Class WebAuthnRegister
java.lang.Object
org.keycloak.authentication.requiredactions.WebAuthnRegister
- All Implemented Interfaces:
CredentialAction
,CredentialRegistrator
,RequiredActionProvider
,Provider
- Direct Known Subclasses:
WebAuthnPasswordlessRegister
public class WebAuthnRegister
extends Object
implements RequiredActionProvider, CredentialRegistrator
Required action for register WebAuthn 2-factor credential for the user
-
Constructor Summary
ConstructorDescriptionWebAuthnRegister
(KeycloakSession session, com.webauthn4j.validator.attestation.trustworthiness.certpath.CertPathTrustworthinessValidator certPathtrustValidator) -
Method Summary
Modifier and TypeMethodDescriptionvoid
close()
void
evaluateTriggers
(RequiredActionContext context) Called every time a user authenticates.protected String
protected String
getCredentialType
(KeycloakSession session, AuthenticationSessionModel authenticationSession) protected EventType
Deprecated.protected WebAuthnPolicy
getWebAuthnPolicy
(RequiredActionContext context) Determines what type of support is provided for application-initiated actions.void
processAction
(RequiredActionContext context) Called when a required action has form input you want to process.void
If the user has a required action set, this method will be the initial call to obtain what to display to the user's browser.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.keycloak.authentication.RequiredActionProvider
getMaxAuthAge, initiatedActionCanceled
-
Constructor Details
-
WebAuthnRegister
public WebAuthnRegister(KeycloakSession session, com.webauthn4j.validator.attestation.trustworthiness.certpath.CertPathTrustworthinessValidator certPathtrustValidator)
-
-
Method Details
-
initiatedActionSupport
Description copied from interface:RequiredActionProvider
Determines what type of support is provided for application-initiated actions.- Specified by:
initiatedActionSupport
in interfaceRequiredActionProvider
- Returns:
- InititatedActionsSupport
-
requiredActionChallenge
Description copied from interface:RequiredActionProvider
If the user has a required action set, this method will be the initial call to obtain what to display to the user's browser. Return null if no action should be done.- Specified by:
requiredActionChallenge
in interfaceRequiredActionProvider
-
getWebAuthnPolicy
-
getCredentialType
public String getCredentialType(KeycloakSession session, AuthenticationSessionModel authenticationSession) - Specified by:
getCredentialType
in interfaceCredentialAction
- Returns:
- credential type, which this action is able to register. This should refer to the same value as returned by
CredentialProvider.getType()
of the corresponding credential provider andConfigurableAuthenticatorFactory.getReferenceCategory()
of the corresponding authenticator
-
getCredentialType
-
getCredentialProviderId
-
getOriginalEventTypeForBackwardsCompatibility
@Deprecated protected EventType getOriginalEventTypeForBackwardsCompatibility(RequiredActionContext context) Deprecated.For compatibility sake as long as we use @linkEventType.UPDATE_PASSWORD
,EventType.UPDATE_TOTP
a.s.o.Method to provide removal and deprecation hint -
processAction
Description copied from interface:RequiredActionProvider
Called when a required action has form input you want to process.- Specified by:
processAction
in interfaceRequiredActionProvider
-
close
public void close() -
evaluateTriggers
Description copied from interface:RequiredActionProvider
Called every time a user authenticates. This checks to see if this required action should be triggered. The implementation of this method is responsible for setting the required action on the UserModel. For example, the UpdatePassword required actions checks the password policies to see if the password has expired.- Specified by:
evaluateTriggers
in interfaceRequiredActionProvider
-
EventType.UPDATE_PASSWORD
,EventType.UPDATE_TOTP
a.s.o.