Package org.keycloak.services.resources
Class LoginActionsService
java.lang.Object
org.keycloak.services.resources.LoginActionsService
- Author:
- Stian Thorgersen
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
static final String
static final String
static final String
static final String
static final String
protected final jakarta.ws.rs.core.HttpHeaders
static final String
static final String
static final String
static final String
static final String
protected final KeycloakSession
static final String
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic jakarta.ws.rs.core.UriBuilder
actionTokenProcessor
(jakarta.ws.rs.core.UriInfo uriInfo) jakarta.ws.rs.core.Response
authenticate
(String authSessionId, String code, String execution, String clientId, String tabId, String clientData) protocol independent login page entry pointjakarta.ws.rs.core.Response
authenticateForm
(String authSessionId, String code, String execution, String clientId, String tabId, String clientData) URL called after login page.static jakarta.ws.rs.core.UriBuilder
authenticationFormProcessor
(jakarta.ws.rs.core.UriInfo uriInfo) protected jakarta.ws.rs.core.Response
brokerLoginFlow
(String authSessionId, String code, String execution, String clientId, String tabId, String clientData, String flowPath) jakarta.ws.rs.core.Response
detachedInfo
(String stateCheckerParam) protocol independent "detached info" page.jakarta.ws.rs.core.Response
executeActionToken
(String authSessionId, String key, String execution, String clientId, String clientData, String tabId) Handles a given token using the given token handler.jakarta.ws.rs.core.Response
firstBrokerLoginGet
(String authSessionId, String code, String execution, String clientId, String clientData, String tabId) jakarta.ws.rs.core.Response
firstBrokerLoginPost
(String authSessionId, String code, String execution, String clientId, String clientData, String tabId) static jakarta.ws.rs.core.UriBuilder
firstBrokerLoginProcessor
(jakarta.ws.rs.core.UriInfo uriInfo) protected URI
getLastExecutionUrl
(String flowPath, String executionId, String clientId, String tabId, String clientData) protected <T extends JsonWebToken & SingleUseObjectKeyModel>
jakarta.ws.rs.core.ResponsehandleActionToken
(String tokenString, String execution, String clientId, String tabId, String clientData, TriFunction<ActionTokenHandler<T>, T, ActionTokenContext<T>, jakarta.ws.rs.core.Response> preHandleToken) static jakarta.ws.rs.core.UriBuilder
loginActionsBaseUrl
(jakarta.ws.rs.core.UriBuilder baseUriBuilder) static jakarta.ws.rs.core.UriBuilder
loginActionsBaseUrl
(jakarta.ws.rs.core.UriInfo uriInfo) jakarta.ws.rs.core.Response
postBrokerLoginGet
(String authSessionId, String code, String execution, String clientId, String clientData, String tabId) jakarta.ws.rs.core.Response
postBrokerLoginPost
(String authSessionId, String code, String execution, String clientId, String clientData, String tabId) static jakarta.ws.rs.core.UriBuilder
postBrokerLoginProcessor
(jakarta.ws.rs.core.UriInfo uriInfo) jakarta.ws.rs.core.Response
preHandleActionToken
(String tokenString) protected jakarta.ws.rs.core.Response
processAuthentication
(boolean action, String execution, AuthenticationSessionModel authSession, String errorMessage) jakarta.ws.rs.core.Response
OAuth grant page.protected jakarta.ws.rs.core.Response
processFlow
(boolean action, String execution, AuthenticationSessionModel authSession, String flowPath, AuthenticationFlowModel flow, String errorMessage, AuthenticationProcessor processor) protected void
processLocaleParam
(AuthenticationSessionModel authSession) jakarta.ws.rs.core.Response
processRegister
(String authSessionId, String code, String execution, String clientId, String clientData, String tabId, String tokenString) Registrationprotected jakarta.ws.rs.core.Response
processRegistration
