org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator の継承関係図

org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator 連携図

クラス
class	DummyLoginService

class	KeycloakAuthentication

公開メンバ関数
	AbstractKeycloakJettyAuthenticator ()

AdapterTokenStore	getTokenStore (Request request, HttpFacade facade, KeycloakDeployment resolvedDeployment)

abstract AdapterTokenStore	createSessionTokenStore (Request request, KeycloakDeployment resolvedDeployment)

abstract JettyUserSessionManagement	createSessionManagement (Request request)

void	logoutCurrent (Request request)

void	setConfiguration (AuthConfiguration configuration)

boolean	secureResponse (ServletRequest req, ServletResponse res, boolean mandatory, Authentication.User validatedUser) throws ServerAuthException

AdapterConfig	getAdapterConfig ()

void	setAdapterConfig (AdapterConfig adapterConfig)

KeycloakConfigResolver	getConfigResolver ()

void	setConfigResolver (KeycloakConfigResolver configResolver)

void	initializeKeycloak ()

Authentication	validateRequest (ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException

String	getAuthMethod ()

静的公開メンバ関数
static UserIdentity	createIdentity (KeycloakPrincipal< RefreshableKeycloakSecurityContext > principal)

静的公開変数類
static final String	TOKEN_STORE_NOTE = "TOKEN_STORE_NOTE"

限定公開メンバ関数
abstract Request	resolveRequest (ServletRequest req)

JettyRequestAuthenticator	createRequestAuthenticator (Request request, JettyHttpFacade facade, KeycloakDeployment deployment, AdapterTokenStore tokenStore)

Authentication	register (Request request, KeycloakPrincipal< RefreshableKeycloakSecurityContext > principal)

abstract Authentication	createAuthentication (UserIdentity userIdentity, Request request)

限定公開変数類
AdapterDeploymentContext	deploymentContext

NodesRegistrationManagement	nodesRegistrationManagement

AdapterConfig	adapterConfig

KeycloakConfigResolver	configResolver

String	errorPage

静的限定公開変数類
static final org.jboss.logging.Logger	log = Logger.getLogger(AbstractKeycloakJettyAuthenticator.class)

非公開メンバ関数
void	setErrorPage (String path)

InputStream	getConfigInputStream (ServletContext servletContext)

静的非公開メンバ関数
static InputStream	getJSONFromServletContext (ServletContext servletContext)

詳解

著者: Bill Burke

バージョン

Revision: 1

構築子と解体子

◆ AbstractKeycloakJettyAuthenticator()

org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.AbstractKeycloakJettyAuthenticator ( )

inline

                                                 {
         super();
     }

関数詳解

◆ createAuthentication()

abstract Authentication org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.createAuthentication	(	UserIdentity	userIdentity,
		Request	request
	)

abstractprotected

◆ createIdentity()

static UserIdentity org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.createIdentity ( KeycloakPrincipal< RefreshableKeycloakSecurityContext > principal )

inlinestatic

                                                                                                                {
         Set<String> roles = AdapterUtils.getRolesFromSecurityContext(principal.getKeycloakSecurityContext());
         if (roles == null) {
             roles = new HashSet<String>();
         }
         Subject theSubject = new Subject();
         String[] theRoles = new String[roles.size()];
         roles.toArray(theRoles);
 
         return new DefaultUserIdentity(theSubject, principal, theRoles);
     }

◆ createRequestAuthenticator()

JettyRequestAuthenticator org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.createRequestAuthenticator	(	Request	request,
		JettyHttpFacade	facade,
		KeycloakDeployment	deployment,
		AdapterTokenStore	tokenStore
	)

inlineprotected

                                                                                                                                 {
         return new JettyRequestAuthenticator(facade, deployment, tokenStore, -1, request);
     }

◆ createSessionManagement()

abstract JettyUserSessionManagement org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.createSessionManagement ( Request request )

abstract

◆ createSessionTokenStore()

abstract AdapterTokenStore org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.createSessionTokenStore	(	Request	request,
		KeycloakDeployment	resolvedDeployment
	)

abstract

◆ getAdapterConfig()

AdapterConfig org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.getAdapterConfig ( )

inline

                                             {
         return adapterConfig;
     }

◆ getAuthMethod()

String org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.getAuthMethod ( )

inline

                                   {
         return "KEYCLOAK";
     }

◆ getConfigInputStream()

InputStream org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.getConfigInputStream ( ServletContext servletContext )

inlineprivate

                                                                             {
         InputStream is = getJSONFromServletContext(servletContext);
         if (is == null) {
             String path = servletContext.getInitParameter("keycloak.config.file");
             if (path == null) {
                 is = servletContext.getResourceAsStream("/WEB-INF/keycloak.json");
             } else {
                 try {
                     is = new FileInputStream(path);
                 } catch (FileNotFoundException e) {
                     throw new RuntimeException(e);
                 }
             }
         }
         return is;
     }

◆ getConfigResolver()

