Package org.keycloak.util

Class TokenUtil

java.lang.Object

org.keycloak.util.TokenUtil

public class TokenUtil
extends Object

Author:

Marek Posolda

Field Summary

Fields

Modifier and Type	Field	Description
static final String	TOKEN_BACKCHANNEL_LOGOUT_EVENT
static final String	TOKEN_BACKCHANNEL_LOGOUT_EVENT_REVOKE_OFFLINE_TOKENS
static final String	TOKEN_TYPE_BEARER
static final String	TOKEN_TYPE_DPOP
static final String	TOKEN_TYPE_ID
static final String	TOKEN_TYPE_JWT_ACCESS_TOKEN
static final String	TOKEN_TYPE_JWT_ACCESS_TOKEN_PREFIXED
static final String	TOKEN_TYPE_JWT_LOGOUT_TOKEN
static final String	TOKEN_TYPE_KEYCLOAK_ID
static final String	TOKEN_TYPE_LOGOUT
static final String	TOKEN_TYPE_OFFLINE
static final String	TOKEN_TYPE_REFRESH

Constructor Summary

Constructors

Constructor	Description
TokenUtil()

Method Summary

Modifier and Type	Method	Description
static String	attachOIDCScope(String scopeParam)
static RefreshToken	getRefreshToken(byte[] decodedToken)	Return refresh token or offline token
static RefreshToken	getRefreshToken(String refreshToken)
static boolean	hasPrompt(String promptParam, String targetPrompt)
static boolean	hasScope(String scopeParam, String targetScope)
static boolean	isOfflineToken(String refreshToken)	Return true if given refreshToken represents offline token
static boolean	isOfflineTokenRequested(String scopeParam)
static boolean	isOIDCRequest(String scopeParam)
static String	jweDirectEncode(Key aesKey, Key hmacKey, byte[] contentBytes)
static String	jweDirectEncode(Key aesKey, Key hmacKey, JsonWebToken jwt)
static byte[]	jweDirectVerifyAndDecode(Key aesKey, Key hmacKey, String jweStr)
static <T extends JsonWebToken> T	jweDirectVerifyAndDecode(Key aesKey, Key hmacKey, String jweStr, Class<T> expectedClass)
static String	jweKeyEncryptionEncode(Key encryptionKEK, byte[] contentBytes, String algAlgorithm, String encAlgorithm, String kid, JWEAlgorithmProvider jweAlgorithmProvider, JWEEncryptionProvider jweEncryptionProvider)
static String	jweKeyEncryptionEncode(Key encryptionKEK, byte[] contentBytes, String algAlgorithm, String encAlgorithm, String kid, JWEAlgorithmProvider jweAlgorithmProvider, JWEEncryptionProvider jweEncryptionProvider, String jweContentType)
static byte[]	jweKeyEncryptionVerifyAndDecode(Key decryptionKEK, String encodedContent)
static byte[]	jweKeyEncryptionVerifyAndDecode(Key decryptionKEK, String encodedContent, JWEAlgorithmProvider algorithmProvider, JWEEncryptionProvider encryptionProvider)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

TOKEN_TYPE_BEARER

public static final String TOKEN_TYPE_BEARER

See Also:

• Constant Field Values

TOKEN_TYPE_DPOP

public static final String TOKEN_TYPE_DPOP

See Also:

• Constant Field Values

TOKEN_TYPE_JWT_ACCESS_TOKEN

public static final String TOKEN_TYPE_JWT_ACCESS_TOKEN

See Also:

• Constant Field Values

TOKEN_TYPE_JWT_ACCESS_TOKEN_PREFIXED

public static final String TOKEN_TYPE_JWT_ACCESS_TOKEN_PREFIXED

See Also:

• Constant Field Values

TOKEN_TYPE_JWT_LOGOUT_TOKEN

public static final String TOKEN_TYPE_JWT_LOGOUT_TOKEN

See Also:

• Constant Field Values

TOKEN_TYPE_KEYCLOAK_ID

public static final String TOKEN_TYPE_KEYCLOAK_ID

See Also:

• Constant Field Values

TOKEN_TYPE_ID

public static final String TOKEN_TYPE_ID

See Also:

