Uses of Interface
org.keycloak.sessions.AuthenticationSessionModel
Package
Description
-
Uses of AuthenticationSessionModel in org.keycloak.authentication
Modifier and TypeFieldDescriptionprotected AuthenticationSessionModel
AuthenticationProcessor.authenticationSession
protected AuthenticationSessionModel
RequiredActionContextResult.authenticationSession
Modifier and TypeMethodDescriptionstatic AuthenticationSessionModel
AuthenticationProcessor.clone
(KeycloakSession session, AuthenticationSessionModel authSession) AuthenticationFlowContext.getAuthenticationSession()
AuthenticationSessionModel attached to this flowAuthenticationProcessor.getAuthenticationSession()
AuthenticationProcessor.Result.getAuthenticationSession()
FormContext.getAuthenticationSession()
AuthenticationSessionModel attached to this flowRequiredActionContext.getAuthenticationSession()
RequiredActionContextResult.getAuthenticationSession()
static AuthenticationSessionModel
AuthenticationProcessor.recreate
(KeycloakSession session, AuthenticationSessionModel authSession) Modifier and TypeMethodDescriptionstatic ClientSessionContext
AuthenticationProcessor.attachSession
(AuthenticationSessionModel authSession, UserSessionModel userSession, KeycloakSession session, RealmModel realm, ClientConnection connection, EventBuilder event) static AuthenticationSessionModel
AuthenticationProcessor.clone
(KeycloakSession session, AuthenticationSessionModel authSession) AuthenticatorUtil.getAuthCallbacksFactoryIds
(AuthenticationSessionModel authSession) Get set of Authentication factories IDs defined in authentication session as CALLBACKS_FACTORY_IDS_NOTEstatic String
AuthenticationProcessor.getClientData
(KeycloakSession session, AuthenticationSessionModel authSession) CredentialAction.getCredentialType
(KeycloakSession session, AuthenticationSessionModel authenticationSession) default void
RequiredActionProvider.initiatedActionCanceled
(KeycloakSession session, AuthenticationSessionModel authSession) Callback to let the action know that an application-initiated action was canceled.static boolean
AuthenticatorUtil.isForcedReauthentication
(AuthenticationSessionModel authSession) static boolean
AuthenticatorUtil.isForkedFlow
(AuthenticationSessionModel authSession) static boolean
AuthenticatorUtil.isPasswordValidated
(AuthenticationSessionModel authSession) static boolean
AuthenticatorUtil.isSSOAuthentication
(AuthenticationSessionModel authSession) static AuthenticationSessionModel
AuthenticationProcessor.recreate
(KeycloakSession session, AuthenticationSessionModel authSession) static void
AuthenticationProcessor.resetFlow
(AuthenticationSessionModel authSession, String flowPath) static void
AuthenticatorUtil.setAuthCallbacksFactoryIds
(AuthenticationSessionModel authSession, String authFactoryId) Set authentication session note for callbacks defined for {@link AuthenticationFlowCallbackFactory) factoriesAuthenticationProcessor.setAuthenticationSession
(AuthenticationSessionModel authenticationSession) ModifierConstructorDescriptionRequiredActionContextResult
(AuthenticationSessionModel authSession, RealmModel realm, EventBuilder eventBuilder, KeycloakSession session, HttpRequest httpRequest, UserModel user, RequiredActionFactory factory) -
Uses of AuthenticationSessionModel in org.keycloak.authentication.actiontoken
Modifier and TypeMethodDescriptionActionTokenContext.createAuthenticationSessionForClient
(String clientId) ActionTokenContext.getAuthenticationSession()
AbstractActionTokenHandler.startFreshAuthenticationSession
(T token, ActionTokenContext<T> tokenContext) ActionTokenHandler.startFreshAuthenticationSession
(T token, ActionTokenContext<T> tokenContext) Creates a fresh authentication session according to the information from the token.Modifier and TypeMethodDescriptionAbstractActionTokenHandler.getAuthenticationSessionIdFromToken
