org.keycloak.authentication.actiontoken.DefaultActionToken の継承関係図

org.keycloak.authentication.actiontoken.DefaultActionToken 連携図

公開メンバ関数
	DefaultActionToken ()

String	getCompoundAuthenticationSessionId ()

final void	setCompoundAuthenticationSessionId (String authenticationSessionId)

Map< String, String >	getNotes ()

String	getNote (String name)

final String	setNote (String name, String value)

final String	removeNote (String name)

String	serialize (KeycloakSession session, RealmModel realm, UriInfo uri)

String	getUserId ()

String	getActionId ()

UUID	getActionVerificationNonce ()

JsonWebToken	id (String id)

JsonWebToken	expiration (int expiration)

JsonWebToken	notBefore (int notBefore)

JsonWebToken	issuedAt (int issuedAt)

JsonWebToken	issuer (String issuer)

JsonWebToken	audience (String... audience)

JsonWebToken	subject (String subject)

JsonWebToken	type (String type)

JsonWebToken	issuedFor (String issuedFor)

String	getId ()

int	getExpiration ()

int	getExpiration ()

boolean	isExpired ()

int	getNotBefore ()

boolean	isNotBefore (int allowedTimeSkew)

boolean	isActive ()

boolean	isActive (int allowedTimeSkew)

int	getIssuedAt ()

JsonWebToken	issuedNow ()

String	getIssuer ()

String []	getAudience ()

boolean	hasAudience (String audience)

JsonWebToken	addAudience (String audience)

String	getSubject ()

void	setSubject (String subject)

String	getType ()

String	getIssuedFor ()

Map< String, Object >	getOtherClaims ()

void	setOtherClaims (String name, Object value)

TokenCategory	getCategory ()

default String	serializeKey ()

静的公開メンバ関数
static DefaultActionTokenKey	from (String serializedKey)

公開変数類
String	issuedFor

静的公開変数類
static final String	JSON_FIELD_AUTHENTICATION_SESSION_ID = "asid"

static final Predicate< DefaultActionTokenKey >	ACTION_TOKEN_BASIC_CHECKS

static final String	ACTION_TOKEN_USER_ID = "ACTION_TOKEN_USER"

static final String	JSON_FIELD_ACTION_VERIFICATION_NONCE = "nonce"

限定公開メンバ関数
	DefaultActionToken (String userId, String actionId, int absoluteExpirationInSecs, UUID actionVerificationNonce)

	DefaultActionToken (String userId, String actionId, int absoluteExpirationInSecs, UUID actionVerificationNonce, String compoundAuthenticationSessionId)

限定公開変数類
String	id

int	expiration

int	notBefore

int	issuedAt

String	issuer

String []	audience

String	subject

String	type

Map< String, Object >	otherClaims = new HashMap<>()

静的非公開メンバ関数
static String	getIssuer (RealmModel realm, UriInfo uri)

詳解

Part of action token that is intended to be used e.g. in link sent in password-reset email. The token encapsulates user, expected action and its time of expiry.

著者: hmlnarik

構築子と解体子

◆ DefaultActionToken() [1/3]

org.keycloak.authentication.actiontoken.DefaultActionToken.DefaultActionToken ( )

inline

Single-use random value used for verification whether the relevant action is allowed.

                                 {
         super(null, null, 0, null);
     }

◆ DefaultActionToken() [2/3]

org.keycloak.authentication.actiontoken.DefaultActionToken.DefaultActionToken	(	String	userId,
		String	actionId,
		int	absoluteExpirationInSecs,
		UUID	actionVerificationNonce
	)

inlineprotected

引数

userId	User ID
actionId	Action ID
absoluteExpirationInSecs	Absolute expiration time in seconds in timezone of Keycloak.
actionVerificationNonce

                                                                                                                              {
         super(userId, actionId, absoluteExpirationInSecs, actionVerificationNonce);
     }

