keycloak
公開メンバ関数 | 静的公開メンバ関数 | 静的公開変数類 | 限定公開メンバ関数 | 全メンバ一覧
org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator クラスabstract
org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator の継承関係図
Inheritance graph
org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator 連携図
Collaboration graph

公開メンバ関数

void authenticate (AuthenticationFlowContext context)
 
void action (AuthenticationFlowContext context)
 
void setRequiredActions (KeycloakSession session, RealmModel realm, UserModel user)
 
void close ()
 
boolean requiresUser ()
 
boolean configuredFor (KeycloakSession session, RealmModel realm, UserModel user)
 

静的公開メンバ関数

static UserModel getExistingUser (KeycloakSession session, RealmModel realm, AuthenticationSessionModel authSession)
 

静的公開変数類

static final String BROKERED_CONTEXT_NOTE = "BROKERED_CONTEXT"
 
static final String EXISTING_USER_INFO = "EXISTING_USER_INFO"
 
static final String UPDATE_PROFILE_EMAIL_CHANGED = "UPDATE_PROFILE_EMAIL_CHANGED"
 
static final String ENFORCE_UPDATE_PROFILE = "ENFORCE_UPDATE_PROFILE"
 
static final String BROKER_REGISTERED_NEW_USER = "BROKER_REGISTERED_NEW_USER"
 
static final String FIRST_BROKER_LOGIN_SUCCESS = "FIRST_BROKER_LOGIN_SUCCESS"
 

限定公開メンバ関数

abstract void authenticateImpl (AuthenticationFlowContext context, SerializedBrokeredIdentityContext serializedCtx, BrokeredIdentityContext brokerContext)
 
abstract void actionImpl (AuthenticationFlowContext context, SerializedBrokeredIdentityContext serializedCtx, BrokeredIdentityContext brokerContext)
 
void sendFailureChallenge (AuthenticationFlowContext context, Response.Status status, String eventError, String errorMessage, AuthenticationFlowError flowError)
 

詳解

著者
Marek Posolda

関数詳解

◆ action()

void org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.action ( AuthenticationFlowContext  context)
inline

org.keycloak.authentication.Authenticatorを実装しています。

78  {
79  AuthenticationSessionModel clientSession = context.getAuthenticationSession();
80 
81  SerializedBrokeredIdentityContext serializedCtx = SerializedBrokeredIdentityContext.readFromAuthenticationSession(clientSession, BROKERED_CONTEXT_NOTE);
82  if (serializedCtx == null) {
83  throw new AuthenticationFlowException("Not found serialized context in clientSession", AuthenticationFlowError.IDENTITY_PROVIDER_ERROR);
84  }
85  BrokeredIdentityContext brokerContext = serializedCtx.deserialize(context.getSession(), clientSession);
86 
87  if (!brokerContext.getIdpConfig().isEnabled()) {
88  sendFailureChallenge(context, Response.Status.BAD_REQUEST, Errors.IDENTITY_PROVIDER_ERROR, Messages.IDENTITY_PROVIDER_UNEXPECTED_ERROR, AuthenticationFlowError.IDENTITY_PROVIDER_ERROR);
89  }
90 
91  actionImpl(context, serializedCtx, brokerContext);
92  }
org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.sendFailureChallenge
void sendFailureChallenge(AuthenticationFlowContext context, Response.Status status, String eventError, String errorMessage, AuthenticationFlowError flowError)
Definition: AbstractIdpAuthenticator.java:97
org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.actionImpl
abstract void actionImpl(AuthenticationFlowContext context, SerializedBrokeredIdentityContext serializedCtx, BrokeredIdentityContext brokerContext)
org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.BROKERED_CONTEXT_NOTE
static final String BROKERED_CONTEXT_NOTE
Definition: AbstractIdpAuthenticator.java:42

◆ actionImpl()

abstract void org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.actionImpl ( AuthenticationFlowContext  context,
SerializedBrokeredIdentityContext  serializedCtx,
BrokeredIdentityContext  brokerContext 
)
abstractprotected