(T token, ActionTokenContext<T> tokenContext, AuthenticationSessionModel currentAuthSession) ActionTokenHandler.getAuthenticationSessionIdFromToken
(T token, ActionTokenContext<T> tokenContext, AuthenticationSessionModel currentAuthSession) Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.jakarta.ws.rs.core.Response
ActionTokenContext.ProcessAuthenticateFlow.processFlow
(boolean action, String execution, AuthenticationSessionModel authSession, String flowPath, AuthenticationFlowModel flow, String errorMessage, AuthenticationProcessor processor) void
ActionTokenContext.setAuthenticationSession
(AuthenticationSessionModel authenticationSession, boolean isFresh) -
Uses of AuthenticationSessionModel in org.keycloak.authentication.authenticators.broker
Modifier and TypeMethodDescriptionstatic UserModel
AbstractIdpAuthenticator.getExistingUser
(KeycloakSession session, RealmModel realm, AuthenticationSessionModel authSession) -
Uses of AuthenticationSessionModel in org.keycloak.authentication.authenticators.broker.util
Modifier and TypeMethodDescriptionSerializedBrokeredIdentityContext.deserialize
(KeycloakSession session, AuthenticationSessionModel authSession) SerializedBrokeredIdentityContext.readFromAuthenticationSession
(AuthenticationSessionModel authSession, String noteKey) void
SerializedBrokeredIdentityContext.saveToAuthenticationSession
(AuthenticationSessionModel authSession, String noteKey) -
Uses of AuthenticationSessionModel in org.keycloak.authentication.authenticators.util
Modifier and TypeMethodDescriptionstatic void
AuthenticatorUtils.updateCompletedExecutions
(AuthenticationSessionModel authSession, UserSessionModel userSession, String executionId) Update the completed authenticators note on the new auth sessionModifierConstructorDescriptionAcrStore
(KeycloakSession session, AuthenticationSessionModel authSession) -
Uses of AuthenticationSessionModel in org.keycloak.authentication.requiredactions
Modifier and TypeMethodDescriptionDeleteCredentialAction.getCredentialType
(KeycloakSession session, AuthenticationSessionModel authenticationSession) RecoveryAuthnCodesAction.getCredentialType
(KeycloakSession session, AuthenticationSessionModel authenticationSession) UpdateTotp.getCredentialType
(KeycloakSession session, AuthenticationSessionModel authenticationSession) WebAuthnRegister.getCredentialType
(KeycloakSession session, AuthenticationSessionModel authenticationSession) -
Uses of AuthenticationSessionModel in org.keycloak.broker.oidc
Modifier and TypeMethodDescriptionvoid
AbstractOAuth2IdentityProvider.authenticationFinished
(AuthenticationSessionModel authSession, BrokeredIdentityContext context) void
OIDCIdentityProvider.authenticationFinished
(AuthenticationSessionModel authSession, BrokeredIdentityContext context) protected boolean
OIDCIdentityProvider.isAuthTimeExpired
(JsonWebToken idToken, AuthenticationSessionModel authSession) -
Uses of AuthenticationSessionModel in org.keycloak.broker.provider
Modifier and TypeMethodDescriptionIdentityProvider.AuthenticationCallback.getAndVerifyAuthenticationSession
(String encodedCode) Common method to return current authenticationSession and verify if it is not expiredAuthenticationRequest.getAuthenticationSession()
BrokeredIdentityContext.getAuthenticationSession()
Modifier and TypeMethodDescriptionvoid
AbstractIdentityProvider.authenticationFinished
(AuthenticationSessionModel authSession, BrokeredIdentityContext context) void
IdentityProvider.authenticationFinished
(AuthenticationSessionModel authSession, BrokeredIdentityContext context) jakarta.ws.rs.core.Response
IdentityProvider.AuthenticationCallback.retryLogin
(IdentityProvider<?> identityProvider, AuthenticationSessionModel authSession) Indicates that login with the particular IDP should be retriedvoid