KeycloakConfigResolver org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.getConfigResolver ( )

inline

                                                       {
         return configResolver;
     }

◆ getJSONFromServletContext()

static InputStream org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.getJSONFromServletContext ( ServletContext servletContext )

inlinestaticprivate

                                                                                         {
         String json = servletContext.getInitParameter(AdapterConstants.AUTH_DATA_PARAM_NAME);
         if (json == null) {
             return null;
         }
         return new ByteArrayInputStream(json.getBytes());
     }

◆ getTokenStore()

AdapterTokenStore org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.getTokenStore	(	Request	request,
		HttpFacade	facade,
		KeycloakDeployment	resolvedDeployment
	)

inline

                                                                                                                       {
         AdapterTokenStore store = (AdapterTokenStore) request.getAttribute(TOKEN_STORE_NOTE);
         if (store != null) {
             return store;
         }
 
         if (resolvedDeployment.getTokenStore() == TokenStore.SESSION) {
             store = createSessionTokenStore(request, resolvedDeployment);
         } else {
             store = new JettyCookieTokenStore(request, facade, resolvedDeployment);
         }
 
         request.setAttribute(TOKEN_STORE_NOTE, store);
         return store;
     }

◆ initializeKeycloak()

void org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.initializeKeycloak ( )

inline

                                      {
         nodesRegistrationManagement = new NodesRegistrationManagement();
 
         ServletContext theServletContext = null;
         ContextHandler.Context currentContext = ContextHandler.getCurrentContext();
         if (currentContext != null) {
             String contextPath = currentContext.getContextPath();
 
             if ("".equals(contextPath)) {
                 // This could be the case in osgi environment when deploying apps through pax whiteboard extension.
                 theServletContext = currentContext;
             } else {
                 theServletContext = currentContext.getContext(contextPath);
             }
         }
 
         // Jetty 9.1.x servlet context will be null :(
         if (configResolver == null && theServletContext != null) {
             String configResolverClass = theServletContext.getInitParameter("keycloak.config.resolver");
             if (configResolverClass != null) {
                 try {
                     configResolver = (KeycloakConfigResolver) ContextHandler.getCurrentContext().getClassLoader().loadClass(configResolverClass).newInstance();
                     log.infov("Using {0} to resolve Keycloak configuration on a per-request basis.", configResolverClass);
                 } catch (Exception ex) {
                     log.infov("The specified resolver {0} could NOT be loaded. Keycloak is unconfigured and will deny all requests. Reason: {1}", new Object[]{configResolverClass, ex.getMessage()});
                 }
             }
         }
 
         if (configResolver != null) {
             deploymentContext = new AdapterDeploymentContext(configResolver);
         } else if (adapterConfig != null) {
             KeycloakDeployment kd = KeycloakDeploymentBuilder.build(adapterConfig);
             deploymentContext = new AdapterDeploymentContext(kd);
         } else if (theServletContext != null) {
             InputStream configInputStream = getConfigInputStream(theServletContext);
             if (configInputStream != null) {
                 deploymentContext = new AdapterDeploymentContext(KeycloakDeploymentBuilder.build(configInputStream));
             }
         }
         if (deploymentContext == null) {
             deploymentContext = new AdapterDeploymentContext(new KeycloakDeployment());
         }
         if (theServletContext != null)
             theServletContext.setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
     }

◆ logoutCurrent()

void org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.logoutCurrent ( Request request )

inline

                                                {
         AdapterDeploymentContext deploymentContext = (AdapterDeploymentContext) request.getAttribute(AdapterDeploymentContext.class.getName());
         KeycloakSecurityContext ksc = (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName());
         if (ksc != null) {
             JettyHttpFacade facade = new OIDCJettyHttpFacade(request, null);
             KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
             if (ksc instanceof RefreshableKeycloakSecurityContext) {
                 ((RefreshableKeycloakSecurityContext) ksc).logout(deployment);
             }
 
             AdapterTokenStore tokenStore = getTokenStore(request, facade, deployment);
             tokenStore.logout();
             request.removeAttribute(KeycloakSecurityContext.class.getName());
         }
     }

◆ register()

Authentication org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.register	(	Request	request,
		KeycloakPrincipal< RefreshableKeycloakSecurityContext >	principal
	)

inlineprotected

                                                                                                                         {
         request.setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
         Authentication authentication = request.getAuthentication();
         if (!(authentication instanceof KeycloakAuthentication)) {
             UserIdentity userIdentity = createIdentity(principal);
             authentication = createAuthentication(userIdentity, request);
             request.setAuthentication(authentication);
         }
         return authentication;
     }

