Class BackchannelAuthenticationCallbackEndpoint
java.lang.Object
org.keycloak.protocol.oidc.grants.ciba.endpoints.AbstractCibaEndpoint
org.keycloak.protocol.oidc.grants.ciba.endpoints.BackchannelAuthenticationCallbackEndpoint
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionprotected static class -
Field Summary
Fields inherited from class org.keycloak.protocol.oidc.grants.ciba.endpoints.AbstractCibaEndpoint
event, realm, session -
Constructor Summary
ConstructorsConstructorDescriptionBackchannelAuthenticationCallbackEndpoint(KeycloakSession session, EventBuilder event) -
Method Summary
Modifier and TypeMethodDescriptionprotected voidapproveRequest(String authReqId, Map<String, String> additionalParams) Approves the request respectively the code.protected voidcancelRequest(String authResultId) Handels the cancellation of an authentication request.protected voiddenyRequest(String authReqId, AuthenticationChannelResponse.Status status) protected StringgetRawBearerToken(jakarta.ws.rs.core.HttpHeaders httpHeaders, AuthenticationChannelResponse response) Extracts the raw bearer token from the request.protected AuthenticationChannelResponse.StatuspreApprove(AuthenticationChannelResponse response) Is called before the request approving, allows additional validation of other factors.jakarta.ws.rs.core.Responseprotected voidsendClientNotificationRequest(ClientModel client, CibaConfig cibaConfig, OAuth2DeviceCodeModel deviceModel) verifyAuthenticationRequest(String rawBearerToken) Methods inherited from class org.keycloak.protocol.oidc.grants.ciba.endpoints.AbstractCibaEndpoint
authenticateClient, checkRealm, checkSsl
-
Constructor Details
-
BackchannelAuthenticationCallbackEndpoint
-
-
Method Details
-
processAuthenticationChannelResult
@Path("/") @POST @Consumes("application/json") @Produces("application/json") public jakarta.ws.rs.core.Response processAuthenticationChannelResult(AuthenticationChannelResponse response) -
verifyAuthenticationRequest
protected BackchannelAuthenticationCallbackEndpoint.BackchannelAuthCallbackContext verifyAuthenticationRequest(String rawBearerToken) -
cancelRequest
Handels the cancellation of an authentication request.- Parameters:
authResultId- The id to identify the request.
-
preApprove
Is called before the request approving, allows additional validation of other factors.- Parameters:
response- TheAuthenticationChannelResponseto work with.- Returns:
- The
AuthenticationChannelResponse.Statusof the response, after pre-approving.
-
approveRequest
Approves the request respectively the code.- Parameters:
authReqId- The id to identify the request.additionalParams- Additional parameters.
-
denyRequest
-
getRawBearerToken
protected String getRawBearerToken(jakarta.ws.rs.core.HttpHeaders httpHeaders, AuthenticationChannelResponse response) Extracts the raw bearer token from the request.- Parameters:
httpHeaders- The request headers.response- TheAuthenticationChannelResponse- Returns:
- The raw bearer token.
-
sendClientNotificationRequest
protected void sendClientNotificationRequest(ClientModel client, CibaConfig cibaConfig, OAuth2DeviceCodeModel deviceModel)
-