BrokeredIdentityContext.setAuthenticationSession
(AuthenticationSessionModel authenticationSession) ModifierConstructorDescriptionAuthenticationRequest
(KeycloakSession session, RealmModel realm, AuthenticationSessionModel authSession, HttpRequest httpRequest, jakarta.ws.rs.core.UriInfo uriInfo, IdentityBrokerState state, String redirectUri) -
Uses of AuthenticationSessionModel in org.keycloak.broker.saml
Modifier and TypeMethodDescriptionvoid
SAMLIdentityProvider.authenticationFinished
(AuthenticationSessionModel authSession, BrokeredIdentityContext context) -
Uses of AuthenticationSessionModel in org.keycloak.email
Modifier and TypeMethodDescriptionEmailTemplateProvider.setAuthenticationSession
(AuthenticationSessionModel authenticationSession) -
Uses of AuthenticationSessionModel in org.keycloak.email.freemarker
Modifier and TypeFieldDescriptionprotected AuthenticationSessionModel
FreeMarkerEmailTemplateProvider.authenticationSession
authenticationSession can be null for some email sendings, it is filled only for email sendings performed as part of the authentication session (email verification, password reset, broker link etc.)!Modifier and TypeMethodDescriptionFreeMarkerEmailTemplateProvider.setAuthenticationSession
(AuthenticationSessionModel authenticationSession) -
Uses of AuthenticationSessionModel in org.keycloak.forms.login
Modifier and TypeMethodDescriptionLoginFormsProvider.setAuthenticationSession
(AuthenticationSessionModel authenticationSession) -
Uses of AuthenticationSessionModel in org.keycloak.forms.login.freemarker
Modifier and TypeFieldDescriptionprotected AuthenticationSessionModel
FreeMarkerLoginFormsProvider.authenticationSession
authenticationSession can be null for some renderings, mainly error pagesModifier and TypeMethodDescriptionFreeMarkerLoginFormsProvider.setAuthenticationSession
(AuthenticationSessionModel authenticationSession) -
Uses of AuthenticationSessionModel in org.keycloak.forms.login.freemarker.model
ModifierConstructorDescriptionLogoutConfirmBean
(String code, AuthenticationSessionModel logoutSession) -
Uses of AuthenticationSessionModel in org.keycloak.models
Modifier and TypeMethodDescriptionKeycloakContext.getAuthenticationSession()
Get current AuthenticationSessionModel, can be null out of the AuthenticationSession context.Modifier and TypeMethodDescriptionvoid
KeycloakContext.setAuthenticationSession
(AuthenticationSessionModel authenticationSession) -
Uses of AuthenticationSessionModel in org.keycloak.models.sessions.infinispan
Modifier and TypeClassDescriptionclass
NOTE: Calling setter doesn't automatically enlist for updateModifier and TypeMethodDescriptionRootAuthenticationSessionAdapter.createAuthenticationSession
(ClientModel client) RootAuthenticationSessionAdapter.getAuthenticationSession
(ClientModel client, String tabId) -
Uses of AuthenticationSessionModel in org.keycloak.models.sessions.infinispan.changes.remote.updater.authsession
Modifier and TypeMethodDescriptionRootAuthenticationSessionUpdater.createAuthenticationSession
(ClientModel client) RootAuthenticationSessionUpdater.getAuthenticationSession
(ClientModel client, String tabId) -
Uses of AuthenticationSessionModel in org.keycloak.models.utils
Modifier and TypeMethodDescriptionstatic void
SystemClientUtil.checkSkipLink
(KeycloakSession session, AuthenticationSessionModel authSession) Cleanup system client URL to avoid links to account managementstatic AuthenticationFlowModel
AuthenticationFlowResolver.resolveBrowserFlow
(AuthenticationSessionModel authSession) static AuthenticationFlowModel
AuthenticationFlowResolver.resolveDirectGrantFlow
(AuthenticationSessionModel authSession) -
Uses of AuthenticationSessionModel in org.keycloak.protocol
Modifier and TypeMethodDescriptionprotected AuthenticationSessionModel
AuthorizationEndpointBase.createAuthenticationSession
