keycloak-oidc-service: org.keycloak.authentication.Authenticator インタフェース

keycloak-oidc-service

org.keycloak.authentication.Authenticator の継承関係図

Inheritance graph

org.keycloak.authentication.Authenticator 連携図

Collaboration graph

公開メンバ関数
void	authenticate (AuthenticationFlowContext context)

void	action (AuthenticationFlowContext context)

boolean	requiresUser ()

boolean	configuredFor (KeycloakSession session, RealmModel realm, UserModel user)

void	setRequiredActions (KeycloakSession session, RealmModel realm, UserModel user)

void	close ()

詳解

This interface is for users that want to add custom authenticators to an authentication flow. You must implement this interface as well as an AuthenticatorFactory.

著者: Bill Burke

バージョン

Revision: 1

関数詳解

◆ action()

void org.keycloak.authentication.Authenticator.action ( AuthenticationFlowContext context )

Called from a form action invocation.

引数

context

org.keycloak.authentication.authenticators.x509.X509ClientCertificateAuthenticator, org.keycloak.authentication.authenticators.x509.ValidateX509CertificateUsername, org.keycloak.authentication.authenticators.challenge.BasicAuthAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetCredentialEmail, org.keycloak.authentication.authenticators.cli.CliUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.browser.ScriptBasedAuthenticator, org.keycloak.authentication.authenticators.console.ConsoleUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.browser.IdentityProviderAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetCredentialChooseUser, org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator, org.keycloak.authentication.authenticators.browser.CookieAuthenticator, org.keycloak.authentication.authenticators.challenge.NoCookieFlowRedirectAuthenticator, org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator, org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator, org.keycloak.authentication.authenticators.console.ConsoleOTPFormAuthenticator, org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateDirectGrantAuthenticator, org.keycloak.authentication.authenticators.resetcred.AbstractSetRequiredActionAuthenticator, org.keycloak.authentication.authenticators.browser.UsernamePasswordForm, org.keycloak.authentication.authenticators.directgrant.AbstractDirectGrantAuthenticator, org.keycloak.authentication.authenticators.browser.OTPFormAuthenticator, org.keycloak.authentication.authenticators.AttemptedAuthenticator (計21項目)で実装されています。

◆ authenticate()

void org.keycloak.authentication.Authenticator.authenticate ( AuthenticationFlowContext context )

Initial call for the authenticator. This method should check the current HTTP request to determine if the request satifies the Authenticator's requirements. If it doesn't, it should send back a challenge response by calling the AuthenticationFlowContext.challenge(Response). If this challenge is a authentication, the action URL of the form must point to

/realms/{realm}/login-actions/authenticate?code={session-code}&execution={executionId}

or

/realms/{realm}/login-actions/registration?code={session-code}&execution={executionId}

{session-code} pertains to the code generated from AuthenticationFlowContext.generateAccessCode(). The {executionId} pertains to the AuthenticationExecutionModel.getId() value obtained from AuthenticationFlowContext.getExecution().

The action URL will invoke the action() method described below.

引数

context

org.keycloak.authentication.authenticators.browser.ConditionalOtpFormAuthenticator, org.keycloak.authentication.authenticators.browser.ScriptBasedAuthenticator, org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator, org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator, org.keycloak.authentication.authenticators.browser.UsernamePasswordForm, org.keycloak.authentication.authenticators.resetcred.ResetCredentialEmail, org.keycloak.authentication.authenticators.console.ConsoleOTPFormAuthenticator, org.keycloak.authentication.authenticators.console.ConsoleUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.x509.X509ClientCertificateAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetCredentialChooseUser, org.keycloak.authentication.authenticators.directgrant.ValidateUsername, org.keycloak.authentication.authenticators.challenge.BasicAuthAuthenticator, org.keycloak.authentication.authenticators.cli.CliUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.browser.IdentityProviderAuthenticator, org.keycloak.authentication.authenticators.browser.OTPFormAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidateOTP, org.keycloak.authentication.authenticators.directgrant.ValidatePassword, org.keycloak.authentication.authenticators.x509.ValidateX509CertificateUsername, org.keycloak.authentication.authenticators.challenge.NoCookieFlowRedirectAuthenticator, org.keycloak.authentication.authenticators.browser.CookieAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetPassword, org.keycloak.authentication.authenticators.resetcred.ResetOTP, org.keycloak.authentication.authenticators.AttemptedAuthenticator (計23項目)で実装されています。