◆ DefaultActionToken() [3/3]

org.keycloak.authentication.actiontoken.DefaultActionToken.DefaultActionToken	(	String	userId,
		String	actionId,
		int	absoluteExpirationInSecs,
		UUID	actionVerificationNonce,
		String	compoundAuthenticationSessionId
	)

inlineprotected

引数

userId	User ID
actionId	Action ID
absoluteExpirationInSecs	Absolute expiration time in seconds in timezone of Keycloak.
actionVerificationNonce

                                                                                                                                                                      {
         super(userId, actionId, absoluteExpirationInSecs, actionVerificationNonce);
         setCompoundAuthenticationSessionId(compoundAuthenticationSessionId);
     }

関数詳解

◆ addAudience()

JsonWebToken org.keycloak.representations.JsonWebToken.addAudience ( String audience )

inlineinherited

                                                      {
         if (this.audience == null) {
             this.audience = new String[] { audience };
         } else {
             // Check if audience is already there
             for (String aud : this.audience) {
                 if (audience.equals(aud)) {
                     return this;
                 }
             }
 
             String[] newAudience = Arrays.copyOf(this.audience, this.audience.length + 1);
             newAudience[this.audience.length] = audience;
             this.audience = newAudience;
         }
         return this;
     }

◆ audience()

JsonWebToken org.keycloak.representations.JsonWebToken.audience ( String... audience )

inlineinherited

                                                      {
         this.audience = audience;
         return this;
     }

◆ expiration()

JsonWebToken org.keycloak.representations.JsonWebToken.expiration ( int expiration )

inlineinherited

                                                    {
         this.expiration = expiration;
         return this;
     }

◆ from()

static DefaultActionTokenKey org.keycloak.authentication.actiontoken.DefaultActionTokenKey.from ( String serializedKey )

inlinestaticinherited

                                                                    {
         if (serializedKey == null) {
             return null;
         }
         String[] parsed = DOT.split(serializedKey, 4);
         if (parsed.length != 4) {
             return null;
         }
 
         String userId;
         try {
             userId = new String(Base64.decode(parsed[0]), StandardCharsets.UTF_8);
         } catch (IOException ex) {
             userId = parsed[0];
         }
         return new DefaultActionTokenKey(userId, parsed[3], Integer.parseInt(parsed[1]), UUID.fromString(parsed[2]));
     }

◆ getActionId()

String org.keycloak.authentication.actiontoken.DefaultActionTokenKey.getActionId ( )

inlineinherited

org.keycloak.models.ActionTokenKeyModelを実装しています。

                                 {
         return getType();
     }

◆ getActionVerificationNonce()

UUID org.keycloak.authentication.actiontoken.DefaultActionTokenKey.getActionVerificationNonce ( )

inlineinherited

org.keycloak.models.ActionTokenKeyModelを実装しています。

                                              {
         return actionVerificationNonce;
     }

◆ getAudience()

String [] org.keycloak.representations.JsonWebToken.getAudience ( )

inlineinherited

                                   {
         return audience;
     }

◆ getCategory()

TokenCategory org.keycloak.representations.JsonWebToken.getCategory ( )

inlineinherited

org.keycloak.Tokenを実装しています。

                                        {
         return TokenCategory.INTERNAL;
     }

◆ getCompoundAuthenticationSessionId()

String org.keycloak.authentication.actiontoken.DefaultActionToken.getCompoundAuthenticationSessionId ( )

inline

                                                        {
         return (String) getOtherClaims().get(JSON_FIELD_AUTHENTICATION_SESSION_ID);
     }

◆ getExpiration() [1/2]

int org.keycloak.models.ActionTokenKeyModel.getExpiration ( )

inherited

Returns absolute number of seconds since the epoch in UTC timezone when the token expires.

◆ getExpiration() [2/2]

int org.keycloak.representations.JsonWebToken.getExpiration ( )

inlineinherited

                                {
         return expiration;
     }

◆ getId()

String org.keycloak.representations.JsonWebToken.getId ( )

inlineinherited

                           {
         return id;
     }

◆ getIssuedAt()

int org.keycloak.representations.JsonWebToken.getIssuedAt ( )

inlineinherited

                              {
         return issuedAt;
     }

◆ getIssuedFor()

String org.keycloak.representations.JsonWebToken.getIssuedFor ( )

inlineinherited

OAuth client the token was issued for.

