Package org.keycloak.adapters

Class RequestAuthenticator

java.lang.Object

org.keycloak.adapters.RequestAuthenticator

public abstract class RequestAuthenticator
extends Object

Version:

$Revision: 1 $

Author:

Bill Burke

Field Summary

Fields

Modifier and Type	Field	Description
protected AuthChallenge	challenge
protected KeycloakDeployment	deployment
protected HttpFacade	facade
protected static org.jboss.logging.Logger	log
protected int	sslRedirectPort
protected AdapterTokenStore	tokenStore

Constructor Summary

Constructors

Constructor	Description
RequestAuthenticator(HttpFacade facade, KeycloakDeployment deployment)
RequestAuthenticator(HttpFacade facade, KeycloakDeployment deployment, AdapterTokenStore tokenStore, int sslRedirectPort)

Method Summary

Modifier and Type	Method	Description
AuthOutcome	authenticate()
protected abstract String	changeHttpSessionId(boolean create)	After code is received, we change the session id if possible to guard against https://www.owasp.org/index.php/Session_Fixation
protected void	completeAuthentication(BearerTokenRequestAuthenticator bearer, String method)
protected void	completeAuthentication(OAuthRequestAuthenticator oauth)
protected abstract void	completeBearerAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal, String method)
protected abstract void	completeOAuthAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal)
protected BasicAuthRequestAuthenticator	createBasicAuthAuthenticator()
protected BearerTokenRequestAuthenticator	createBearerTokenAuthenticator()
protected abstract OAuthRequestAuthenticator	createOAuthAuthenticator()
protected QueryParameterTokenRequestAuthenticator	createQueryParameterTokenRequestAuthenticator()
AuthChallenge	getChallenge()
protected boolean	isAutodetectedBearerOnly(HttpFacade.Request request)
protected boolean	verifySSL()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

log

protected static org.jboss.logging.Logger log

facade

protected HttpFacade facade

challenge

protected AuthChallenge challenge

deployment

protected KeycloakDeployment deployment

tokenStore

protected AdapterTokenStore tokenStore

sslRedirectPort

protected int sslRedirectPort

Constructor Details

RequestAuthenticator

public RequestAuthenticator(HttpFacade facade,
 KeycloakDeployment deployment,
 AdapterTokenStore tokenStore,
 int sslRedirectPort)

RequestAuthenticator

public RequestAuthenticator(HttpFacade facade,
 KeycloakDeployment deployment)

Method Details

getChallenge

public AuthChallenge getChallenge()

authenticate

public AuthOutcome authenticate()

verifySSL

protected boolean verifySSL()

isAutodetectedBearerOnly

protected boolean isAutodetectedBearerOnly(HttpFacade.Request request)

createOAuthAuthenticator

protected abstract OAuthRequestAuthenticator createOAuthAuthenticator()

createBearerTokenAuthenticator

protected BearerTokenRequestAuthenticator createBearerTokenAuthenticator()

createBasicAuthAuthenticator

protected BasicAuthRequestAuthenticator createBasicAuthAuthenticator()

createQueryParameterTokenRequestAuthenticator

protected QueryParameterTokenRequestAuthenticator createQueryParameterTokenRequestAuthenticator()

completeAuthentication

protected void completeAuthentication(OAuthRequestAuthenticator oauth)

completeOAuthAuthentication

protected abstract void completeOAuthAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal)

completeBearerAuthentication

protected abstract void completeBearerAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal,
 String method)

changeHttpSessionId

protected abstract String changeHttpSessionId(boolean create)

After code is received, we change the session id if possible to guard against https://www.owasp.org/index.php/Session_Fixation

Parameters:

create -

Returns:

completeAuthentication

protected void completeAuthentication(BearerTokenRequestAuthenticator bearer,
 String method)