(boolean action, String execution, AuthenticationSessionModel authSession, String errorMessage) protected jakarta.ws.rs.core.Response
processResetCredentials
(boolean actionRequest, String execution, AuthenticationSessionModel authSession, String errorMessage) static jakarta.ws.rs.core.Response
redirectToAfterBrokerLoginEndpoint
(KeycloakSession session, RealmModel realm, jakarta.ws.rs.core.UriInfo uriInfo, AuthenticationSessionModel authSession, boolean firstBrokerLogin) jakarta.ws.rs.core.Response
registerPage
(String authSessionId, String code, String execution, String clientId, String clientData, String tabId) protocol independent registration page entry pointstatic jakarta.ws.rs.core.UriBuilder
registrationFormProcessor
(jakarta.ws.rs.core.UriInfo uriInfo) jakarta.ws.rs.core.Response
requiredActionGET
(String authSessionId, String code, String action, String clientId, String clientData, String tabId) jakarta.ws.rs.core.Response
requiredActionPOST
(String authSessionId, String code, String action, String clientId, String clientData, String tabId) static jakarta.ws.rs.core.UriBuilder
requiredActionProcessor
(jakarta.ws.rs.core.UriInfo uriInfo) protected jakarta.ws.rs.core.Response
resetCredentials
(String authSessionId, String code, String execution, String clientId, String tabId, String clientData) jakarta.ws.rs.core.Response
resetCredentialsGET
(String authSessionId, String code, String execution, String clientId, String redirectUri, String tabId, String clientData) Endpoint for executing reset credentials flow.jakarta.ws.rs.core.Response
resetCredentialsPOST
(String authSessionId, String code, String execution, String clientId, String tabId, String clientData, String key) jakarta.ws.rs.core.Response
restartSession
(String authSessionId, String clientId, String tabId, String clientData, String skipLogout) protocol independent page for restart of the flow
-
Field Details
-
AUTHENTICATE_PATH
- See Also:
-
REGISTRATION_PATH
- See Also:
-
RESET_CREDENTIALS_PATH
- See Also:
-
REQUIRED_ACTION
- See Also:
-
FIRST_BROKER_LOGIN_PATH
- See Also:
-
POST_BROKER_LOGIN_PATH
- See Also:
-
RESTART_PATH
- See Also:
-
DETACHED_INFO_PATH
- See Also:
-
FORWARDED_ERROR_MESSAGE_NOTE
- See Also:
-
SESSION_CODE
- See Also:
-
AUTH_SESSION_ID
- See Also:
-
CANCEL_AIA
- See Also:
-
headers
protected final jakarta.ws.rs.core.HttpHeaders headers -
session
-
-
Constructor Details
-
LoginActionsService
-
-
Method Details
-
loginActionsBaseUrl
public static jakarta.ws.rs.core.UriBuilder loginActionsBaseUrl(jakarta.ws.rs.core.UriInfo uriInfo) -
authenticationFormProcessor
public static jakarta.ws.rs.core.UriBuilder authenticationFormProcessor(jakarta.ws.rs.core.UriInfo uriInfo) -
requiredActionProcessor
public static jakarta.ws.rs.core.UriBuilder requiredActionProcessor(jakarta.ws.rs.core.UriInfo uriInfo) -
actionTokenProcessor
public static jakarta.ws.rs.core.UriBuilder actionTokenProcessor(jakarta.ws.rs.core.UriInfo uriInfo) -
registrationFormProcessor
public static jakarta.ws.rs.core.UriBuilder registrationFormProcessor(jakarta.ws.rs.core.UriInfo uriInfo) -
firstBrokerLoginProcessor
public static jakarta.ws.rs.core.UriBuilder firstBrokerLoginProcessor(jakarta.ws.rs.core.UriInfo uriInfo) -
postBrokerLoginProcessor
public static jakarta.ws.rs.core.UriBuilder postBrokerLoginProcessor(jakarta.ws.rs.core.UriInfo uriInfo) -
loginActionsBaseUrl
public static jakarta.ws.rs.core.UriBuilder loginActionsBaseUrl(jakarta.ws.rs.core.UriBuilder baseUriBuilder) -
getLastExecutionUrl
-
restartSession
@Path("restart") @GET public jakarta.ws.rs.core.Response restartSession(@QueryParam("auth_session_id") String authSessionId, @QueryParam("client_id") String clientId, @QueryParam("tab_id") String tabId, @QueryParam("client_data") String clientData, @QueryParam("skip_logout") String skipLogout) protocol independent page for restart of the flow- Returns:
-
detachedInfo