戻り値

                                  {
         return issuedFor;
     }

◆ getIssuer() [1/2]

String org.keycloak.representations.JsonWebToken.getIssuer ( )

inlineinherited

                               {
         return issuer;
     }

◆ getIssuer() [2/2]

static String org.keycloak.authentication.actiontoken.DefaultActionToken.getIssuer	(	RealmModel	realm,
		UriInfo	uri
	)

inlinestaticprivate

                                                                    {
         return Urls.realmIssuer(uri.getBaseUri(), realm.getName());
     }

◆ getNotBefore()

int org.keycloak.representations.JsonWebToken.getNotBefore ( )

inlineinherited

                               {
         return notBefore;
     }

◆ getNote()

String org.keycloak.authentication.actiontoken.DefaultActionToken.getNote ( String name )

inline

org.keycloak.models.ActionTokenValueModelを実装しています。

                                        {
         Object res = getOtherClaims().get(name);
         return res instanceof String ? (String) res : null;
     }

◆ getNotes()

Map<String, String> org.keycloak.authentication.actiontoken.DefaultActionToken.getNotes ( )

inline

org.keycloak.models.ActionTokenValueModelを実装しています。

                                           {
         Map<String, String> res = new HashMap<>();
         if (getCompoundAuthenticationSessionId() != null) {
             res.put(JSON_FIELD_AUTHENTICATION_SESSION_ID, getCompoundAuthenticationSessionId());
         }
         return res;
     }

◆ getOtherClaims()

Map<String, Object> org.keycloak.representations.JsonWebToken.getOtherClaims ( )

inlineinherited

This is a map of any other claims and data that might be in the IDToken. Could be custom claims set up by the auth server

戻り値

                                                 {
         return otherClaims;
     }

◆ getSubject()

String org.keycloak.representations.JsonWebToken.getSubject ( )

inlineinherited

                                {
         return subject;
     }

◆ getType()

String org.keycloak.representations.JsonWebToken.getType ( )

inlineinherited

                             {
         return type;
     }

◆ getUserId()

String org.keycloak.authentication.actiontoken.DefaultActionTokenKey.getUserId ( )

inlineinherited

org.keycloak.models.ActionTokenKeyModelを実装しています。

                               {
         return getSubject();
     }

◆ hasAudience()

boolean org.keycloak.representations.JsonWebToken.hasAudience ( String audience )

inlineinherited

                                                 {
         if (this.audience == null) return false;
         for (String a : this.audience) {
             if (a.equals(audience)) {
                 return true;
             }
         }
         return false;
     }

◆ id()

JsonWebToken org.keycloak.representations.JsonWebToken.id ( String id )

inlineinherited

                                       {
         this.id = id;
         return this;
     }

◆ isActive() [1/2]

boolean org.keycloak.representations.JsonWebToken.isActive ( )

inlineinherited

Tests that the token is not expired and is not-before.

戻り値

                               {
         return isActive(0);
     }

◆ isActive() [2/2]

boolean org.keycloak.representations.JsonWebToken.isActive ( int allowedTimeSkew )

inlineinherited

                                                  {
         return (!isExpired() || expiration == 0) && (isNotBefore(allowedTimeSkew) || notBefore == 0);
     }

◆ isExpired()

boolean org.keycloak.representations.JsonWebToken.isExpired ( )

inlineinherited

                                {
         return Time.currentTime() > expiration;
     }

◆ isNotBefore()

boolean org.keycloak.representations.JsonWebToken.isNotBefore ( int allowedTimeSkew )

inlineinherited

                                                     {
         return Time.currentTime() + allowedTimeSkew >= notBefore;
     }

◆ issuedAt()

JsonWebToken org.keycloak.representations.JsonWebToken.issuedAt ( int issuedAt )

inlineinherited

                                                {
         this.issuedAt = issuedAt;
         return this;
     }

◆ issuedFor()

