org.keycloak.adapters.servlet.KeycloakOIDCFilter の継承関係図

org.keycloak.adapters.servlet.KeycloakOIDCFilter 連携図

公開メンバ関数
	KeycloakOIDCFilter (KeycloakConfigResolver definedconfigResolver)

	KeycloakOIDCFilter ()

void	init (final FilterConfig filterConfig) throws ServletException

void	doFilter (ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException

void	destroy ()

静的公開変数類
static final String	SKIP_PATTERN_PARAM = "keycloak.config.skipPattern"

static final String	CONFIG_RESOLVER_PARAM = "keycloak.config.resolver"

static final String	CONFIG_FILE_PARAM = "keycloak.config.file"

static final String	CONFIG_PATH_PARAM = "keycloak.config.path"

限定公開変数類
AdapterDeploymentContext	deploymentContext

SessionIdMapper	idMapper = new InMemorySessionIdMapper()

NodesRegistrationManagement	nodesRegistrationManagement

Pattern	skipPattern

非公開メンバ関数
KeycloakDeployment	createKeycloakDeploymentFrom (InputStream is)

boolean	shouldSkip (HttpServletRequest request)

非公開変数類
final KeycloakConfigResolver	definedconfigResolver

静的非公開変数類
static final Logger	log = Logger.getLogger("" + KeycloakOIDCFilter.class)

詳解

著者: Bill Burke

バージョン

Revision: 1

構築子と解体子

◆ KeycloakOIDCFilter() [1/2]

org.keycloak.adapters.servlet.KeycloakOIDCFilter.KeycloakOIDCFilter ( KeycloakConfigResolver definedconfigResolver )

inline

Constructor that can be used to define a

KeycloakConfigResolver

that will be used at initialization to provide the

KeycloakDeployment

.

引数

definedconfigResolver the resolver

                                                                             {
         this.definedconfigResolver = definedconfigResolver;
     }

◆ KeycloakOIDCFilter() [2/2]

org.keycloak.adapters.servlet.KeycloakOIDCFilter.KeycloakOIDCFilter ( )

inline

                                 {
         this(null);
     }

関数詳解

◆ createKeycloakDeploymentFrom()

KeycloakDeployment org.keycloak.adapters.servlet.KeycloakOIDCFilter.createKeycloakDeploymentFrom ( InputStream is )

inlineprivate

                                                                             {
         if (is == null) {
             log.fine("No adapter configuration. Keycloak is unconfigured and will deny all requests.");
             return new KeycloakDeployment();
         }
         return KeycloakDeploymentBuilder.build(is);
     }

◆ destroy()

void org.keycloak.adapters.servlet.KeycloakOIDCFilter.destroy ( )

inline

                           {
 
     }

◆ doFilter()

void org.keycloak.adapters.servlet.KeycloakOIDCFilter.doFilter	(	ServletRequest	req,
		ServletResponse	res,
		FilterChain	chain
	)		throws IOException, ServletException

inline

                                                                                                                           {
         log.fine("Keycloak OIDC Filter");
         HttpServletRequest request = (HttpServletRequest) req;
         HttpServletResponse response = (HttpServletResponse) res;
 
         if (shouldSkip(request)) {
             chain.doFilter(req, res);
             return;
         }
 
         OIDCServletHttpFacade facade = new OIDCServletHttpFacade(request, response);
         KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
         if (deployment == null || !deployment.isConfigured()) {
             response.sendError(403);
             log.fine("deployment not configured");
             return;
         }
 
         PreAuthActionsHandler preActions = new PreAuthActionsHandler(new UserSessionManagement() {
             @Override
             public void logoutAll() {
                 if (idMapper != null) {
                     idMapper.clear();
                 }
             }
 
             @Override
             public void logoutHttpSessions(List<String> ids) {
                 log.fine("**************** logoutHttpSessions");
                 //System.err.println("**************** logoutHttpSessions");
                 for (String id : ids) {
                     log.finest("removed idMapper: " + id);
                     idMapper.removeSession(id);
                 }
 
             }
         }, deploymentContext, facade);
 
         if (preActions.handleRequest()) {
             //System.err.println("**************** preActions.handleRequest happened!");
             return;
         }
 
 
         nodesRegistrationManagement.tryRegister(deployment);
         OIDCFilterSessionStore tokenStore = new OIDCFilterSessionStore(request, facade, 100000, deployment, idMapper);
         tokenStore.checkCurrentToken();
 
 
         FilterRequestAuthenticator authenticator = new FilterRequestAuthenticator(deployment, tokenStore, facade, request, 8443);
         AuthOutcome outcome = authenticator.authenticate();
         if (outcome == AuthOutcome.AUTHENTICATED) {
             log.fine("AUTHENTICATED");
             if (facade.isEnded()) {
                 return;
             }
             AuthenticatedActionsHandler actions = new AuthenticatedActionsHandler(deployment, facade);
             if (actions.handledRequest()) {
                 return;
             } else {
                 HttpServletRequestWrapper wrapper = tokenStore.buildWrapper();
                 chain.doFilter(wrapper, res);
                 return;
             }
         }
         AuthChallenge challenge = authenticator.getChallenge();
         if (challenge != null) {
             log.fine("challenge");
             challenge.challenge(facade);
             return;
         }
         response.sendError(403);
 
