Package org.keycloak.protocol
Class AuthorizationEndpointBase
java.lang.Object
org.keycloak.protocol.AuthorizationEndpointBase
- Direct Known Subclasses:
AuthorizationEndpoint
,DeviceEndpoint
,DockerEndpoint
,SamlService
Common base class for Authorization REST endpoints implementation, which have to be implemented by each protocol.
- Author:
- Vlastimil Elias (velias at redhat dot com)
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
protected AuthenticationManager
protected final ClientConnection
protected final EventBuilder
protected final jakarta.ws.rs.core.HttpHeaders
protected final HttpRequest
protected final RealmModel
protected final KeycloakSession
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected void
protected void
checkSsl()
protected AuthenticationSessionModel
createAuthenticationSession
(ClientModel client, String requestState) protected AuthenticationProcessor
createProcessor
(AuthenticationSessionModel authSession, String flowId, String flowPath) protected AuthenticationFlowModel
getAuthenticationFlow
(AuthenticationSessionModel authSession) protected jakarta.ws.rs.core.Response
handleBrowserAuthenticationRequest
(AuthenticationSessionModel authSession, LoginProtocol protocol, boolean isPassive, boolean redirectToAuthentication) Common method to handle browser authentication request in protocols unified way.
-
Field Details
-
APP_INITIATED_FLOW
- See Also:
-
realm
-
event
-
authManager
-
headers
protected final jakarta.ws.rs.core.HttpHeaders headers -
httpRequest
-
session
-
clientConnection
-
-
Constructor Details
-
AuthorizationEndpointBase
-
-
Method Details
-
createProcessor
protected AuthenticationProcessor createProcessor(AuthenticationSessionModel authSession, String flowId, String flowPath) -
handleBrowserAuthenticationRequest
protected jakarta.ws.rs.core.Response handleBrowserAuthenticationRequest(AuthenticationSessionModel authSession, LoginProtocol protocol, boolean isPassive, boolean redirectToAuthentication) Common method to handle browser authentication request in protocols unified way.- Parameters:
authSession
- for current requestprotocol
- handler for protocol used to initiate loginisPassive
- set to true if login should be passive (without login screen shown)redirectToAuthentication
- if true redirect to flow url. If initial call to protocol is a POST, you probably want to do this. This is so we can disable the back button on browser- Returns:
- response to be returned to the browser
-
getAuthenticationFlow
-
checkSsl
protected void checkSsl() -
checkRealm
protected void checkRealm() -
createAuthenticationSession
protected AuthenticationSessionModel createAuthenticationSession(ClientModel client, String requestState)
-