RequestAuthenticator (Red Hat Single Sign-On CD 7 public API)

java.lang.Object
- org.keycloak.adapters.RequestAuthenticator

public abstract class RequestAuthenticator
extends Object

Version:: $Revision: 1 $
Author:: Bill Burke

Field Summary

Fields
Modifier and Type	Field and Description
`protected AuthChallenge`	`challenge`
`protected KeycloakDeployment`	`deployment`
`protected HttpFacade`	`facade`
`protected static org.jboss.logging.Logger`	`log`
`protected int`	`sslRedirectPort`
`protected AdapterTokenStore`	`tokenStore`

Constructor Summary

Constructors
Constructor and Description
`RequestAuthenticator(HttpFacade facade, KeycloakDeployment deployment)`
`RequestAuthenticator(HttpFacade facade, KeycloakDeployment deployment, AdapterTokenStore tokenStore, int sslRedirectPort)`

Method Summary

All Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method and Description
`AuthOutcome`	`authenticate()`
`protected abstract String`	`changeHttpSessionId(boolean create)` After code is received, we change the session id if possible to guard against https://www.owasp.org/index.php/Session_Fixation
`protected void`	`completeAuthentication(BearerTokenRequestAuthenticator bearer, String method)`
`protected void`	`completeAuthentication(OAuthRequestAuthenticator oauth)`
`protected abstract void`	`completeBearerAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal, String method)`
`protected abstract void`	`completeOAuthAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal)`
`protected BasicAuthRequestAuthenticator`	`createBasicAuthAuthenticator()`
`protected BearerTokenRequestAuthenticator`	`createBearerTokenAuthenticator()`
`protected abstract OAuthRequestAuthenticator`	`createOAuthAuthenticator()`
`protected QueryParamterTokenRequestAuthenticator`	`createQueryParamterTokenRequestAuthenticator()`
`AuthChallenge`	`getChallenge()`
`protected boolean`	`isAutodetectedBearerOnly(HttpFacade.Request request)`
`protected boolean`	`verifySSL()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

protected static org.jboss.logging.Logger log

facade
```
protected HttpFacade facade
```

challenge
```
protected AuthChallenge challenge
```

deployment

protected KeycloakDeployment deployment

tokenStore
```
protected AdapterTokenStore tokenStore
```

sslRedirectPort
```
protected int sslRedirectPort
```

Constructor Detail

RequestAuthenticator

public RequestAuthenticator(HttpFacade facade,
                            KeycloakDeployment deployment,
                            AdapterTokenStore tokenStore,
                            int sslRedirectPort)

RequestAuthenticator

public RequestAuthenticator(HttpFacade facade,
                            KeycloakDeployment deployment)

Method Detail

getChallenge
```
public AuthChallenge getChallenge()
```

authenticate
```
public AuthOutcome authenticate()
```

verifySSL
```
protected boolean verifySSL()
```

isAutodetectedBearerOnly

protected boolean isAutodetectedBearerOnly(HttpFacade.Request request)

createOAuthAuthenticator

protected abstract OAuthRequestAuthenticator createOAuthAuthenticator()

createBearerTokenAuthenticator

protected BearerTokenRequestAuthenticator createBearerTokenAuthenticator()

createBasicAuthAuthenticator

protected BasicAuthRequestAuthenticator createBasicAuthAuthenticator()

createQueryParamterTokenRequestAuthenticator

protected QueryParamterTokenRequestAuthenticator createQueryParamterTokenRequestAuthenticator()

completeAuthentication

protected void completeAuthentication(OAuthRequestAuthenticator oauth)

completeOAuthAuthentication

protected abstract void completeOAuthAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal)

completeBearerAuthentication

protected abstract void completeBearerAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal,
                                                     String method)

changeHttpSessionId
```
protected abstract String changeHttpSessionId(boolean create)
```
After code is received, we change the session id if possible to guard against https://www.owasp.org/index.php/Session_Fixation

Parameters:

create -

Returns:

completeAuthentication

protected void completeAuthentication(BearerTokenRequestAuthenticator bearer,
                                      String method)

Class RequestAuthenticator

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

log

facade

challenge

deployment

tokenStore

sslRedirectPort

Constructor Detail

RequestAuthenticator

RequestAuthenticator

Method Detail

getChallenge

authenticate

verifySSL

isAutodetectedBearerOnly

createOAuthAuthenticator

createBearerTokenAuthenticator

createBasicAuthAuthenticator

createQueryParamterTokenRequestAuthenticator

completeAuthentication

completeOAuthAuthentication

completeBearerAuthentication

changeHttpSessionId

completeAuthentication