◆ close()

void org.keycloak.provider.Provider.close ( )

inherited

org.keycloak.storage.UserStorageManager, org.keycloak.forms.login.freemarker.FreeMarkerLoginFormsProvider, org.keycloak.forms.account.freemarker.FreeMarkerAccountProvider, org.keycloak.protocol.oidc.OIDCLoginProtocol, org.keycloak.credential.UserCredentialStoreManager, org.keycloak.services.managers.DefaultBruteForceProtector, org.keycloak.email.freemarker.FreeMarkerEmailTemplateProvider, org.keycloak.storage.ClientStorageManager, org.keycloak.services.clientregistration.AbstractClientRegistrationProvider, org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetCredentialEmail, org.keycloak.authentication.forms.RegistrationRecaptcha, org.keycloak.authentication.authenticators.browser.ScriptBasedAuthenticator, org.keycloak.email.DefaultEmailSenderProvider, org.keycloak.exportimport.dir.DirImportProvider, org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator, org.keycloak.authorization.AuthorizationProvider, org.keycloak.authentication.authenticators.resetcred.ResetCredentialChooseUser, org.keycloak.authentication.forms.RegistrationUserCreation, org.keycloak.theme.ExtendingThemeManager, org.keycloak.authentication.authenticators.challenge.BasicAuthAuthenticator, org.keycloak.authentication.authenticators.cli.CliUsernamePasswordAuthenticator, org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation, org.keycloak.authentication.forms.RegistrationProfile, org.keycloak.authentication.requiredactions.UpdatePassword, org.keycloak.authentication.requiredactions.UpdateProfile, org.keycloak.authentication.forms.RegistrationPassword, org.keycloak.protocol.oidc.OIDCWellKnownProvider, org.keycloak.events.log.JBossLoggingEventListenerProvider, org.keycloak.authentication.authenticators.console.ConsoleUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator, org.keycloak.authentication.authenticators.browser.IdentityProviderAuthenticator, org.keycloak.credential.hash.Pbkdf2PasswordHashProvider, org.keycloak.authentication.authenticators.browser.UsernamePasswordForm, org.keycloak.authentication.authenticators.browser.OTPFormAuthenticator, org.keycloak.authentication.requiredactions.ConsoleUpdateTotp, org.keycloak.authentication.requiredactions.ConsoleVerifyEmail, org.keycloak.authentication.requiredactions.VerifyEmail, org.keycloak.authentication.requiredactions.TermsAndConditions, org.keycloak.authorization.protection.introspect.RPTIntrospectionProvider, org.keycloak.protocol.oidc.installation.KeycloakOIDCJbossSubsystemClientInstallation, org.keycloak.authentication.requiredactions.UpdateTotp, org.keycloak.models.UserProvider, org.keycloak.exportimport.dir.DirExportProvider, org.keycloak.models.UserSessionProvider, org.keycloak.scripting.DefaultScriptingProvider, org.keycloak.protocol.oidc.AccessTokenIntrospectionProvider, org.keycloak.exportimport.singlefile.SingleFileExportProvider, org.keycloak.exportimport.singlefile.SingleFileImportProvider, org.keycloak.policy.HashIterationsPasswordPolicyProviderFactory, org.keycloak.services.migration.DefaultMigrationProvider, org.keycloak.authentication.authenticators.resetcred.AbstractSetRequiredActionAuthenticator, org.keycloak.services.clientregistration.AdapterInstallationClientRegistrationProvider, org.keycloak.timer.basic.BasicTimerProvider, org.keycloak.theme.FolderThemeProvider, org.keycloak.models.RealmProvider, org.keycloak.policy.HistoryPasswordPolicyProvider, org.keycloak.authentication.authenticators.browser.CookieAuthenticator, org.keycloak.keys.AbstractGeneratedSecretKeyProvider, org.keycloak.events.email.EmailEventListenerProvider, org.keycloak.authentication.authenticators.challenge.NoCookieFlowRedirectAuthenticator, org.keycloak.policy.BlacklistPasswordPolicyProvider, org.keycloak.authentication.authenticators.console.ConsoleOTPFormAuthenticator, org.keycloak.authentication.requiredactions.ConsoleTermsAndConditions, org.keycloak.policy.RegexPatternsPasswordPolicyProvider, org.keycloak.authentication.requiredactions.ConsoleUpdateProfile, org.keycloak.exportimport.KeycloakClientDescriptionConverter, org.keycloak.policy.DefaultPasswordPolicyManagerProvider, org.keycloak.services.x509.AbstractClientCertificateFromHttpHeadersLookup, org.keycloak.theme.ClasspathThemeProvider, org.keycloak.policy.DigitsPasswordPolicyProvider, org.keycloak.policy.LowerCasePasswordPolicyProvider, org.keycloak.policy.SpecialCharsPasswordPolicyProvider, org.keycloak.policy.UpperCasePasswordPolicyProvider, org.keycloak.models.session.DisabledUserSessionPersisterProvider, org.keycloak.policy.NotUsernamePasswordPolicyProvider, org.keycloak.theme.DefaultThemeSelectorProvider, org.keycloak.provider.ExceptionConverter, org.keycloak.policy.LengthPasswordPolicyProvider, org.keycloak.authentication.forms.RegistrationPage, org.keycloak.protocol.oidc.OIDCClientDescriptionConverter, org.keycloak.theme.ClasspathThemeResourceProviderFactory, org.keycloak.policy.HashAlgorithmPasswordPolicyProviderFactory, org.keycloak.authentication.authenticators.x509.X509ClientCertificateAuthenticator, org.keycloak.locale.DefaultLocaleSelectorProvider, org.keycloak.policy.ForceExpiredPasswordPolicyProviderFactory, org.keycloak.authentication.authenticators.directgrant.AbstractDirectGrantAuthenticator, org.keycloak.truststore.FileTruststoreProvider, org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper, org.keycloak.authentication.authenticators.AttemptedAuthenticator, org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy, org.keycloak.services.x509.DefaultClientCertificateLookup, org.keycloak.authorization.config.UmaWellKnownProvider, org.keycloak.urls.HostnameProvider, org.keycloak.authentication.authenticators.client.AbstractClientAuthenticator, org.keycloak.keys.KeyProvider, org.keycloak.transaction.JtaTransactionManagerLookup, org.keycloak.broker.provider.AbstractIdentityProviderMapper, org.keycloak.authentication.AbstractFormAuthenticator, org.keycloak.crypto.SignatureProvider, org.keycloak.credential.CredentialProvider, org.keycloak.protocol.oidc.ext.OIDCExtProvider (計102項目)で実装されています。