• Constant Field Values

TOKEN_TYPE_REFRESH

public static final String TOKEN_TYPE_REFRESH

See Also:

• Constant Field Values

TOKEN_TYPE_OFFLINE

public static final String TOKEN_TYPE_OFFLINE

See Also:

• Constant Field Values

TOKEN_TYPE_LOGOUT

public static final String TOKEN_TYPE_LOGOUT

See Also:

• Constant Field Values

TOKEN_BACKCHANNEL_LOGOUT_EVENT

public static final String TOKEN_BACKCHANNEL_LOGOUT_EVENT

See Also:

• Constant Field Values

TOKEN_BACKCHANNEL_LOGOUT_EVENT_REVOKE_OFFLINE_TOKENS

public static final String TOKEN_BACKCHANNEL_LOGOUT_EVENT_REVOKE_OFFLINE_TOKENS

See Also:

• Constant Field Values

Constructor Details

TokenUtil

public TokenUtil()

Method Details

attachOIDCScope

public static String attachOIDCScope(String scopeParam)

isOIDCRequest

public static boolean isOIDCRequest(String scopeParam)

isOfflineTokenRequested

public static boolean isOfflineTokenRequested(String scopeParam)

hasScope

public static boolean hasScope(String scopeParam,
 String targetScope)

hasPrompt

public static boolean hasPrompt(String promptParam,
 String targetPrompt)

getRefreshToken

public static RefreshToken getRefreshToken(byte[] decodedToken)
                                    throws JWSInputException

Return refresh token or offline token

Parameters:

decodedToken -

Returns:

Throws:

JWSInputException

getRefreshToken

public static RefreshToken getRefreshToken(String refreshToken)
                                    throws JWSInputException

Throws:

JWSInputException

isOfflineToken

public static boolean isOfflineToken(String refreshToken)
                              throws JWSInputException

Return true if given refreshToken represents offline token

Parameters:

refreshToken -

Returns:

Throws:

JWSInputException

jweDirectEncode

public static String jweDirectEncode(Key aesKey,
 Key hmacKey,
 JsonWebToken jwt)
                              throws JWEException

Throws:

JWEException

jweDirectVerifyAndDecode

public static <T extends JsonWebToken> T jweDirectVerifyAndDecode(Key aesKey,
 Key hmacKey,
 String jweStr,
 Class<T> expectedClass)
                                                           throws JWEException

Throws:

JWEException

jweKeyEncryptionEncode

public static String jweKeyEncryptionEncode(Key encryptionKEK,
 byte[] contentBytes,
 String algAlgorithm,
 String encAlgorithm,
 String kid,
 JWEAlgorithmProvider jweAlgorithmProvider,
 JWEEncryptionProvider jweEncryptionProvider)
                                     throws JWEException

Throws:

JWEException

jweKeyEncryptionEncode

public static String jweKeyEncryptionEncode(Key encryptionKEK,
 byte[] contentBytes,
 String algAlgorithm,
 String encAlgorithm,
 String kid,
 JWEAlgorithmProvider jweAlgorithmProvider,
 JWEEncryptionProvider jweEncryptionProvider,
 String jweContentType)
                                     throws JWEException

Throws:

JWEException

jweKeyEncryptionVerifyAndDecode

public static byte[] jweKeyEncryptionVerifyAndDecode(Key decryptionKEK,
 String encodedContent)
                                              throws JWEException

Throws:

JWEException

jweKeyEncryptionVerifyAndDecode

public static byte[] jweKeyEncryptionVerifyAndDecode(Key decryptionKEK,
 String encodedContent,
 JWEAlgorithmProvider algorithmProvider,
 JWEEncryptionProvider encryptionProvider)
                                              throws JWEException

Throws:

JWEException

jweDirectEncode

public static String jweDirectEncode(Key aesKey,
 Key hmacKey,
 byte[] contentBytes)
                              throws JWEException

Throws:

JWEException

jweDirectVerifyAndDecode

public static byte[] jweDirectVerifyAndDecode(Key aesKey,
 Key hmacKey,
 String jweStr)
                                       throws JWEException

Throws:

JWEException