org.keycloak.adapters

Class OAuthRequestAuthenticator

java.lang.Object

org.keycloak.adapters.OAuthRequestAuthenticator

public class OAuthRequestAuthenticator
extends Object

Version:

$Revision: 1 $

Author:

Bill Burke

Field Summary

Fields

Modifier and Type	Field and Description
protected AuthChallenge	challenge
protected KeycloakDeployment	deployment
protected HttpFacade	facade
protected IDToken	idToken
protected String	idTokenString
protected String	refreshToken
protected RequestAuthenticator	reqAuthenticator
protected int	sslRedirectPort
protected String	strippedOauthParametersRequestUri
protected AccessToken	token
protected AdapterSessionStore	tokenStore
protected String	tokenString

Constructor Summary

Constructors

Constructor and Description
OAuthRequestAuthenticator(RequestAuthenticator requestAuthenticator, HttpFacade facade, KeycloakDeployment deployment, int sslRedirectPort, AdapterSessionStore tokenStore)

Method Summary

Modifier and Type	Method and Description
AuthOutcome	authenticate()
protected AuthChallenge	challenge(int code, OIDCAuthenticationError.Reason reason, String description)
protected AuthChallenge	checkStateCookie()
AuthChallenge	getChallenge()
protected String	getCode()
protected HttpFacade.Cookie	getCookie(String cookieName)
protected String	getCookieValue(String cookieName)
protected String	getError()
IDToken	getIdToken()
String	getIdTokenString()
protected String	getQueryParamValue(String paramName)
protected String	getRedirectUri(String state)
String	getRefreshToken()
protected String	getRequestUrl()
protected String	getStateCode()
String	getStrippedOauthParametersRequestUri()
AccessToken	getToken()
String	getTokenString()
protected boolean	isRequestSecure()
protected AuthChallenge	loginRedirect()
protected AuthChallenge	resolveCode(String code) Start or continue the oauth login process.
void	setIdToken(IDToken idToken)
void	setIdTokenString(String idTokenString)
void	setStrippedOauthParametersRequestUri(String strippedOauthParametersRequestUri)
protected int	sslRedirectPort()
protected String	stripOauthParametersFromRedirect() strip out unwanted query parameters and redirect so bookmarks don't retain oauth protocol bits

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

deployment

protected KeycloakDeployment deployment

reqAuthenticator

protected RequestAuthenticator reqAuthenticator

sslRedirectPort

protected int sslRedirectPort

tokenStore

protected AdapterSessionStore tokenStore

tokenString

protected String tokenString

idTokenString

protected String idTokenString

idToken

protected IDToken idToken

token

protected AccessToken token

facade

protected HttpFacade facade

challenge

protected AuthChallenge challenge

refreshToken

protected String refreshToken

strippedOauthParametersRequestUri

protected String strippedOauthParametersRequestUri

Constructor Detail

OAuthRequestAuthenticator

public OAuthRequestAuthenticator(RequestAuthenticator requestAuthenticator,
                                 HttpFacade facade,
                                 KeycloakDeployment deployment,
                                 int sslRedirectPort,
                                 AdapterSessionStore tokenStore)

Method Detail

getChallenge

public AuthChallenge getChallenge()

getTokenString

public String getTokenString()

getToken

public AccessToken getToken()

getRefreshToken

public String getRefreshToken()

getIdTokenString

public String getIdTokenString()

setIdTokenString

public void setIdTokenString(String idTokenString)

getIdToken

public IDToken getIdToken()

setIdToken

public void setIdToken(IDToken idToken)

getStrippedOauthParametersRequestUri

public String getStrippedOauthParametersRequestUri()

setStrippedOauthParametersRequestUri

public void setStrippedOauthParametersRequestUri(String strippedOauthParametersRequestUri)

getRequestUrl

protected String getRequestUrl()

isRequestSecure

protected boolean isRequestSecure()

getCookie

protected HttpFacade.Cookie getCookie(String cookieName)

getCookieValue

protected String getCookieValue(String cookieName)

getQueryParamValue

protected String getQueryParamValue(String paramName)

getError

protected String getError()

getCode

protected String getCode()

getRedirectUri

protected String getRedirectUri(String state)

sslRedirectPort

protected int sslRedirectPort()

getStateCode

protected String getStateCode()

loginRedirect

protected AuthChallenge loginRedirect()

checkStateCookie

protected AuthChallenge checkStateCookie()

authenticate

public AuthOutcome authenticate()

challenge

protected AuthChallenge challenge(int code,
                                  OIDCAuthenticationError.Reason reason,
                                  String description)

resolveCode

protected AuthChallenge resolveCode(String code)

Start or continue the oauth login process.

if code query parameter is not present, then browser is redirected to authUrl. The redirect URL will be the URL of the current request.

If code query parameter is present, then an access token is obtained by invoking a secure request to the codeUrl. If the access token is obtained, the browser is again redirected to the current request URL, but any OAuth protocol specific query parameters are removed.

Returns:

null if an access token was obtained, otherwise a challenge is returned

stripOauthParametersFromRedirect

protected String stripOauthParametersFromRedirect()

strip out unwanted query parameters and redirect so bookmarks don't retain oauth protocol bits