(ClientModel client, String requestState) static AuthenticationSessionModel
RestartLoginCookie.restartSession
(KeycloakSession session, RealmModel realm, RootAuthenticationSessionModel rootSession, String expectedClientId, String encodedCookie) Modifier and TypeMethodDescriptionjakarta.ws.rs.core.Response
LoginProtocol.authenticated
(AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx) protected AuthenticationProcessor
AuthorizationEndpointBase.createProcessor
(AuthenticationSessionModel authSession, String flowId, String flowPath) jakarta.ws.rs.core.Response
LoginProtocol.finishBrowserLogout
(UserSessionModel userSession, AuthenticationSessionModel logoutSession) This method is called when browser logout is going to be finished.protected AuthenticationFlowModel
AuthorizationEndpointBase.getAuthenticationFlow
(AuthenticationSessionModel authSession) LoginProtocol.getClientData
(AuthenticationSessionModel authSession) Returns client data, which will be wrapped in the "clientData" parameter sent within "authentication flow" requests.protected jakarta.ws.rs.core.Response
AuthorizationEndpointBase.handleBrowserAuthenticationRequest
(AuthenticationSessionModel authSession, LoginProtocol protocol, boolean isPassive, boolean redirectToAuthentication) Common method to handle browser authentication request in protocols unified way.boolean
LoginProtocol.requireReauthentication
(UserSessionModel userSession, AuthenticationSessionModel authSession) jakarta.ws.rs.core.Response
LoginProtocol.sendError
(AuthenticationSessionModel authSession, LoginProtocol.Error error, String errorMessage) static void
RestartLoginCookie.setRestartCookie
(KeycloakSession session, AuthenticationSessionModel authSession) -
Uses of AuthenticationSessionModel in org.keycloak.protocol.docker
Modifier and TypeMethodDescriptionjakarta.ws.rs.core.Response
DockerAuthV2Protocol.authenticated
(AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx) jakarta.ws.rs.core.Response
DockerAuthV2Protocol.finishBrowserLogout
(UserSessionModel userSession, AuthenticationSessionModel logoutSession) protected AuthenticationFlowModel
DockerEndpoint.getAuthenticationFlow
(AuthenticationSessionModel authSession) DockerAuthV2Protocol.getClientData
(AuthenticationSessionModel authSession) boolean
DockerAuthV2Protocol.requireReauthentication
(UserSessionModel userSession, AuthenticationSessionModel clientSession) jakarta.ws.rs.core.Response
DockerAuthV2Protocol.sendError
(AuthenticationSessionModel clientSession, LoginProtocol.Error error, String errorMessage) -
Uses of AuthenticationSessionModel in org.keycloak.protocol.oidc
Modifier and TypeMethodDescriptionstatic ClientSessionContext
TokenManager.attachAuthenticationSession
(KeycloakSession session, UserSessionModel userSession, AuthenticationSessionModel authSession) jakarta.ws.rs.core.Response
OIDCLoginProtocol.authenticated
(AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx) jakarta.ws.rs.core.Response
OIDCLoginProtocol.buildRedirectUri
(OIDCRedirectUriBuilder redirectUriBuilder, AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx) this method can be used in extension-implementations to theOIDCLoginProtocol
to add additional parameters to the redirectUri after successful authentication and to store these e.g.jakarta.ws.rs.core.Response
OIDCLoginProtocol.buildRedirectUri
(OIDCRedirectUriBuilder redirectUriBuilder, AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx, Exception ex, LoginProtocol.Error oidcError) this method can be used in extension-implementations to theOIDCLoginProtocol
to add additional parameters to the redirectUri after failed authenticationjakarta.ws.rs.core.Response
OIDCLoginProtocol.finishBrowserLogout
(UserSessionModel userSession, AuthenticationSessionModel logoutSession) OIDCLoginProtocol.getClientData
