Uses of Interface
org.keycloak.models.ClientSessionContext

Packages that use ClientSessionContext

Package	Description
org.keycloak.authentication
org.keycloak.organization.protocol.mappers.oidc
org.keycloak.protocol
org.keycloak.protocol.docker
org.keycloak.protocol.oidc
org.keycloak.protocol.oidc.grants
org.keycloak.protocol.oidc.grants.ciba.clientpolicy.context
org.keycloak.protocol.oidc.mappers
org.keycloak.protocol.saml
org.keycloak.protocol.saml.mappers
org.keycloak.services.clientpolicy.context
org.keycloak.services.managers
org.keycloak.services.util
org.keycloak.utils

Uses of ClientSessionContext in org.keycloak.authentication

Methods in org.keycloak.authentication that return ClientSessionContext

Modifier and Type	Method	Description
ClientSessionContext	AuthenticationProcessor.attachSession()
static ClientSessionContext	AuthenticationProcessor.attachSession(AuthenticationSessionModel authSession, UserSessionModel userSession, KeycloakSession session, RealmModel realm, ClientConnection connection, EventBuilder event)

Uses of ClientSessionContext in org.keycloak.organization.protocol.mappers.oidc

Methods in org.keycloak.organization.protocol.mappers.oidc with parameters of type ClientSessionContext

Modifier and Type	Method	Description
protected void	OrganizationMembershipMapper.setClaim(IDToken token, ProtocolMapperModel model, UserSessionModel userSession, KeycloakSession session, ClientSessionContext clientSessionCtx)

Uses of ClientSessionContext in org.keycloak.protocol

Methods in org.keycloak.protocol with parameters of type ClientSessionContext

Modifier and Type	Method	Description
jakarta.ws.rs.core.Response	LoginProtocol.authenticated(AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
static Stream<Map.Entry<ProtocolMapperModel,ProtocolMapper>>	ProtocolMapperUtils.getSortedProtocolMappers(KeycloakSession session, ClientSessionContext ctx)
static Stream<Map.Entry<ProtocolMapperModel,ProtocolMapper>>	ProtocolMapperUtils.getSortedProtocolMappers(KeycloakSession session, ClientSessionContext ctx, Predicate<Map.Entry<ProtocolMapperModel,ProtocolMapper>> filter)

Uses of ClientSessionContext in org.keycloak.protocol.docker

Methods in org.keycloak.protocol.docker with parameters of type ClientSessionContext

Modifier and Type	Method	Description
jakarta.ws.rs.core.Response	DockerAuthV2Protocol.authenticated(AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx)

Uses of ClientSessionContext in org.keycloak.protocol.oidc

Fields in org.keycloak.protocol.oidc declared as ClientSessionContext

Modifier and Type	Field	Description
final ClientSessionContext	TokenManager.TokenValidation.clientSessionCtx

Methods in org.keycloak.protocol.oidc that return ClientSessionContext

Modifier and Type	Method	Description
static ClientSessionContext	TokenManager.attachAuthenticationSession(KeycloakSession session, UserSessionModel userSession, AuthenticationSessionModel authSession)

Methods in org.keycloak.protocol.oidc with parameters of type ClientSessionContext

Modifier and Type	Method	Description
jakarta.ws.rs.core.Response	OIDCLoginProtocol.authenticated(AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
jakarta.ws.rs.core.Response	OIDCLoginProtocol.buildRedirectUri(OIDCRedirectUriBuilder redirectUriBuilder, AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx)	this method can be used in extension-implementations to the OIDCLoginProtocol to add additional parameters to the redirectUri after successful authentication and to store these e.g.
jakarta.ws.rs.core.Response	OIDCLoginProtocol.buildRedirectUri(OIDCRedirectUriBuilder redirectUriBuilder, AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx, Exception ex, LoginProtocol.Error oidcError)	this method can be used in extension-implementations to the OIDCLoginProtocol to add additional parameters to the redirectUri after failed authentication
AccessToken	TokenManager.createClientAccessToken(KeycloakSession session, RealmModel realm, ClientModel client, UserModel user, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
protected AccessToken	TokenManager.initToken(RealmModel realm, ClientModel client, UserModel user, UserSessionModel session, ClientSessionContext clientSessionCtx, jakarta.ws.rs.core.UriInfo uriInfo)
TokenManager.AccessTokenResponseBuilder	TokenManager.responseBuilder(RealmModel realm, ClientModel client, EventBuilder event, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	TokenManager.transformAccessToken(KeycloakSession session, AccessToken token, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessTokenResponse	TokenManager.transformAccessTokenResponse(KeycloakSession session, AccessTokenResponse accessTokenResponse, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
IDToken	TokenManager.transformIDToken(KeycloakSession session, IDToken token, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	TokenManager.transformIntrospectionAccessToken(KeycloakSession session, AccessToken token, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	TokenManager.transformUserInfoAccessToken(KeycloakSession session, AccessToken token, UserSessionModel userSession, ClientSessionContext clientSessionCtx)

