org.keycloak.util.TokenUtil 連携図

静的公開メンバ関数
static String	attachOIDCScope (String scopeParam)

static boolean	isOIDCRequest (String scopeParam)

static boolean	isOfflineTokenRequested (String scopeParam)

static boolean	hasScope (String scopeParam, String targetScope)

static boolean	hasPrompt (String promptParam, String targetPrompt)

static RefreshToken	getRefreshToken (byte[] decodedToken) throws JWSInputException

static RefreshToken	getRefreshToken (String refreshToken) throws JWSInputException

static boolean	isOfflineToken (String refreshToken) throws JWSInputException

static String	jweDirectEncode (Key aesKey, Key hmacKey, JsonWebToken jwt) throws JWEException

static< T extends JsonWebToken > T	jweDirectVerifyAndDecode (Key aesKey, Key hmacKey, String jweStr, Class< T > expectedClass) throws JWEException

静的公開変数類
static final String	TOKEN_TYPE_BEARER = "Bearer"

static final String	TOKEN_TYPE_ID = "ID"

static final String	TOKEN_TYPE_REFRESH = "Refresh"

static final String	TOKEN_TYPE_OFFLINE = "Offline"

詳解

著者: Marek Posolda

関数詳解

◆ attachOIDCScope()

static String org.keycloak.util.TokenUtil.attachOIDCScope ( String scopeParam )

inlinestatic

                                                             {
         if (scopeParam == null || scopeParam.isEmpty()) {
             return OAuth2Constants.SCOPE_OPENID;
         } else if (hasScope(scopeParam, OAuth2Constants.SCOPE_OPENID)) {
             return scopeParam;
         } else {
             return OAuth2Constants.SCOPE_OPENID + " " + scopeParam;
         }
     }

◆ getRefreshToken() [1/2]

static RefreshToken org.keycloak.util.TokenUtil.getRefreshToken ( byte [] decodedToken ) throws JWSInputException

inlinestatic

Return refresh token or offline token

引数

decodedToken

戻り値

                                                                                              {
         try {
             return JsonSerialization.readValue(decodedToken, RefreshToken.class);
         } catch (IOException e) {
             throw new JWSInputException(e);
         }
     }

◆ getRefreshToken() [2/2]

static RefreshToken org.keycloak.util.TokenUtil.getRefreshToken ( String refreshToken ) throws JWSInputException

inlinestatic

                                                                                              {
         byte[] encodedContent = new JWSInput(refreshToken).getContent();
         return getRefreshToken(encodedContent);
     }

◆ hasPrompt()

static boolean org.keycloak.util.TokenUtil.hasPrompt	(	String	promptParam,
		String	targetPrompt
	)

inlinestatic

                                                                              {
         if (promptParam == null || targetPrompt == null) {
             return false;
         }
 
         String[] prompts = promptParam.split(" ");
         for (String prompt : prompts) {
             if (targetPrompt.equals(prompt)) {
                 return true;
             }
         }
         return false;
     }

◆ hasScope()

static boolean org.keycloak.util.TokenUtil.hasScope	(	String	scopeParam,
		String	targetScope
	)

inlinestatic

                                                                           {
         if (scopeParam == null || targetScope == null) {
             return false;
         }
 
         String[] scopes = scopeParam.split(" ");
         for (String scope : scopes) {
             if (targetScope.equals(scope)) {
                 return true;
             }
         }
         return false;
     }

◆ isOfflineToken()

static boolean org.keycloak.util.TokenUtil.isOfflineToken ( String refreshToken ) throws JWSInputException

inlinestatic

Return true if given refreshToken represents offline token

引数

refreshToken

戻り値

                                                                                        {
         RefreshToken token = getRefreshToken(refreshToken);
         return token.getType().equals(TOKEN_TYPE_OFFLINE);
     }

