Class AuthenticationSessionManager

java.lang.Object
org.keycloak.services.managers.AuthenticationSessionManager

public class AuthenticationSessionManager extends Object
Author:
Marek Posolda
  • Constructor Details

    • AuthenticationSessionManager

      public AuthenticationSessionManager(KeycloakSession session)
  • Method Details

    • createAuthenticationSession

      public RootAuthenticationSessionModel createAuthenticationSession(RealmModel realm, boolean browserCookie)
      Creates a fresh authentication session for the given realm . Optionally sets the browser authentication session cookie with the ID of the new session.
      Parameters:
      realm -
      browserCookie - Set the cookie in the browser for the
      Returns:
    • getCurrentRootAuthenticationSession

      public RootAuthenticationSessionModel getCurrentRootAuthenticationSession(RealmModel realm)
    • getCurrentAuthenticationSession

      public AuthenticationSessionModel getCurrentAuthenticationSession(RealmModel realm, ClientModel client, String tabId)
      Returns current authentication session if it exists, otherwise returns null.
      Parameters:
      realm -
      Returns:
    • setAuthSessionCookie

      public void setAuthSessionCookie(String authSessionId)
      Parameters:
      authSessionId - decoded authSessionId (without route info attached)
    • setAuthSessionIdHashCookie

      public void setAuthSessionIdHashCookie(String authSessionId)
      Parameters:
      authSessionId - decoded authSessionId (without route info attached)
    • decodeBase64AndValidateSignature

      public String decodeBase64AndValidateSignature(String encodedBase64AuthSessionId, boolean validate)
    • removeAuthenticationSession

      public void removeAuthenticationSession(RealmModel realm, AuthenticationSessionModel authSession, boolean expireRestartCookie)
    • removeTabIdInAuthenticationSession

      public boolean removeTabIdInAuthenticationSession(RealmModel realm, AuthenticationSessionModel authSession)
      Remove authentication session from root session. Possibly remove whole root authentication session if there are no other browser tabs
      Parameters:
      realm -
      authSession -
      Returns:
      true if whole root authentication session was removed. False just if single tab was removed
    • updateAuthenticationSessionAfterSuccessfulAuthentication

      public void updateAuthenticationSessionAfterSuccessfulAuthentication(RealmModel realm, AuthenticationSessionModel authSession)
      This happens when one browser tab successfully finished authentication (including required actions and consent screen if applicable) Just authenticationSession of the current browser tab is removed from "root authentication session" and other tabs are kept, so authentication can be automatically finished in other browser tabs (typically with authChecker.js javascript)
      Parameters:
      realm -
      authSession -
    • getUserSession

      public UserSessionModel getUserSession(AuthenticationSessionModel authSession)
    • getAuthenticationSessionByIdAndClient

      public AuthenticationSessionModel getAuthenticationSessionByIdAndClient(RealmModel realm, String authSessionId, ClientModel client, String tabId)
    • getAuthenticationSessionByEncodedIdAndClient

      public AuthenticationSessionModel getAuthenticationSessionByEncodedIdAndClient(RealmModel realm, String encodedAuthSesionId, ClientModel client, String tabId)
    • getUserSessionFromAuthenticationCookie

      public UserSessionModel getUserSessionFromAuthenticationCookie(RealmModel realm)