Package org.keycloak.protocol

Class AuthorizationEndpointBase

java.lang.Object

org.keycloak.protocol.AuthorizationEndpointBase

Direct Known Subclasses:

AuthorizationEndpoint, DeviceEndpoint, DockerEndpoint, SamlService

public abstract class AuthorizationEndpointBase
extends Object

Common base class for Authorization REST endpoints implementation, which have to be implemented by each protocol.

Author:

Vlastimil Elias (velias at redhat dot com)

Field Summary

Fields

Modifier and Type	Field	Description
static final String	APP_INITIATED_FLOW
protected AuthenticationManager	authManager
protected final ClientConnection	clientConnection
protected final EventBuilder	event
protected final jakarta.ws.rs.core.HttpHeaders	headers
protected final HttpRequest	httpRequest
protected final RealmModel	realm
protected final KeycloakSession	session

Constructor Summary

Constructors

Constructor	Description
AuthorizationEndpointBase(KeycloakSession session, EventBuilder event)

Method Summary

Modifier and Type	Method	Description
protected void	checkRealm()
protected void	checkSsl()
protected AuthenticationSessionModel	createAuthenticationSession(ClientModel client, String requestState)
protected AuthenticationProcessor	createProcessor(AuthenticationSessionModel authSession, String flowId, String flowPath)
protected AuthenticationFlowModel	getAuthenticationFlow(AuthenticationSessionModel authSession)
protected jakarta.ws.rs.core.Response	handleBrowserAuthenticationRequest(AuthenticationSessionModel authSession, LoginProtocol protocol, boolean isPassive, boolean redirectToAuthentication)	Common method to handle browser authentication request in protocols unified way.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

APP_INITIATED_FLOW

public static final String APP_INITIATED_FLOW

See Also:

• Constant Field Values

realm

protected final RealmModel realm

event

protected final EventBuilder event

authManager

protected AuthenticationManager authManager

headers

protected final jakarta.ws.rs.core.HttpHeaders headers

httpRequest

protected final HttpRequest httpRequest

session

protected final KeycloakSession session

clientConnection

protected final ClientConnection clientConnection

Constructor Details

AuthorizationEndpointBase

public AuthorizationEndpointBase(KeycloakSession session,
 EventBuilder event)

Method Details

createProcessor

protected AuthenticationProcessor createProcessor(AuthenticationSessionModel authSession,
 String flowId,
 String flowPath)

handleBrowserAuthenticationRequest

protected jakarta.ws.rs.core.Response handleBrowserAuthenticationRequest(AuthenticationSessionModel authSession,
 LoginProtocol protocol,
 boolean isPassive,
 boolean redirectToAuthentication)

Common method to handle browser authentication request in protocols unified way.

Parameters:

authSession - for current request

protocol - handler for protocol used to initiate login

isPassive - set to true if login should be passive (without login screen shown)

redirectToAuthentication - if true redirect to flow url. If initial call to protocol is a POST, you probably want to do this. This is so we can disable the back button on browser

Returns:

response to be returned to the browser

getAuthenticationFlow

protected AuthenticationFlowModel getAuthenticationFlow(AuthenticationSessionModel authSession)

checkSsl

protected void checkSsl()

checkRealm

protected void checkRealm()

createAuthenticationSession

protected AuthenticationSessionModel createAuthenticationSession(ClientModel client,
 String requestState)