@Path("detached-info") @GET public jakarta.ws.rs.core.Response detachedInfo(@QueryParam("kc_state_checker") String stateCheckerParam) protocol independent "detached info" page. Shown when locale is changed by user on info/error page after authenticationSession was already removed.- Returns:
-
authenticate
@Path("authenticate") @GET public jakarta.ws.rs.core.Response authenticate(@QueryParam("auth_session_id") String authSessionId, @QueryParam("session_code") String code, @QueryParam("execution") String execution, @QueryParam("client_id") String clientId, @QueryParam("tab_id") String tabId, @QueryParam("client_data") String clientData) protocol independent login page entry point- Parameters:
code
-- Returns:
-
processLocaleParam
-
processAuthentication
protected jakarta.ws.rs.core.Response processAuthentication(boolean action, String execution, AuthenticationSessionModel authSession, String errorMessage) -
processFlow
protected jakarta.ws.rs.core.Response processFlow(boolean action, String execution, AuthenticationSessionModel authSession, String flowPath, AuthenticationFlowModel flow, String errorMessage, AuthenticationProcessor processor) -
authenticateForm
@Path("authenticate") @POST public jakarta.ws.rs.core.Response authenticateForm(@QueryParam("auth_session_id") String authSessionId, @QueryParam("session_code") String code, @QueryParam("execution") String execution, @QueryParam("client_id") String clientId, @QueryParam("tab_id") String tabId, @QueryParam("client_data") String clientData) URL called after login page. YOU SHOULD NEVER INVOKE THIS DIRECTLY!- Parameters:
code
-- Returns:
-
resetCredentialsPOST
@Path("reset-credentials") @POST public jakarta.ws.rs.core.Response resetCredentialsPOST(@QueryParam("auth_session_id") String authSessionId, @QueryParam("session_code") String code, @QueryParam("execution") String execution, @QueryParam("client_id") String clientId, @QueryParam("tab_id") String tabId, @QueryParam("client_data") String clientData, @QueryParam("key") String key) -
resetCredentialsGET
@Path("reset-credentials") @GET public jakarta.ws.rs.core.Response resetCredentialsGET(@QueryParam("auth_session_id") String authSessionId, @QueryParam("session_code") String code, @QueryParam("execution") String execution, @QueryParam("client_id") String clientId, @QueryParam("redirect_uri") String redirectUri, @QueryParam("tab_id") String tabId, @QueryParam("client_data") String clientData) Endpoint for executing reset credentials flow. If token is null, a authentication session is created with the account service as the client. Successful reset sends you to the account page. Note, account service must be enabled.- Parameters:
code
-execution
-- Returns:
-
resetCredentials
protected jakarta.ws.rs.core.Response resetCredentials(String authSessionId, String code, String execution, String clientId, String tabId, String clientData) - Parameters:
code
-execution
-- Returns:
-
executeActionToken
@Path("action-token") @GET public jakarta.ws.rs.core.Response executeActionToken(@QueryParam("auth_session_id") String authSessionId, @QueryParam("key") String key, @QueryParam("execution") String execution, @QueryParam("client_id") String clientId, @QueryParam("client_data") String clientData, @QueryParam("tab_id") String tabId) Handles a given token using the given token handler. If there is anyVerificationException
thrown in the handler, it is handled automatically here to reduce boilerplate code.- Parameters:
key
-execution
-- Returns:
-
handleActionToken
protected <T extends JsonWebToken & SingleUseObjectKeyModel> jakarta.ws.rs.core.Response handleActionToken(String tokenString, String execution, String clientId, String tabId, String clientData, TriFunction<ActionTokenHandler<T>, T, ActionTokenContext<T>, jakarta.ws.rs.core.Response> preHandleToken) -
processResetCredentials
