Package org.keycloak.protocol.saml

Class SamlService.BindingProtocol

java.lang.Object
org.keycloak.protocol.saml.SamlService.BindingProtocol
Direct Known Subclasses:
SamlService.PostBindingProtocol, SamlService.RedirectBindingProtocol
Enclosing class:
SamlService
public abstract class SamlService.BindingProtocol extends Object

  • Field Details

    • redirectToAuthentication

      protected boolean redirectToAuthentication

  • Constructor Details

    • BindingProtocol

      public BindingProtocol()

  • Method Details

    • error

      protected abstract jakarta.ws.rs.core.Response error(KeycloakSession session, AuthenticationSessionModel authenticationSession, jakarta.ws.rs.core.Response.Status status, String message, Object... parameters)

    • basicChecks

      protected jakarta.ws.rs.core.Response basicChecks(String samlRequest, String samlResponse, String artifact)

    • isDestinationRequired

      protected boolean isDestinationRequired()

    • handleSamlResponse

      protected jakarta.ws.rs.core.Response handleSamlResponse(String samlResponse, String relayState)

    • triggerSamlEvent

      protected jakarta.ws.rs.core.Response triggerSamlEvent(ClientPolicyContext ctx)

    • handleSamlRequest

      protected jakarta.ws.rs.core.Response handleSamlRequest(String samlRequest, String relayState)

    • handleArtifact

      protected void handleArtifact(jakarta.ws.rs.container.AsyncResponse asyncResponse, String artifact, String relayState)
      Handle a received artifact message. This means finding the client based on the content of the artifact, sending an ArtifactResolve, receiving an ArtifactResponse, and handling its content based on the "standard" workflows.
      Parameters:
      artifact - the received artifact
      relayState - the current relay state

    • encodeSamlDocument

      protected abstract String encodeSamlDocument(Document samlDocument) throws ProcessingException
      Throws:
      ProcessingException

    • verifySignature

      protected abstract void verifySignature(SAMLDocumentHolder documentHolder, ClientModel client) throws VerificationException
      Throws:
      VerificationException

    • containsUnencryptedSignature

      protected abstract boolean containsUnencryptedSignature(SAMLDocumentHolder documentHolder)

    • extractRequestDocument

      protected abstract SAMLDocumentHolder extractRequestDocument(String samlRequest)

    • extractResponseDocument

      protected abstract SAMLDocumentHolder extractResponseDocument(String response)

    • loginRequest

      protected jakarta.ws.rs.core.Response loginRequest(String relayState, AuthnRequestType requestAbstractType, ClientModel client)

    • getBindingType

      protected String getBindingType(AuthnRequestType requestAbstractType)

    • getBindingType

      protected abstract String getBindingType()

    • logoutRequest

      protected jakarta.ws.rs.core.Response logoutRequest(LogoutRequestType logoutRequest, ClientModel client, String relayState)

    • execute

      public jakarta.ws.rs.core.Response execute(String samlRequest, String samlResponse, String relayState, String artifact)

    • execute

      public void execute(jakarta.ws.rs.container.AsyncResponse asyncReponse, String samlRequest, String samlResponse, String relayState, String artifact)

    • getExpectedDestinationUri

      protected URI getExpectedDestinationUri(KeycloakSession session)
      KEYCLOAK-12616, KEYCLOAK-12944: construct the expected destination URI using the configured base URI.
      Parameters:
      session - a reference to the KeycloakSession.
      Returns:
      the constructed URI.