Class AuthzEndpointRequestParser
java.lang.Object
org.keycloak.protocol.oidc.endpoints.request.AuthzEndpointRequestParser
- Direct Known Subclasses:
AuthzEndpointParParser
,AuthzEndpointQueryStringParser
,AuthzEndpointRequestObjectParser
This endpoint parser supports, per default, up to
5 parameters with each
having a total size of 2000.
If there are more authentication request parameters, or a parameter has a size
than allowed, those parameters are silently ignored.
You can toggle the behavior by setting (additionalReqParamsFailFast
) that enables the fail-fast principle.
Any request parameter in violation of the configuration results in an
error response, e.g.,
- for a Pushed Authorization Request (PAR) this results in a JSON response.
- For openid/auth in an error page with an "Back to Application" button using the client's base URL. (if valid) as redirect target.
Additionally, (additionalReqParamMaxOverallSize
) can be configured
that sets the maximum of size of all parameters combined. If not provided, Integer.MAX_VALUE
will be used.
- Author:
- Manuel Schallar, Marek Posolda
-
Field Summary
-
Constructor Summary
ModifierConstructorDescriptionprotected
AuthzEndpointRequestParser
(KeycloakSession keycloakSession) -
Method Summary
Modifier and TypeMethodDescriptionprotected void
extractAdditionalReqParams
(Map<String, String> additionalReqParams) protected abstract Integer
getIntParameter
(String paramName) protected abstract String
getParameter
(String paramName) keySet()
void
parseRequest
(AuthorizationEndpointRequest request) protected <T> T
replaceIfNotNull
(T previousVal, T newVal) protected void
validateResponseTypeParameter
(String responseTypeParameter, AuthorizationEndpointRequest request)
-
Field Details
-
additionalReqParamsMaxNumber
protected final int additionalReqParamsMaxNumber -
additionalReqParamsMaxSize
protected final int additionalReqParamsMaxSize -
additionalReqParamsFailFast
protected final boolean additionalReqParamsFailFast -
additionalReqParamsMaxOverallSize
protected final int additionalReqParamsMaxOverallSize -
AUTHZ_REQUEST_OBJECT
- See Also:
-
AUTHZ_REQUEST_OBJECT_ENCRYPTED
- See Also:
-
KNOWN_REQ_PARAMS
Set of known protocol GET params not to be stored into additionalReqParams}
-
-
Constructor Details
-
AuthzEndpointRequestParser
-
-
Method Details
-
parseRequest
-
validateResponseTypeParameter
protected void validateResponseTypeParameter(String responseTypeParameter, AuthorizationEndpointRequest request) -
extractAdditionalReqParams
-
replaceIfNotNull
protected <T> T replaceIfNotNull(T previousVal, T newVal) -
getParameter
-
getIntParameter
-
keySet
-