JsonWebToken org.keycloak.representations.JsonWebToken.issuedFor ( String issuedFor )

inlineinherited

                                                     {
         this.issuedFor = issuedFor;
         return this;
     }

◆ issuedNow()

JsonWebToken org.keycloak.representations.JsonWebToken.issuedNow ( )

inlineinherited

Set issuedAt to the current time

                                     {
         issuedAt = Time.currentTime();
         return this;
     }

◆ issuer()

JsonWebToken org.keycloak.representations.JsonWebToken.issuer ( String issuer )

inlineinherited

                                               {
         this.issuer = issuer;
         return this;
     }

◆ notBefore()

JsonWebToken org.keycloak.representations.JsonWebToken.notBefore ( int notBefore )

inlineinherited

                                                  {
         this.notBefore = notBefore;
         return this;
     }

◆ removeNote()

final String org.keycloak.authentication.actiontoken.DefaultActionToken.removeNote ( String name )

inline

Removes given note, and returns original value (or

null

when no value was present)

戻り値: see description

                                                 {
         Object res = getOtherClaims().remove(name);
         return res instanceof String ? (String) res : null;
     }

◆ serialize()

String org.keycloak.authentication.actiontoken.DefaultActionToken.serialize	(	KeycloakSession	session,
		RealmModel	realm,
		UriInfo	uri
	)

inline

Updates the following fields and serializes this token into a signed JWT. The list of updated fields follows:

id
: random nonce
issuedAt
: Current time
issuer
: URI of the given realm
audience
: URI of the given realm (same as issuer)

引数

session
realm
uri

戻り値

                                                                                     {
         String issuerUri = getIssuer(realm, uri);
 
         this
           .issuedAt(Time.currentTime())
           .id(getActionVerificationNonce().toString())
           .issuer(issuerUri)
           .audience(issuerUri);
 
         return session.tokens().encode(this);
     }

◆ serializeKey()

default String org.keycloak.models.ActionTokenKeyModel.serializeKey ( )

inlineinherited

                                   {
         String userId = getUserId();
         String encodedUserId = userId == null ? "" : Base64.encodeBytes(userId.getBytes(StandardCharsets.UTF_8));
         return String.format("%s.%d.%s.%s", encodedUserId, getExpiration(), getActionVerificationNonce(), getActionId());
     }

◆ setCompoundAuthenticationSessionId()

final void org.keycloak.authentication.actiontoken.DefaultActionToken.setCompoundAuthenticationSessionId ( String authenticationSessionId )

inline

                                                                                          {
         setOtherClaims(JSON_FIELD_AUTHENTICATION_SESSION_ID, authenticationSessionId);
     }

◆ setNote()

final String org.keycloak.authentication.actiontoken.DefaultActionToken.setNote	(	String	name,
		String	value
	)

inline

Sets value of the given note

戻り値: original value (or
null
when no value was present)

                                                            {
         Object res = value == null
           ? getOtherClaims().remove(name)
           : getOtherClaims().put(name, value);
         return res instanceof String ? (String) res : null;
     }

◆ setOtherClaims()

void org.keycloak.representations.JsonWebToken.setOtherClaims	(	String	name,
		Object	value
	)

inlineinherited

                                                           {
         otherClaims.put(name, value);
     }

◆ setSubject()

void org.keycloak.representations.JsonWebToken.setSubject ( String subject )

inlineinherited

                                            {
         this.subject = subject;
     }

◆ subject()

JsonWebToken org.keycloak.representations.JsonWebToken.subject ( String subject )

inlineinherited

                                                 {
         this.subject = subject;
         return this;
     }

◆ type()

JsonWebToken org.keycloak.representations.JsonWebToken.type ( String type )

inlineinherited

                                           {
         this.type = type;
         return this;
     }

メンバ詳解

◆ ACTION_TOKEN_BASIC_CHECKS

final Predicate<DefaultActionTokenKey> org.keycloak.authentication.actiontoken.DefaultActionToken.ACTION_TOKEN_BASIC_CHECKS

static

初期値:

= t -> {
        if (t.getActionVerificationNonce() == null) {
            throw new VerificationException("Nonce not present.");
        }
        return true;
    }

◆ ACTION_TOKEN_USER_ID

final String org.keycloak.authentication.actiontoken.DefaultActionTokenKey.ACTION_TOKEN_USER_ID = "ACTION_TOKEN_USER"

staticinherited

The authenticationSession note with ID of the user authenticated via the action token

◆ audience

String [] org.keycloak.representations.JsonWebToken.audience

protectedinherited

◆ expiration

int org.keycloak.representations.JsonWebToken.expiration

protectedinherited

◆ id

String org.keycloak.representations.JsonWebToken.id

protectedinherited

◆ issuedAt

int org.keycloak.representations.JsonWebToken.issuedAt

protectedinherited

◆ issuedFor

String org.keycloak.representations.JsonWebToken.issuedFor

inherited

◆ issuer

String org.keycloak.representations.JsonWebToken.issuer

protectedinherited

◆ JSON_FIELD_ACTION_VERIFICATION_NONCE

final String org.keycloak.authentication.actiontoken.DefaultActionTokenKey.JSON_FIELD_ACTION_VERIFICATION_NONCE = "nonce"

staticinherited

◆ JSON_FIELD_AUTHENTICATION_SESSION_ID

final String org.keycloak.authentication.actiontoken.DefaultActionToken.JSON_FIELD_AUTHENTICATION_SESSION_ID = "asid"

static

◆ notBefore

int org.keycloak.representations.JsonWebToken.notBefore

protectedinherited

◆ otherClaims

Map<String, Object> org.keycloak.representations.JsonWebToken.otherClaims = new HashMap<>()

protectedinherited

◆ subject

String org.keycloak.representations.JsonWebToken.subject

protectedinherited

◆ type

String org.keycloak.representations.JsonWebToken.type

protectedinherited

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/src/keycloak/src/main/java/org/keycloak/authentication/actiontoken/DefaultActionToken.java

公開メンバ関数

静的公開メンバ関数

公開変数類

静的公開変数類

限定公開メンバ関数

限定公開変数類

静的非公開メンバ関数

詳解

構築子と解体子

◆ DefaultActionToken() [1/3]

◆ DefaultActionToken() [2/3]

◆ DefaultActionToken() [3/3]

関数詳解

◆ addAudience()

◆ audience()

◆ expiration()

◆ from()

◆ getActionId()

◆ getActionVerificationNonce()

◆ getAudience()

◆ getCategory()

◆ getCompoundAuthenticationSessionId()

◆ getExpiration() [1/2]

◆ getExpiration() [2/2]

◆ getId()

◆ getIssuedAt()

◆ getIssuedFor()

◆ getIssuer() [1/2]

◆ getIssuer() [2/2]

◆ getNotBefore()

◆ getNote()

◆ getNotes()

◆ getOtherClaims()

◆ getSubject()

◆ getType()

◆ getUserId()

◆ hasAudience()

◆ id()

◆ isActive() [1/2]

◆ isActive() [2/2]

◆ isExpired()

◆ isNotBefore()

◆ issuedAt()

◆ issuedFor()

◆ issuedNow()

◆ issuer()

◆ notBefore()

◆ removeNote()

◆ serialize()

◆ serializeKey()

◆ setCompoundAuthenticationSessionId()

◆ setNote()

◆ setOtherClaims()

◆ setSubject()

◆ subject()

◆ type()

メンバ詳解

◆ ACTION_TOKEN_BASIC_CHECKS

◆ ACTION_TOKEN_USER_ID

◆ audience

◆ expiration

◆ id

◆ issuedAt

◆ issuedFor

◆ issuer

◆ JSON_FIELD_ACTION_VERIFICATION_NONCE

◆ JSON_FIELD_AUTHENTICATION_SESSION_ID

◆ notBefore

◆ otherClaims

◆ subject

◆ type