◆ authenticate()

void org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.authenticate ( AuthenticationFlowContext  context)
inline

org.keycloak.authentication.Authenticatorを実装しています。

61  {
62  AuthenticationSessionModel authSession = context.getAuthenticationSession();
63 
64  SerializedBrokeredIdentityContext serializedCtx = SerializedBrokeredIdentityContext.readFromAuthenticationSession(authSession, BROKERED_CONTEXT_NOTE);
65  if (serializedCtx == null) {
66  throw new AuthenticationFlowException("Not found serialized context in clientSession", AuthenticationFlowError.IDENTITY_PROVIDER_ERROR);
67  }
68  BrokeredIdentityContext brokerContext = serializedCtx.deserialize(context.getSession(), authSession);
69 
70  if (!brokerContext.getIdpConfig().isEnabled()) {
71  sendFailureChallenge(context, Response.Status.BAD_REQUEST, Errors.IDENTITY_PROVIDER_ERROR, Messages.IDENTITY_PROVIDER_UNEXPECTED_ERROR, AuthenticationFlowError.IDENTITY_PROVIDER_ERROR);
72  }
73 
74  authenticateImpl(context, serializedCtx, brokerContext);
75  }
org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.sendFailureChallenge
void sendFailureChallenge(AuthenticationFlowContext context, Response.Status status, String eventError, String errorMessage, AuthenticationFlowError flowError)
Definition: AbstractIdpAuthenticator.java:97
org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.authenticateImpl
abstract void authenticateImpl(AuthenticationFlowContext context, SerializedBrokeredIdentityContext serializedCtx, BrokeredIdentityContext brokerContext)
org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.BROKERED_CONTEXT_NOTE
static final String BROKERED_CONTEXT_NOTE
Definition: AbstractIdpAuthenticator.java:42

◆ authenticateImpl()

abstract void org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.authenticateImpl ( AuthenticationFlowContext  context,
SerializedBrokeredIdentityContext  serializedCtx,
BrokeredIdentityContext  brokerContext 
)
abstractprotected

◆ close()

void org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.close ( )
inline

org.keycloak.provider.Providerを実装しています。

111  {
112 
113  }

◆ configuredFor()

boolean org.keycloak.authentication.Authenticator.configuredFor ( KeycloakSession  session,
RealmModel  realm,
UserModel  user 
)
inherited

Is this authenticator configured for this user.

引数
session
realm
user
戻り値

org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator, org.keycloak.authentication.authenticators.browser.ScriptBasedAuthenticator, org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator, org.keycloak.authentication.authenticators.broker.IdpCreateUserIfUniqueAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetCredentialEmail, org.keycloak.authentication.authenticators.broker.IdpReviewProfileAuthenticator, org.keycloak.authentication.authenticators.challenge.BasicAuthAuthenticator, org.keycloak.authentication.authenticators.cli.CliUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetCredentialChooseUser, org.keycloak.protocol.saml.profile.ecp.authenticator.HttpBasicAuthenticator, org.keycloak.authentication.authenticators.broker.IdpEmailVerificationAuthenticator, org.keycloak.authentication.authenticators.console.ConsoleUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.resetcred.AbstractSetRequiredActionAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidateUsername, org.keycloak.authentication.authenticators.browser.IdentityProviderAuthenticator, org.keycloak.authentication.authenticators.browser.UsernamePasswordForm, org.keycloak.authentication.authenticators.broker.IdpConfirmLinkAuthenticator, org.keycloak.authentication.authenticators.browser.OTPFormAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidateOTP, org.keycloak.protocol.docker.DockerAuthenticator, org.keycloak.authentication.authenticators.browser.CookieAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidatePassword, org.keycloak.authentication.authenticators.challenge.NoCookieFlowRedirectAuthenticator, org.keycloak.authentication.authenticators.broker.IdpAutoLinkAuthenticator, org.keycloak.authentication.authenticators.challenge.BasicAuthOTPAuthenticator, org.keycloak.authentication.authenticators.AttemptedAuthenticator (計26項目)で実装されています。