◆ resolveRequest()

abstract Request org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.resolveRequest ( ServletRequest req )

abstractprotected

◆ secureResponse()

boolean org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.secureResponse	(	ServletRequest	req,
		ServletResponse	res,
		boolean	mandatory,
		Authentication.User	validatedUser
	)		throws ServerAuthException

inline

                                                                                                                                                             {
         return true;
     }

◆ setAdapterConfig()

void org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.setAdapterConfig ( AdapterConfig adapterConfig )

inline

                                                               {
         this.adapterConfig = adapterConfig;
     }

◆ setConfigResolver()

void org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.setConfigResolver ( KeycloakConfigResolver configResolver )

inline

                                                                          {
         this.configResolver = configResolver;
     }

◆ setConfiguration()

void org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.setConfiguration ( AuthConfiguration configuration )

inline

                                                                   {
         //super.setConfiguration(configuration);
         initializeKeycloak();
         // need this so that getUserPrincipal does not throw NPE
         _loginService = new DummyLoginService();
         String error = configuration.getInitParameter(FormAuthenticator.__FORM_ERROR_PAGE);
         setErrorPage(error);
     }

◆ setErrorPage()

void org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.setErrorPage ( String path )

inlineprivate

                                            {
         if (path == null || path.trim().length() == 0) {
         } else {
             if (!path.startsWith("/")) {
                 path = "/" + path;
             }
             errorPage = path;
 
             if (errorPage.indexOf('?') > 0)
                 errorPage = errorPage.substring(0, errorPage.indexOf('?'));
         }
     }

◆ validateRequest()

Authentication org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.validateRequest	(	ServletRequest	req,
		ServletResponse	res,
		boolean	mandatory
	)		throws ServerAuthException

inline

                                                                                                                                  {
         if (log.isTraceEnabled()) {
             log.trace("*** authenticate");
         }
         Request request = resolveRequest(req);
         OIDCJettyHttpFacade facade = new OIDCJettyHttpFacade(request, (HttpServletResponse) res);
         KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
         if (deployment == null || !deployment.isConfigured()) {
             log.debug("*** deployment isn't configured return false");
             return Authentication.UNAUTHENTICATED;
         }
         PreAuthActionsHandler handler = new PreAuthActionsHandler(createSessionManagement(request), deploymentContext, facade);
         if (handler.handleRequest()) {
             return Authentication.SEND_SUCCESS;
         }
         if (!mandatory)
             return new DeferredAuthentication(this);
         AdapterTokenStore tokenStore = getTokenStore(request, facade, deployment);
         nodesRegistrationManagement.tryRegister(deployment);
 
         tokenStore.checkCurrentToken();
         JettyRequestAuthenticator authenticator = createRequestAuthenticator(request, facade, deployment, tokenStore);
         AuthOutcome outcome = authenticator.authenticate();
         if (outcome == AuthOutcome.AUTHENTICATED) {
             if (facade.isEnded()) {
                 return Authentication.SEND_SUCCESS;
             }
 
             Authentication authentication = register(request, authenticator.principal);
             AuthenticatedActionsHandler authenticatedActionsHandler = new AuthenticatedActionsHandler(deployment, facade);
             if (authenticatedActionsHandler.handledRequest()) {
                 return Authentication.SEND_SUCCESS;
             }
             return authentication;
 
         }
         AuthChallenge challenge = authenticator.getChallenge();
         if (challenge != null) {
             challenge.challenge(facade);
         }
         return Authentication.SEND_CONTINUE;
     }

メンバ詳解

◆ adapterConfig

AdapterConfig org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.adapterConfig

protected

◆ configResolver

KeycloakConfigResolver org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.configResolver

protected

◆ deploymentContext

AdapterDeploymentContext org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.deploymentContext

protected

◆ errorPage

String org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.errorPage

protected

◆ log

final org.jboss.logging.Logger org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.log = Logger.getLogger(AbstractKeycloakJettyAuthenticator.class)

staticprotected

◆ nodesRegistrationManagement

NodesRegistrationManagement org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.nodesRegistrationManagement

protected

◆ TOKEN_STORE_NOTE

final String org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.TOKEN_STORE_NOTE = "TOKEN_STORE_NOTE"

static

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/keycloak/doxygen/src/adapters/oidc/jetty/jetty-core/src/main/java/org/keycloak/adapters/jetty/core/AbstractKeycloakJettyAuthenticator.java

クラス

公開メンバ関数

静的公開メンバ関数

静的公開変数類

限定公開メンバ関数

限定公開変数類

静的限定公開変数類

非公開メンバ関数

静的非公開メンバ関数

詳解

構築子と解体子

◆ AbstractKeycloakJettyAuthenticator()

関数詳解

◆ createAuthentication()

◆ createIdentity()

◆ createRequestAuthenticator()

◆ createSessionManagement()

◆ createSessionTokenStore()

◆ getAdapterConfig()

◆ getAuthMethod()

◆ getConfigInputStream()

◆ getConfigResolver()

◆ getJSONFromServletContext()

◆ getTokenStore()

◆ initializeKeycloak()

◆ logoutCurrent()

◆ register()

◆ resolveRequest()

◆ secureResponse()

◆ setAdapterConfig()

◆ setConfigResolver()

◆ setConfiguration()

◆ setErrorPage()

◆ validateRequest()

メンバ詳解

◆ adapterConfig

◆ configResolver

◆ deploymentContext

◆ errorPage

◆ log

◆ nodesRegistrationManagement

◆ TOKEN_STORE_NOTE