Constructors in org.keycloak.protocol.oidc with parameters of type ClientSessionContext

Modifier	Constructor	Description
	AccessTokenResponseBuilder(RealmModel realm, ClientModel client, EventBuilder event, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
	TokenValidation(UserModel user, UserSessionModel userSession, ClientSessionContext clientSessionCtx, AccessToken newToken)

Uses of ClientSessionContext in org.keycloak.protocol.oidc.grants

Methods in org.keycloak.protocol.oidc.grants with parameters of type ClientSessionContext

Modifier and Type	Method	Description
protected jakarta.ws.rs.core.Response	OAuth2GrantTypeBase.createTokenResponse(UserModel user, UserSessionModel userSession, ClientSessionContext clientSessionCtx, String scopeParam, boolean code, Function<TokenManager.AccessTokenResponseBuilder,ClientPolicyContext> clientPolicyContextGenerator)

Uses of ClientSessionContext in org.keycloak.protocol.oidc.grants.ciba.clientpolicy.context

Methods in org.keycloak.protocol.oidc.grants.ciba.clientpolicy.context that return ClientSessionContext

Modifier and Type	Method	Description
ClientSessionContext	BackchannelTokenResponseContext.getClientSessionContext()

Constructors in org.keycloak.protocol.oidc.grants.ciba.clientpolicy.context with parameters of type ClientSessionContext

Modifier	Constructor	Description
	BackchannelTokenResponseContext(CIBAAuthenticationRequest parsedRequest, jakarta.ws.rs.core.MultivaluedMap<String,String> requestParameters, ClientSessionContext clientSessionCtx, TokenManager.AccessTokenResponseBuilder accessTokenResponseBuilder)

Uses of ClientSessionContext in org.keycloak.protocol.oidc.mappers

Methods in org.keycloak.protocol.oidc.mappers with parameters of type ClientSessionContext

Modifier and Type	Method	Description
protected void	AbstractOIDCProtocolMapper.setClaim(AccessTokenResponse accessTokenResponse, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)	Intended to be overridden in ProtocolMapper implementations to add claims to an token.
protected void	AbstractOIDCProtocolMapper.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)	Intended to be overridden in ProtocolMapper implementations to add claims to an token.
protected void	AcrProtocolMapper.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)
protected void	AmrProtocolMapper.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)
protected void	AudienceProtocolMapper.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)
protected void	ClaimsParameterTokenMapper.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)
protected void	ClaimsParameterWithValueIdTokenMapper.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)
protected void	HardcodedClaim.setClaim(AccessTokenResponse accessTokenResponse, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)
protected void	HardcodedRole.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession session, ClientSessionContext clientSessionCtx)
protected void	RoleNameMapper.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession session, ClientSessionContext clientSessionCtx)
protected void	ScriptBasedOIDCProtocolMapper.setClaim(AccessTokenResponse accessTokenResponse, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)
protected void	ScriptBasedOIDCProtocolMapper.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)
protected void	SessionStateMapper.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)
protected void	SubMapper.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)
protected void	UserClientRoleMappingMapper.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession session, ClientSessionContext clientSessionCtx)
protected void	UserRealmRoleMappingMapper.setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession session, ClientSessionContext clientSessionCtx)
protected void	UserSessionNoteMapper.setClaim(AccessTokenResponse accessTokenResponse, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)
AccessToken	AbstractOIDCProtocolMapper.transformAccessToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	AbstractPairwiseSubMapper.transformAccessToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	AllowedWebOriginsProtocolMapper.transformAccessToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	AudienceResolveProtocolMapper.transformAccessToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	HardcodedRole.transformAccessToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	NonceBackwardsCompatibleMapper.transformAccessToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	OIDCAccessTokenMapper.transformAccessToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	RoleNameMapper.transformAccessToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessTokenResponse	AbstractOIDCProtocolMapper.transformAccessTokenResponse(AccessTokenResponse accessTokenResponse, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessTokenResponse	OIDCAccessTokenResponseMapper.transformAccessTokenResponse(AccessTokenResponse accessTokenResponse, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
IDToken	AbstractOIDCProtocolMapper.transformIDToken(IDToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
IDToken	AbstractPairwiseSubMapper.transformIDToken(IDToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
IDToken	OIDCIDTokenMapper.transformIDToken(IDToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSession)
AccessToken	AbstractOIDCProtocolMapper.transformIntrospectionToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	AbstractPairwiseSubMapper.transformIntrospectionToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	AllowedWebOriginsProtocolMapper.transformIntrospectionToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	AudienceResolveProtocolMapper.transformIntrospectionToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	HardcodedRole.transformIntrospectionToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	RoleNameMapper.transformIntrospectionToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	TokenIntrospectionTokenMapper.transformIntrospectionToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	AbstractOIDCProtocolMapper.transformUserInfoToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	AbstractPairwiseSubMapper.transformUserInfoToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	HardcodedRole.transformUserInfoToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	RoleNameMapper.transformUserInfoToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
AccessToken	UserInfoTokenMapper.transformUserInfoToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)

