Package org.keycloak.protocol.oidc.grants.device.endpoints

Class DeviceEndpoint

java.lang.Object

org.keycloak.protocol.AuthorizationEndpointBase

org.keycloak.protocol.oidc.grants.device.endpoints.DeviceEndpoint

All Implemented Interfaces:

Provider, RealmResourceProvider

public class DeviceEndpoint
extends AuthorizationEndpointBase
implements RealmResourceProvider

Author:

Hiroyuki Wada

Field Summary

Fields

Modifier and Type	Field	Description
protected static final org.jboss.logging.Logger	logger
static final String	SHORT_VERIFICATION_URI

Fields inherited from class org.keycloak.protocol.AuthorizationEndpointBase

APP_INITIATED_FLOW, authManager, clientConnection, event, headers, httpRequest, realm, session

Constructor Summary

Constructors

Constructor	Description
DeviceEndpoint(KeycloakSession session, EventBuilder event)

Method Summary

Modifier and Type	Method	Description
void	close()
protected AuthenticationSessionModel	createAuthenticationSession(ClientModel client, String scope)
static OAuth2DeviceCodeModel	getDeviceByUserCode(KeycloakSession session, RealmModel realm, String userCode)
Object	getResource()	Returns a JAX-RS resource instance.
jakarta.ws.rs.core.Response	handleDeviceRequest()	Handles device authorization requests.
jakarta.ws.rs.core.Response	preflight()
jakarta.ws.rs.core.Response	status(String error)	Showing the result of verification process for OAuth 2.0 Device Authorization Grant.
jakarta.ws.rs.core.Response	verifyUserCode()	Verifies the code provided by the end-user and start the authentication.
jakarta.ws.rs.core.Response	verifyUserCode(String userCode)	This endpoint is used by end-users to start the flow to authorize a device.

Methods inherited from class org.keycloak.protocol.AuthorizationEndpointBase

checkRealm, checkSsl, createProcessor, getAuthenticationFlow, handleBrowserAuthenticationRequest

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

protected static final org.jboss.logging.Logger logger

SHORT_VERIFICATION_URI

public static final String SHORT_VERIFICATION_URI

See Also:

• Constant Field Values

Constructor Details

DeviceEndpoint

public DeviceEndpoint(KeycloakSession session,
 EventBuilder event)

Method Details

handleDeviceRequest

@Path("")
@POST
@Consumes("application/x-www-form-urlencoded")
@Produces("application/json")
public jakarta.ws.rs.core.Response handleDeviceRequest()

Handles device authorization requests.

Returns:

the device authorization response.

preflight

@OPTIONS
public jakarta.ws.rs.core.Response preflight()

verifyUserCode

@GET
public jakarta.ws.rs.core.Response verifyUserCode(@QueryParam("user_code")
 String userCode)

This endpoint is used by end-users to start the flow to authorize a device.

Parameters:

userCode - the user code to authorize

Returns:

verifyUserCode

@Path("/")
@POST
@Consumes("application/x-www-form-urlencoded")
public jakarta.ws.rs.core.Response verifyUserCode()

Verifies the code provided by the end-user and start the authentication.

Returns:

status

@Path("status")
@GET
public jakarta.ws.rs.core.Response status(@QueryParam("error")
 String error)

Showing the result of verification process for OAuth 2.0 Device Authorization Grant. This outputs login success or failure messages.

Parameters:

error -

Returns:

getDeviceByUserCode

public static OAuth2DeviceCodeModel getDeviceByUserCode(KeycloakSession session,
 RealmModel realm,
 String userCode)

getResource

public Object getResource()

Description copied from interface: RealmResourceProvider

Returns a JAX-RS resource instance.

Specified by:

getResource in interface RealmResourceProvider

Returns:

a JAX-RS sub-resource instance

close

public void close()

Specified by:

close in interface Provider

createAuthenticationSession

protected AuthenticationSessionModel createAuthenticationSession(ClientModel client,
 String scope)

Overrides:

createAuthenticationSession in class AuthorizationEndpointBase