIdFromTokenin interfaceActionTokenHandler<T extends JsonWebToken>- Parameters:
token- Token. Can benullcurrentAuthSession- Authentication session that is currently in progress,nullif no authentication session is not set- Returns:
- Authentication session ID (can be
nullif the token does not contain authentication session ID) - See Also:
-
startFreshAuthenticationSession
public AuthenticationSessionModel startFreshAuthenticationSession(T token, ActionTokenContext<T> tokenContext) Description copied from interface:ActionTokenHandlerCreates a fresh authentication session according to the information from the token. The default implementation creates a new authentication session that requests termination after required actions.- Specified by:
startFreshAuthenticationSessionin interfaceActionTokenHandler<T extends JsonWebToken>- Returns:
-
canUseTokenRepeatedly
Description copied from interface:ActionTokenHandlerReturnstruewhen the token can be used repeatedly to invoke the action,falsewhen the token is intended to be for single use only.- Specified by:
canUseTokenRepeatedlyin interfaceActionTokenHandler<T extends JsonWebToken>- Returns:
- see above
-
verifyEmail
protected TokenVerifier.Predicate<DefaultActionToken> verifyEmail(ActionTokenContext<? extends DefaultActionToken> context)
-