(AuthenticationSessionModel authSession) protected boolean
OIDCLoginProtocol.isAuthTimeExpired
(UserSessionModel userSession, AuthenticationSessionModel authSession) protected boolean
OIDCLoginProtocol.isPromptLogin
(AuthenticationSessionModel authSession) protected boolean
OIDCLoginProtocol.isReAuthRequiredForKcAction
(UserSessionModel userSession, AuthenticationSessionModel authSession) boolean
OIDCLoginProtocol.requireReauthentication
(UserSessionModel userSession, AuthenticationSessionModel authSession) jakarta.ws.rs.core.Response
OIDCLoginProtocol.sendError
(AuthenticationSessionModel authSession, LoginProtocol.Error error, String errorMessage) -
Uses of AuthenticationSessionModel in org.keycloak.protocol.oidc.endpoints
Modifier and TypeMethodDescriptionvoid
AuthorizationEndpointChecker.AuthorizationCheckException.throwAsErrorPageException
(AuthenticationSessionModel authenticationSession) -
Uses of AuthenticationSessionModel in org.keycloak.protocol.oidc.grants.device
Modifier and TypeMethodDescriptionstatic jakarta.ws.rs.core.Response
DeviceGrantType.approveOAuth2DeviceAuthorization
(AuthenticationSessionModel authSession, AuthenticatedClientSessionModel clientSession, KeycloakSession session) static jakarta.ws.rs.core.Response
DeviceGrantType.denyOAuth2DeviceAuthorization
(AuthenticationSessionModel authSession, LoginProtocol.Error error, KeycloakSession session) static boolean
DeviceGrantType.isOAuth2DeviceVerificationFlow
(AuthenticationSessionModel authSession) -
Uses of AuthenticationSessionModel in org.keycloak.protocol.oidc.grants.device.endpoints
Modifier and TypeMethodDescriptionprotected AuthenticationSessionModel
DeviceEndpoint.createAuthenticationSession
(ClientModel client, String scope) -
Uses of AuthenticationSessionModel in org.keycloak.protocol.oidc.utils
Modifier and TypeMethodDescriptionstatic URI
LogoutUtil.getRedirectUriWithAttachedState
(String redirectUri, AuthenticationSessionModel logoutSession) static jakarta.ws.rs.core.Response
LogoutUtil.sendResponseAfterLogoutFinished
(KeycloakSession session, AuthenticationSessionModel logoutSession) -
Uses of AuthenticationSessionModel in org.keycloak.protocol.saml
Modifier and TypeMethodDescriptionSamlService.getOrCreateLoginSessionForIdpInitiatedSso
(KeycloakSession session, RealmModel realm, ClientModel client, String relayState) Creates a client session object for SAML IdP-initiated SSO session.Modifier and TypeMethodDescriptionjakarta.ws.rs.core.Response
SamlProtocol.authenticated
(AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx) protected abstract jakarta.ws.rs.core.Response
SamlService.BindingProtocol.error
(KeycloakSession session, AuthenticationSessionModel authenticationSession, jakarta.ws.rs.core.Response.Status status, String message, Object... parameters) protected jakarta.ws.rs.core.Response
SamlService.PostBindingProtocol.error
(KeycloakSession session, AuthenticationSessionModel authenticationSession, jakarta.ws.rs.core.Response.Status status, String message, Object... parameters) protected jakarta.ws.rs.core.Response
SamlService.RedirectBindingProtocol.error
(KeycloakSession session, AuthenticationSessionModel authenticationSession, jakarta.ws.rs.core.Response.Status status, String message, Object... parameters) jakarta.ws.rs.core.Response
SamlProtocol.finishBrowserLogout
(UserSessionModel userSession, AuthenticationSessionModel logoutSession) SamlProtocol.getClientData
(AuthenticationSessionModel authSession) protected String
SamlProtocol.getNameIdFormat
(SamlClient samlClient, AuthenticationSessionModel authSession) protected boolean
SamlProtocol.isPostBinding
(AuthenticationSessionModel authSession) protected jakarta.ws.rs.core.Response
SamlService.newBrowserAuthentication
(AuthenticationSessionModel authSession, boolean isPassive, boolean redirectToAuthentication) protected jakarta.ws.rs.core.Response