     }

◆ init()

void org.keycloak.adapters.servlet.KeycloakOIDCFilter.init ( final FilterConfig filterConfig ) throws ServletException

inline

                                                                               {
         String skipPatternDefinition = filterConfig.getInitParameter(SKIP_PATTERN_PARAM);
         if (skipPatternDefinition != null) {
             skipPattern = Pattern.compile(skipPatternDefinition, Pattern.DOTALL);
         }
 
         if (definedconfigResolver != null) {
             deploymentContext = new AdapterDeploymentContext(definedconfigResolver);
             log.log(Level.INFO, "Using {0} to resolve Keycloak configuration on a per-request basis.", definedconfigResolver.getClass());
         } else {
             String configResolverClass = filterConfig.getInitParameter(CONFIG_RESOLVER_PARAM);
             if (configResolverClass != null) {
                 try {
                     KeycloakConfigResolver configResolver = (KeycloakConfigResolver) getClass().getClassLoader().loadClass(configResolverClass).newInstance();
                     deploymentContext = new AdapterDeploymentContext(configResolver);
                     log.log(Level.INFO, "Using {0} to resolve Keycloak configuration on a per-request basis.", configResolverClass);
                 } catch (Exception ex) {
                     log.log(Level.FINE, "The specified resolver {0} could NOT be loaded. Keycloak is unconfigured and will deny all requests. Reason: {1}", new Object[]{configResolverClass, ex.getMessage()});
                     deploymentContext = new AdapterDeploymentContext(new KeycloakDeployment());
                 }
             } else {
                 String fp = filterConfig.getInitParameter(CONFIG_FILE_PARAM);
                 InputStream is = null;
                 if (fp != null) {
                     try {
                         is = new FileInputStream(fp);
                     } catch (FileNotFoundException e) {
                         throw new RuntimeException(e);
                     }
                 } else {
                     String path = "/WEB-INF/keycloak.json";
                     String pathParam = filterConfig.getInitParameter(CONFIG_PATH_PARAM);
                     if (pathParam != null) path = pathParam;
                     is = filterConfig.getServletContext().getResourceAsStream(path);
                 }
                 KeycloakDeployment kd = createKeycloakDeploymentFrom(is);
                 deploymentContext = new AdapterDeploymentContext(kd);
                 log.fine("Keycloak is using a per-deployment configuration.");
             }
         }
         filterConfig.getServletContext().setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
         nodesRegistrationManagement = new NodesRegistrationManagement();
     }

◆ shouldSkip()

boolean org.keycloak.adapters.servlet.KeycloakOIDCFilter.shouldSkip ( HttpServletRequest request )

inlineprivate

Decides whether this Filter should skip the given HttpServletRequest based on the configured KeycloakOIDCFilter#skipPattern. Patterns are matched against the requestURI of a request without the context-path. A request for

/myapp/index.html

would be tested with

/index.html

against the skip pattern. Skipped requests will not be processed further by KeycloakOIDCFilter and immediately delegated to the FilterChain.

引数

request the request to check

戻り値: true
if the request should not be handled,
false
otherwise.

                                                            {
 
         if (skipPattern == null) {
             return false;
         }
 
         String requestPath = request.getRequestURI().substring(request.getContextPath().length());
         return skipPattern.matcher(requestPath).matches();
     }

メンバ詳解

◆ CONFIG_FILE_PARAM

final String org.keycloak.adapters.servlet.KeycloakOIDCFilter.CONFIG_FILE_PARAM = "keycloak.config.file"

static

◆ CONFIG_PATH_PARAM

final String org.keycloak.adapters.servlet.KeycloakOIDCFilter.CONFIG_PATH_PARAM = "keycloak.config.path"

static

◆ CONFIG_RESOLVER_PARAM

final String org.keycloak.adapters.servlet.KeycloakOIDCFilter.CONFIG_RESOLVER_PARAM = "keycloak.config.resolver"

static

◆ definedconfigResolver

final KeycloakConfigResolver org.keycloak.adapters.servlet.KeycloakOIDCFilter.definedconfigResolver

private

◆ deploymentContext

AdapterDeploymentContext org.keycloak.adapters.servlet.KeycloakOIDCFilter.deploymentContext

protected

◆ idMapper

SessionIdMapper org.keycloak.adapters.servlet.KeycloakOIDCFilter.idMapper = new InMemorySessionIdMapper()

protected

◆ log

final Logger org.keycloak.adapters.servlet.KeycloakOIDCFilter.log = Logger.getLogger("" + KeycloakOIDCFilter.class)

staticprivate

◆ nodesRegistrationManagement

NodesRegistrationManagement org.keycloak.adapters.servlet.KeycloakOIDCFilter.nodesRegistrationManagement

protected

◆ SKIP_PATTERN_PARAM

final String org.keycloak.adapters.servlet.KeycloakOIDCFilter.SKIP_PATTERN_PARAM = "keycloak.config.skipPattern"

static

◆ skipPattern

Pattern org.keycloak.adapters.servlet.KeycloakOIDCFilter.skipPattern

protected

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/keycloak/doxygen/src/adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/KeycloakOIDCFilter.java

公開メンバ関数

静的公開変数類

限定公開変数類

非公開メンバ関数

非公開変数類

静的非公開変数類

詳解

構築子と解体子

◆ KeycloakOIDCFilter() [1/2]

◆ KeycloakOIDCFilter() [2/2]

関数詳解

◆ createKeycloakDeploymentFrom()

◆ destroy()

◆ doFilter()

◆ init()

◆ shouldSkip()

メンバ詳解

◆ CONFIG_FILE_PARAM

◆ CONFIG_PATH_PARAM

◆ CONFIG_RESOLVER_PARAM

◆ definedconfigResolver

◆ deploymentContext

◆ idMapper

◆ log

◆ nodesRegistrationManagement

◆ SKIP_PATTERN_PARAM

◆ skipPattern