Uses of ClientSessionContext in org.keycloak.protocol.saml

Methods in org.keycloak.protocol.saml with parameters of type ClientSessionContext

Modifier and Type	Method	Description
jakarta.ws.rs.core.Response	SamlProtocol.authenticated(AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
void	SamlProtocol.populateRoles(SamlProtocol.ProtocolMapperProcessor<SAMLRoleListMapper> roleListMapper, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx, AttributeStatementType existingAttributeStatement)
ResponseType	SamlProtocol.transformLoginResponse(List<SamlProtocol.ProtocolMapperProcessor<SAMLLoginResponseMapper>> mappers, ResponseType response, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)

Uses of ClientSessionContext in org.keycloak.protocol.saml.mappers

Methods in org.keycloak.protocol.saml.mappers with parameters of type ClientSessionContext

Modifier and Type	Method	Description
void	RoleListMapper.mapRoles(AttributeStatementType roleAttributeStatement, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
void	SAMLRoleListMapper.mapRoles(AttributeStatementType roleAttributeStatement, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
ResponseType	SAMLAudienceProtocolMapper.transformLoginResponse(ResponseType response, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
ResponseType	SAMLAudienceResolveProtocolMapper.transformLoginResponse(ResponseType response, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
ResponseType	SAMLLoginResponseMapper.transformLoginResponse(ResponseType response, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)

Uses of ClientSessionContext in org.keycloak.services.clientpolicy.context

Methods in org.keycloak.services.clientpolicy.context that return ClientSessionContext

Modifier and Type	Method	Description
ClientSessionContext	ImplicitHybridTokenResponse.getClientSessionContext()
ClientSessionContext	ResourceOwnerPasswordCredentialsResponseContext.getClientSessionContext()
ClientSessionContext	TokenResponseContext.getClientSessionContext()

Constructors in org.keycloak.services.clientpolicy.context with parameters of type ClientSessionContext

Modifier	Constructor	Description
	ImplicitHybridTokenResponse(AuthenticationSessionModel authSession, ClientSessionContext clientSessionCtx, TokenManager.AccessTokenResponseBuilder accessTokenResponseBuilder)
	ResourceOwnerPasswordCredentialsResponseContext(jakarta.ws.rs.core.MultivaluedMap<String,String> params, ClientSessionContext clientSessionCtx, TokenManager.AccessTokenResponseBuilder accessTokenResponseBuilder)
	TokenResponseContext(jakarta.ws.rs.core.MultivaluedMap<String,String> params, OAuth2CodeParser.ParseResult parseResult, ClientSessionContext clientSessionCtx, TokenManager.AccessTokenResponseBuilder accessTokenResponseBuilder)

Uses of ClientSessionContext in org.keycloak.services.managers

Methods in org.keycloak.services.managers with parameters of type ClientSessionContext

Modifier and Type	Method	Description
boolean	UserSessionManager.isOfflineTokenAllowed(ClientSessionContext clientSessionCtx)
static jakarta.ws.rs.core.Response	AuthenticationManager.redirectAfterSuccessfulFlow(KeycloakSession session, RealmModel realm, UserSessionModel userSession, ClientSessionContext clientSessionCtx, HttpRequest request, jakarta.ws.rs.core.UriInfo uriInfo, ClientConnection clientConnection, EventBuilder event, AuthenticationSessionModel authSession)
static jakarta.ws.rs.core.Response	AuthenticationManager.redirectAfterSuccessfulFlow(KeycloakSession session, RealmModel realm, UserSessionModel userSession, ClientSessionContext clientSessionCtx, HttpRequest request, jakarta.ws.rs.core.UriInfo uriInfo, ClientConnection clientConnection, EventBuilder event, AuthenticationSessionModel authSession, LoginProtocol protocol)

Uses of ClientSessionContext in org.keycloak.services.util

Classes in org.keycloak.services.util that implement ClientSessionContext

Modifier and Type	Class	Description
class	DefaultClientSessionContext	Not thread safe.

Uses of ClientSessionContext in org.keycloak.utils

Methods in org.keycloak.utils with parameters of type ClientSessionContext

Modifier and Type	Method	Description
static Map<String,AccessToken.Access>	RoleResolveUtil.getAllResolvedClientRoles(KeycloakSession session, ClientSessionContext clientSessionCtx)	Object (but can be empty map) containing all the user's client roles of all clients.
static AccessToken.Access	RoleResolveUtil.getResolvedClientRoles(KeycloakSession session, ClientSessionContext clientSessionCtx, String clientId, boolean createIfMissing)	Object (possibly null) containing all the user's client roles of client specified by clientId.
static AccessToken.Access	RoleResolveUtil.getResolvedRealmRoles(KeycloakSession session, ClientSessionContext clientSessionCtx, boolean createIfMissing)	Object (possibly null) containing all the user's realm roles.