SamlService.newBrowserAuthentication
(AuthenticationSessionModel authSession, boolean isPassive, boolean redirectToAuthentication, SamlProtocol samlProtocol) boolean
SamlProtocol.requireReauthentication
(UserSessionModel userSession, AuthenticationSessionModel authSession) jakarta.ws.rs.core.Response
SamlProtocol.sendError
(AuthenticationSessionModel authSession, LoginProtocol.Error error, String errorMessage) -
Uses of AuthenticationSessionModel in org.keycloak.protocol.saml.preprocessor
Modifier and TypeMethodDescriptiondefault AuthnRequestType
SamlAuthenticationPreprocessor.beforeProcessingLoginRequest
(AuthnRequestType authnRequest, AuthenticationSessionModel authSession) Called before a login request is processed.default StatusResponseType
SamlAuthenticationPreprocessor.beforeProcessingLoginResponse
(StatusResponseType statusResponse, AuthenticationSessionModel authSession) Called before a login response is processed.default AuthnRequestType
SamlAuthenticationPreprocessor.beforeSendingLoginRequest
(AuthnRequestType authnRequest, AuthenticationSessionModel clientSession) Called before a login request is sent. -
Uses of AuthenticationSessionModel in org.keycloak.protocol.saml.profile.ecp
Modifier and TypeMethodDescriptionprotected AuthenticationFlowModel
SamlEcpProfileService.getAuthenticationFlow
(AuthenticationSessionModel authSession) protected jakarta.ws.rs.core.Response
SamlEcpProfileService.newBrowserAuthentication
(AuthenticationSessionModel authSession, boolean isPassive, boolean redirectToAuthentication, SamlProtocol samlProtocol) -
Uses of AuthenticationSessionModel in org.keycloak.services
Modifier and TypeMethodDescriptionstatic jakarta.ws.rs.core.Response
ErrorPage.error
(KeycloakSession session, AuthenticationSessionModel authenticationSession, jakarta.ws.rs.core.Response.Status status, String message, Object... parameters) void
DefaultKeycloakContext.setAuthenticationSession
(AuthenticationSessionModel authenticationSession) ModifierConstructorDescriptionErrorPageException
(KeycloakSession session, AuthenticationSessionModel authSession, jakarta.ws.rs.core.Response.Status status, String errorMessage, Object... parameters) -
Uses of AuthenticationSessionModel in org.keycloak.services.clientpolicy.context
ModifierConstructorDescriptionImplicitHybridTokenResponse
(AuthenticationSessionModel authSession, ClientSessionContext clientSessionCtx, TokenManager.AccessTokenResponseBuilder accessTokenResponseBuilder) -
Uses of AuthenticationSessionModel in org.keycloak.services.managers
Modifier and TypeMethodDescriptionstatic AuthenticationSessionModel
AuthenticationManager.createOrJoinLogoutSession
(KeycloakSession session, RealmModel realm, AuthenticationSessionManager asm, UserSessionModel userSession, boolean browserCookie, boolean initiateLogout) AuthenticationSessionManager.getAuthenticationSessionByIdAndClient
(RealmModel realm, String authSessionId, ClientModel client, String tabId) AuthenticationSessionManager.getCurrentAuthenticationSession
(RealmModel realm, ClientModel client, String tabId) Returns current authentication session if it exists, otherwise returnsnull
.Modifier and TypeMethodDescriptionstatic jakarta.ws.rs.core.Response
AuthenticationManager.actionRequired
(KeycloakSession session, AuthenticationSessionModel authSession, HttpRequest request, EventBuilder event) static void
AuthenticationManager.evaluateRequiredActionTriggers
(KeycloakSession session, AuthenticationSessionModel authSession, HttpRequest request, EventBuilder event, RealmModel realm, UserModel user) protected static jakarta.ws.rs.core.Response
AuthenticationManager.executionActions
(KeycloakSession session, AuthenticationSessionModel authSession, HttpRequest request, EventBuilder event, RealmModel realm, UserModel user, Set<String> ignoredActions) static jakarta.ws.rs.core.Response
