Package org.keycloak.protocol.saml

Class SamlService

java.lang.Object
org.keycloak.protocol.AuthorizationEndpointBase
org.keycloak.protocol.saml.SamlService
Direct Known Subclasses:
SamlEcpProfileService
public class SamlService extends AuthorizationEndpointBase
Resource class for the saml connect token service
Version:
$Revision: 1 $
Author:
Bill Burke

  • Field Details

    • logger

      protected static final org.jboss.logging.Logger logger

    • ARTIFACT_RESOLUTION_SERVICE_PATH

      public static final String ARTIFACT_RESOLUTION_SERVICE_PATH
      See Also:

  • Constructor Details

  • Method Details

    • newBrowserAuthentication

      protected jakarta.ws.rs.core.Response newBrowserAuthentication(AuthenticationSessionModel authSession, boolean isPassive, boolean redirectToAuthentication)

    • newBrowserAuthentication

      protected jakarta.ws.rs.core.Response newBrowserAuthentication(AuthenticationSessionModel authSession, boolean isPassive, boolean redirectToAuthentication, SamlProtocol samlProtocol)

    • newRedirectBindingProtocol

      public SamlService.RedirectBindingProtocol newRedirectBindingProtocol()

    • newPostBindingProtocol

      public SamlService.PostBindingProtocol newPostBindingProtocol()

    • redirectBinding

      @GET public void redirectBinding(@Suspended jakarta.ws.rs.container.AsyncResponse asyncResponse, @QueryParam("SAMLRequest") String samlRequest, @QueryParam("SAMLResponse") String samlResponse, @QueryParam("RelayState") String relayState, @QueryParam("SAMLart") String artifact)

    • postBinding

      @POST @Consumes("application/x-www-form-urlencoded") public void postBinding(@Suspended jakarta.ws.rs.container.AsyncResponse asyncResponse, @FormParam("SAMLRequest") String samlRequest, @FormParam("SAMLResponse") String samlResponse, @FormParam("RelayState") String relayState, @FormParam("SAMLart") String artifact)

    • getDescriptor

      @GET @Path("descriptor") @Produces("application/xml") public String getDescriptor() throws Exception
      Throws:
      Exception

    • getIDPMetadataDescriptor

      public static String getIDPMetadataDescriptor(jakarta.ws.rs.core.UriInfo uriInfo, KeycloakSession session, RealmModel realm)

    • compareKeys

      public static int compareKeys(KeyWrapper o1, KeyWrapper o2)

    • idpInitiatedSSO

      @GET @Path("clients/{client}") @Produces("text/html; charset=utf-8") public jakarta.ws.rs.core.Response idpInitiatedSSO(@PathParam("client") String clientUrlName, @QueryParam("RelayState") String relayState)

    • getOrCreateLoginSessionForIdpInitiatedSso

      public AuthenticationSessionModel getOrCreateLoginSessionForIdpInitiatedSso(KeycloakSession session, RealmModel realm, ClientModel client, String relayState)
      Creates a client session object for SAML IdP-initiated SSO session. The session takes the parameters from from client definition, namely binding type and redirect URL.
      Parameters:
      session - KC session
      realm - Realm to create client session in
      client - Client to create client session for
      relayState - Optional relay state - free field as per SAML specification
      Returns:
      The auth session model or null if there is no SAML url is found

    • artifactResolutionService

      @POST @Path("resolve") @Consumes({"application/soap+xml","text/xml"}) public jakarta.ws.rs.core.Response artifactResolutionService(InputStream inputStream)
      Handles SOAP messages. Chooses the correct response path depending on whether the message is of type ECP or Artifact
      Parameters:
      inputStream - the data of the request.
      Returns:
      The response to the SOAP message

    • soapBinding

      @POST @Consumes({"application/soap+xml","text/xml"}) public jakarta.ws.rs.core.Response soapBinding(InputStream inputStream)
      Handles SOAP messages. Chooses the correct response path depending on whether the message is of type ECP
      Parameters:
      inputStream - the data of the request.
      Returns:
      The response to the SOAP message

    • artifactResolve

      public jakarta.ws.rs.core.Response artifactResolve(ArtifactResolveType artifactResolveMessage, SAMLDocumentHolder artifactResolveHolder) throws ParsingException, ConfigurationException, ProcessingException
      Takes an artifact resolve message and returns the artifact response, if the artifact is found belonging to a session of the issuer.
      Parameters:
      artifactResolveMessage - The artifact resolve message sent by the client
      artifactResolveHolder - the document containing the artifact resolve message sent by the client
      Returns:
      a Response containing the SOAP message with the ArifactResponse
      Throws:
      ParsingException
      ConfigurationException
      ProcessingException