◆ getExistingUser()

static UserModel org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.getExistingUser ( KeycloakSession  session,
RealmModel  realm,
AuthenticationSessionModel  authSession 
)
inlinestatic
115  {
116  String existingUserId = authSession.getAuthNote(EXISTING_USER_INFO);
117  if (existingUserId == null) {
118  throw new AuthenticationFlowException("Unexpected state. There is no existing duplicated user identified in ClientSession",
119  AuthenticationFlowError.INTERNAL_ERROR);
120  }
121 
122  ExistingUserInfo duplication = ExistingUserInfo.deserialize(existingUserId);
123 
124  UserModel existingUser = session.users().getUserById(duplication.getExistingUserId(), realm);
125  if (existingUser == null) {
126  throw new AuthenticationFlowException("User with ID '" + existingUserId + "' not found.", AuthenticationFlowError.INVALID_USER);
127  }
128 
129  if (!existingUser.isEnabled()) {
130  throw new AuthenticationFlowException("User with ID '" + existingUserId + "', username '" + existingUser.getUsername() + "' disabled.", AuthenticationFlowError.USER_DISABLED);
131  }
132 
133  return existingUser;
134  }
org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.EXISTING_USER_INFO
static final String EXISTING_USER_INFO
Definition: AbstractIdpAuthenticator.java:45

◆ requiresUser()

boolean org.keycloak.authentication.Authenticator.requiresUser ( )
inherited

Does this authenticator require that the user has already been identified? That AuthenticatorContext.getUser() is not null?

戻り値

org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator, org.keycloak.authentication.authenticators.browser.ScriptBasedAuthenticator, org.keycloak.authentication.authenticators.broker.IdpCreateUserIfUniqueAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetCredentialEmail, org.keycloak.authentication.authenticators.resetcred.ResetCredentialChooseUser, org.keycloak.protocol.saml.profile.ecp.authenticator.HttpBasicAuthenticator, org.keycloak.authentication.authenticators.broker.IdpEmailVerificationAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidateUsername, org.keycloak.authentication.authenticators.browser.IdentityProviderAuthenticator, org.keycloak.authentication.authenticators.broker.IdpConfirmLinkAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidateOTP, org.keycloak.authentication.authenticators.browser.UsernamePasswordForm, org.keycloak.authentication.authenticators.browser.OTPFormAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidatePassword, org.keycloak.authentication.authenticators.broker.IdpAutoLinkAuthenticator, org.keycloak.authentication.authenticators.broker.IdpReviewProfileAuthenticator, org.keycloak.authentication.authenticators.resetcred.AbstractSetRequiredActionAuthenticator, org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator, org.keycloak.authentication.authenticators.challenge.BasicAuthAuthenticator, org.keycloak.authentication.authenticators.cli.CliUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.console.ConsoleUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.challenge.NoCookieFlowRedirectAuthenticator, org.keycloak.authentication.authenticators.browser.CookieAuthenticator, org.keycloak.authentication.authenticators.AttemptedAuthenticator (計24項目)で実装されています。

◆ sendFailureChallenge()

void org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.sendFailureChallenge ( AuthenticationFlowContext  context,
Response.Status  status,
String  eventError,
String  errorMessage,
AuthenticationFlowError  flowError 
)
inlineprotected
97  {
98  context.getEvent().user(context.getUser())
99  .error(eventError);
100  Response challengeResponse = context.form()
101  .setError(errorMessage)
102  .createErrorPage(status);
103  context.failureChallenge(flowError, challengeResponse);
104  }

◆ setRequiredActions()

void org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.setRequiredActions ( KeycloakSession  session,
RealmModel  realm,
UserModel  user 
)
inline

org.keycloak.authentication.Authenticatorを実装しています。

107  {
108  }

メンバ詳解

◆ BROKER_REGISTERED_NEW_USER

final String org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.BROKER_REGISTERED_NEW_USER = "BROKER_REGISTERED_NEW_USER"
static

◆ BROKERED_CONTEXT_NOTE

final String org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.BROKERED_CONTEXT_NOTE = "BROKERED_CONTEXT"
static

◆ ENFORCE_UPDATE_PROFILE

final String org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.ENFORCE_UPDATE_PROFILE = "ENFORCE_UPDATE_PROFILE"
static

◆ EXISTING_USER_INFO

final String org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.EXISTING_USER_INFO = "EXISTING_USER_INFO"
static

◆ FIRST_BROKER_LOGIN_SUCCESS

final String org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.FIRST_BROKER_LOGIN_SUCCESS = "FIRST_BROKER_LOGIN_SUCCESS"
static

◆ UPDATE_PROFILE_EMAIL_CHANGED

final String org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.UPDATE_PROFILE_EMAIL_CHANGED = "UPDATE_PROFILE_EMAIL_CHANGED"
static
このクラス詳解は次のファイルから抽出されました:
2018年10月29日(月) 00時34分10秒作成 - keycloak / 構成:   doxygen 1.8.13