protected jakarta.ws.rs.core.Response processResetCredentials(boolean actionRequest, String execution, AuthenticationSessionModel authSession, String errorMessage) -
processRegistration
protected jakarta.ws.rs.core.Response processRegistration(boolean action, String execution, AuthenticationSessionModel authSession, String errorMessage) -
registerPage
@Path("registration") @GET public jakarta.ws.rs.core.Response registerPage(@QueryParam("auth_session_id") String authSessionId, @QueryParam("session_code") String code, @QueryParam("execution") String execution, @QueryParam("client_id") String clientId, @QueryParam("client_data") String clientData, @QueryParam("tab_id") String tabId) protocol independent registration page entry point- Parameters:
code
-- Returns:
-
processRegister
@Path("registration") @POST public jakarta.ws.rs.core.Response processRegister(@QueryParam("auth_session_id") String authSessionId, @QueryParam("session_code") String code, @QueryParam("execution") String execution, @QueryParam("client_id") String clientId, @QueryParam("client_data") String clientData, @QueryParam("tab_id") String tabId, @QueryParam("token") String tokenString) Registration- Parameters:
code
-- Returns:
-
firstBrokerLoginGet
@Path("first-broker-login") @GET public jakarta.ws.rs.core.Response firstBrokerLoginGet(@QueryParam("auth_session_id") String authSessionId, @QueryParam("session_code") String code, @QueryParam("execution") String execution, @QueryParam("client_id") String clientId, @QueryParam("client_data") String clientData, @QueryParam("tab_id") String tabId) -
firstBrokerLoginPost
@Path("first-broker-login") @POST public jakarta.ws.rs.core.Response firstBrokerLoginPost(@QueryParam("auth_session_id") String authSessionId, @QueryParam("session_code") String code, @QueryParam("execution") String execution, @QueryParam("client_id") String clientId, @QueryParam("client_data") String clientData, @QueryParam("tab_id") String tabId) -
postBrokerLoginGet
@Path("post-broker-login") @GET public jakarta.ws.rs.core.Response postBrokerLoginGet(@QueryParam("auth_session_id") String authSessionId, @QueryParam("session_code") String code, @QueryParam("execution") String execution, @QueryParam("client_id") String clientId, @QueryParam("client_data") String clientData, @QueryParam("tab_id") String tabId) -
postBrokerLoginPost
@Path("post-broker-login") @POST public jakarta.ws.rs.core.Response postBrokerLoginPost(@QueryParam("auth_session_id") String authSessionId, @QueryParam("session_code") String code, @QueryParam("execution") String execution, @QueryParam("client_id") String clientId, @QueryParam("client_data") String clientData, @QueryParam("tab_id") String tabId) -
brokerLoginFlow
-
redirectToAfterBrokerLoginEndpoint
public static jakarta.ws.rs.core.Response redirectToAfterBrokerLoginEndpoint(KeycloakSession session, RealmModel realm, jakarta.ws.rs.core.UriInfo uriInfo, AuthenticationSessionModel authSession, boolean firstBrokerLogin) -
processConsent
@Path("consent") @POST @Consumes("application/x-www-form-urlencoded") public jakarta.ws.rs.core.Response processConsent()OAuth grant page. You should not invoked this directly!- Returns:
-
requiredActionPOST
@Path("required-action") @POST public jakarta.ws.rs.core.Response requiredActionPOST(@QueryParam("auth_session_id") String authSessionId, @QueryParam("session_code") String code, @QueryParam("execution") String action, @QueryParam("client_id") String clientId, @QueryParam("client_data") String clientData, @QueryParam("tab_id") String tabId) -
requiredActionGET
@Path("required-action") @GET public jakarta.ws.rs.core.Response requiredActionGET(@QueryParam("auth_session_id") String authSessionId, @QueryParam("session_code") String code, @QueryParam("execution") String action, @QueryParam("client_id") String clientId, @QueryParam("client_data") String clientData, @QueryParam("tab_id") String tabId) -
preHandleActionToken
-