◆ isOfflineTokenRequested()

static boolean org.keycloak.util.TokenUtil.isOfflineTokenRequested ( String scopeParam )

inlinestatic

                                                                      {
         return hasScope(scopeParam, OAuth2Constants.OFFLINE_ACCESS);
     }

◆ isOIDCRequest()

static boolean org.keycloak.util.TokenUtil.isOIDCRequest ( String scopeParam )

inlinestatic

                                                            {
         return hasScope(scopeParam, OAuth2Constants.SCOPE_OPENID);
     }

◆ jweDirectEncode()

static String org.keycloak.util.TokenUtil.jweDirectEncode	(	Key	aesKey,
		Key	hmacKey,
		JsonWebToken	jwt
	)		throws JWEException

inlinestatic

                                                                                                         {
         int keyLength = aesKey.getEncoded().length;
         String encAlgorithm;
         switch (keyLength) {
             case 16: encAlgorithm = JWEConstants.A128CBC_HS256;
                 break;
             case 24: encAlgorithm = JWEConstants.A192CBC_HS384;
                 break;
             case 32: encAlgorithm = JWEConstants.A256CBC_HS512;
                 break;
             default: throw new IllegalArgumentException("Bad size for Encryption key: " + aesKey + ". Valid sizes are 16, 24, 32.");
         }
 
         try {
             byte[] contentBytes = JsonSerialization.writeValueAsBytes(jwt);
 
             JWEHeader jweHeader = new JWEHeader(JWEConstants.DIR, encAlgorithm, null);
             JWE jwe = new JWE()
                     .header(jweHeader)
                     .content(contentBytes);
 
             jwe.getKeyStorage()
                     .setCEKKey(aesKey, JWEKeyStorage.KeyUse.ENCRYPTION)
                     .setCEKKey(hmacKey, JWEKeyStorage.KeyUse.SIGNATURE);
 
             return jwe.encodeJwe();
         } catch (IOException ioe) {
             throw new JWEException(ioe);
         }
     }

◆ jweDirectVerifyAndDecode()

static <T extends JsonWebToken> T org.keycloak.util.TokenUtil.jweDirectVerifyAndDecode	(	Key	aesKey,
		Key	hmacKey,
		String	jweStr,
		Class< T >	expectedClass
	)		throws JWEException

inlinestatic

                                                                                                                                                           {
         JWE jwe = new JWE();
         jwe.getKeyStorage()
                 .setCEKKey(aesKey, JWEKeyStorage.KeyUse.ENCRYPTION)
                 .setCEKKey(hmacKey, JWEKeyStorage.KeyUse.SIGNATURE);
 
         jwe.verifyAndDecodeJwe(jweStr);
 
         try {
             return JsonSerialization.readValue(jwe.getContent(), expectedClass);
         } catch (IOException ioe) {
             throw new JWEException(ioe);
         }
     }

メンバ詳解

◆ TOKEN_TYPE_BEARER

final String org.keycloak.util.TokenUtil.TOKEN_TYPE_BEARER = "Bearer"

static

◆ TOKEN_TYPE_ID

final String org.keycloak.util.TokenUtil.TOKEN_TYPE_ID = "ID"

static

◆ TOKEN_TYPE_OFFLINE

final String org.keycloak.util.TokenUtil.TOKEN_TYPE_OFFLINE = "Offline"

static

◆ TOKEN_TYPE_REFRESH

final String org.keycloak.util.TokenUtil.TOKEN_TYPE_REFRESH = "Refresh"

static

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/src/keycloak/src/main/java/org/keycloak/util/TokenUtil.java

静的公開メンバ関数

静的公開変数類

詳解

関数詳解

◆ attachOIDCScope()

◆ getRefreshToken() [1/2]

◆ getRefreshToken() [2/2]

◆ hasPrompt()

◆ hasScope()

◆ isOfflineToken()

◆ isOfflineTokenRequested()

◆ isOIDCRequest()

◆ jweDirectEncode()

◆ jweDirectVerifyAndDecode()

メンバ詳解

◆ TOKEN_TYPE_BEARER

◆ TOKEN_TYPE_ID

◆ TOKEN_TYPE_OFFLINE

◆ TOKEN_TYPE_REFRESH