Package org.keycloak.protocol.oidc.endpoints

Class AuthorizationEndpointChecker

java.lang.Object

org.keycloak.protocol.oidc.endpoints.AuthorizationEndpointChecker

public class AuthorizationEndpointChecker
extends Object

Implements some checks typical for OIDC Authorization Endpoint. Useful to consolidate various checks on single place to avoid duplicated code logic in different contexts (OIDC Authorization Endpoint triggered from browser, PAR)

Author:

Marek Posolda

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
class	AuthorizationEndpointChecker.AuthorizationCheckException

Constructor Summary

Constructors

Constructor	Description
AuthorizationEndpointChecker()

Method Summary

Modifier and Type	Method	Description
void	checkInvalidRequestMessage()
void	checkOIDCParams()
void	checkOIDCRequest()
void	checkParRequired()
void	checkPKCEParams()
void	checkRedirectUri()
void	checkResponseType()
void	checkValidScope()
AuthorizationEndpointChecker	client(ClientModel client)
AuthorizationEndpointChecker	event(EventBuilder event)
OIDCResponseMode	getParsedResponseMode()
OIDCResponseType	getParsedResponseType()
String	getRedirectUri()
boolean	isInvalidResponseType(AuthorizationEndpointChecker.AuthorizationCheckException ex)
AuthorizationEndpointChecker	params(jakarta.ws.rs.core.MultivaluedMap<String,String> params)
AuthorizationEndpointChecker	realm(RealmModel realm)
AuthorizationEndpointChecker	request(AuthorizationEndpointRequest request)
AuthorizationEndpointChecker	session(KeycloakSession session)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AuthorizationEndpointChecker

public AuthorizationEndpointChecker()

Method Details

event

public AuthorizationEndpointChecker event(EventBuilder event)

request

public AuthorizationEndpointChecker request(AuthorizationEndpointRequest request)

session

public AuthorizationEndpointChecker session(KeycloakSession session)

client

public AuthorizationEndpointChecker client(ClientModel client)

realm

public AuthorizationEndpointChecker realm(RealmModel realm)

params

public AuthorizationEndpointChecker params(jakarta.ws.rs.core.MultivaluedMap<String,String> params)

getRedirectUri

public String getRedirectUri()

getParsedResponseType

public OIDCResponseType getParsedResponseType()

getParsedResponseMode

public OIDCResponseMode getParsedResponseMode()

checkRedirectUri

public void checkRedirectUri()
                      throws AuthorizationEndpointChecker.AuthorizationCheckException

Throws:

AuthorizationEndpointChecker.AuthorizationCheckException

checkResponseType

public void checkResponseType()
                       throws AuthorizationEndpointChecker.AuthorizationCheckException

Throws:

AuthorizationEndpointChecker.AuthorizationCheckException

isInvalidResponseType

public boolean isInvalidResponseType(AuthorizationEndpointChecker.AuthorizationCheckException ex)

checkInvalidRequestMessage

public void checkInvalidRequestMessage()
                                throws AuthorizationEndpointChecker.AuthorizationCheckException

Throws:

AuthorizationEndpointChecker.AuthorizationCheckException

checkOIDCRequest

public void checkOIDCRequest()

checkValidScope

public void checkValidScope()
                     throws AuthorizationEndpointChecker.AuthorizationCheckException

Throws:

AuthorizationEndpointChecker.AuthorizationCheckException

checkOIDCParams

public void checkOIDCParams()
                     throws AuthorizationEndpointChecker.AuthorizationCheckException

Throws:

AuthorizationEndpointChecker.AuthorizationCheckException

checkPKCEParams

public void checkPKCEParams()
                     throws AuthorizationEndpointChecker.AuthorizationCheckException

Throws:

AuthorizationEndpointChecker.AuthorizationCheckException

checkParRequired

public void checkParRequired()
                      throws AuthorizationEndpointChecker.AuthorizationCheckException

Throws:

AuthorizationEndpointChecker.AuthorizationCheckException