AuthenticationManager.finishedRequiredActions
(KeycloakSession session, AuthenticationSessionModel authSession, UserSessionModel userSession, ClientConnection clientConnection, HttpRequest request, jakarta.ws.rs.core.UriInfo uriInfo, EventBuilder event) AuthenticationManager.getClientLogoutAction
(AuthenticationSessionModel logoutAuthSession, String clientUuid) Returns the logout state of the particular client as per thelogoutAuthSession
AuthenticationSessionManager.getUserSession
(AuthenticationSessionModel authSession) static void
AuthenticationManager.logSuccess
(KeycloakSession session, AuthenticationSessionModel authSession) static UserModel
AuthenticationManager.lookupUserForBruteForceLog
(KeycloakSession session, RealmModel realm, AuthenticationSessionModel authenticationSession) static jakarta.ws.rs.core.Response
AuthenticationManager.nextActionAfterAuthentication
(KeycloakSession session, AuthenticationSessionModel authSession, ClientConnection clientConnection, HttpRequest request, jakarta.ws.rs.core.UriInfo uriInfo, EventBuilder event) static String
AuthenticationManager.nextRequiredAction
(KeycloakSession session, AuthenticationSessionModel authSession, HttpRequest request, EventBuilder event) static jakarta.ws.rs.core.Response
AuthenticationManager.redirectAfterSuccessfulFlow
(KeycloakSession session, RealmModel realm, UserSessionModel userSession, ClientSessionContext clientSessionCtx, HttpRequest request, jakarta.ws.rs.core.UriInfo uriInfo, ClientConnection clientConnection, EventBuilder event, AuthenticationSessionModel authSession) static jakarta.ws.rs.core.Response
AuthenticationManager.redirectAfterSuccessfulFlow
(KeycloakSession session, RealmModel realm, UserSessionModel userSession, ClientSessionContext clientSessionCtx, HttpRequest request, jakarta.ws.rs.core.UriInfo uriInfo, ClientConnection clientConnection, EventBuilder event, AuthenticationSessionModel authSession, LoginProtocol protocol) static jakarta.ws.rs.core.Response
AuthenticationManager.redirectToRequiredActions
(KeycloakSession session, RealmModel realm, AuthenticationSessionModel authSession, jakarta.ws.rs.core.UriInfo uriInfo, String requiredAction) void
AuthenticationSessionManager.removeAuthenticationSession
(RealmModel realm, AuthenticationSessionModel authSession, boolean expireRestartCookie) boolean
AuthenticationSessionManager.removeTabIdInAuthenticationSession
(RealmModel realm, AuthenticationSessionModel authSession) Remove authentication session from root session.static void
AuthenticationManager.setClientLogoutAction
(AuthenticationSessionModel logoutAuthSession, String clientUuid, CommonClientSessionModel.Action action) Sets logout state of the particular client into thelogoutAuthSession
static void
AuthenticationManager.setClientScopesInSession
(KeycloakSession session, AuthenticationSessionModel authSession) static void
AuthenticationManager.setKcActionStatus
(String executedProviderId, RequiredActionContext.KcActionStatus status, AuthenticationSessionModel authSession) static void
AuthenticationManager.setKcActionToEnforced
(String executedProviderId, AuthenticationSessionModel authSession) void
AuthenticationSessionManager.updateAuthenticationSessionAfterSuccessfulAuthentication
(RealmModel realm, AuthenticationSessionModel authSession) This happens when one browser tab successfully finished authentication (including required actions and consent screen if applicable) Just authenticationSession of the current browser tab is removed from "root authentication session" and other tabs are kept, so authentication can be automatically finished in other browser tabs (typically with authChecker.js javascript) -
Uses of AuthenticationSessionModel in org.keycloak.services.resources
Modifier and TypeMethodDescriptionIdentityBrokerService.getAndVerifyAuthenticationSession
(String encodedCode) SessionCodeChecks.getAuthenticationSession()
SessionCodeChecks.initialVerifyAuthSession()
Modifier and TypeMethodDescriptionprotected jakarta.ws.rs.core.Response
IdentityBrokerService.browserAuthentication
(AuthenticationSessionModel authSession, String errorMessage, Object... parameters) static <T extends JsonWebToken>
booleanLoginActionsServiceChecks.doesAuthenticationSessionFromCookieMatchOneFromToken
(ActionTokenContext<T> context, AuthenticationSessionModel authSessionFromCookie, String authSessionCompoundIdFromToken) This check verifies that current authentication session is consistent with the one specified in token.protected jakarta.ws.rs.core.Response
LoginActionsService.processAuthentication
(boolean action, String execution, AuthenticationSessionModel authSession, String errorMessage) protected jakarta.ws.rs.core.Response
LoginActionsService.processFlow
(boolean action, String execution, AuthenticationSessionModel authSession, String flowPath, AuthenticationFlowModel flow, String errorMessage, AuthenticationProcessor processor) protected void
LoginActionsService.processLocaleParam
(AuthenticationSessionModel authSession) protected jakarta.ws.rs.core.Response
LoginActionsService.processRegistration
(boolean action, String execution, AuthenticationSessionModel authSession, String errorMessage) protected jakarta.ws.rs.core.Response
LoginActionsService.processResetCredentials
(boolean actionRequest, String execution, AuthenticationSessionModel authSession, String errorMessage) static jakarta.ws.rs.core.Response
LoginActionsService.redirectToAfterBrokerLoginEndpoint
(KeycloakSession session, RealmModel realm, jakarta.ws.rs.core.UriInfo uriInfo, AuthenticationSessionModel authSession, boolean firstBrokerLogin) jakarta.ws.rs.core.Response
IdentityBrokerService.retryLogin
(IdentityProvider<?> identityProvider, AuthenticationSessionModel authSession) jakarta.ws.rs.core.Response
IdentityBrokerService.validateUser
(AuthenticationSessionModel authSession, UserModel user, RealmModel realm) -
Uses of AuthenticationSessionModel in org.keycloak.services.util
Modifier and TypeMethodDescriptionAuthenticationFlowURLHelper.getLastExecutionUrl
(AuthenticationSessionModel authSession) abstract jakarta.ws.rs.core.Response
BrowserHistoryHelper.loadSavedResponse
(KeycloakSession session, AuthenticationSessionModel authSession) static void
LocaleUtil.processLocaleParam
(KeycloakSession session, RealmModel realm, AuthenticationSessionModel authSession) abstract jakarta.ws.rs.core.Response
BrowserHistoryHelper.saveResponseAndRedirect
(KeycloakSession session, AuthenticationSessionModel authSession, jakarta.ws.rs.core.Response response, boolean actionRequest, HttpRequest httpRequest) jakarta.ws.rs.core.Response
AuthenticationFlowURLHelper.showPageExpired
(AuthenticationSessionModel authSession) -
Uses of AuthenticationSessionModel in org.keycloak.sessions
Modifier and TypeMethodDescriptionRootAuthenticationSessionModel.createAuthenticationSession
(ClientModel client) Create a new authentication session and returns it.RootAuthenticationSessionModel.getAuthenticationSession
(ClientModel client, String tabId) Returns an authentication session for the particular client and tab or null if it doesn't yet exists.Modifier and TypeMethodDescriptionRootAuthenticationSessionModel.getAuthenticationSessions()
Returns authentication sessions for the root authentication session.Modifier and TypeMethodDescriptionAuthenticationSessionCompoundId.fromAuthSession
(AuthenticationSessionModel authSession) -
Uses of AuthenticationSessionModel in org.keycloak.social.twitter
Modifier and TypeMethodDescriptionvoid
TwitterIdentityProvider.authenticationFinished
(AuthenticationSessionModel authSession, BrokeredIdentityContext context)