◆ configuredFor()

boolean org.keycloak.authentication.Authenticator.configuredFor	(	KeycloakSession	session,
		RealmModel	realm,
		UserModel	user
	)

Is this authenticator configured for this user.

引数

session
realm
user

戻り値

org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator, org.keycloak.authentication.authenticators.browser.ScriptBasedAuthenticator, org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator, org.keycloak.authentication.authenticators.broker.IdpCreateUserIfUniqueAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetCredentialEmail, org.keycloak.authentication.authenticators.broker.IdpReviewProfileAuthenticator, org.keycloak.authentication.authenticators.challenge.BasicAuthAuthenticator, org.keycloak.authentication.authenticators.cli.CliUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetCredentialChooseUser, org.keycloak.authentication.authenticators.broker.IdpEmailVerificationAuthenticator, org.keycloak.authentication.authenticators.console.ConsoleUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.resetcred.AbstractSetRequiredActionAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidateUsername, org.keycloak.authentication.authenticators.browser.IdentityProviderAuthenticator, org.keycloak.authentication.authenticators.browser.UsernamePasswordForm, org.keycloak.authentication.authenticators.broker.IdpConfirmLinkAuthenticator, org.keycloak.authentication.authenticators.browser.OTPFormAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidateOTP, org.keycloak.authentication.authenticators.browser.CookieAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidatePassword, org.keycloak.authentication.authenticators.challenge.NoCookieFlowRedirectAuthenticator, org.keycloak.authentication.authenticators.broker.IdpAutoLinkAuthenticator, org.keycloak.authentication.authenticators.challenge.BasicAuthOTPAuthenticator, org.keycloak.authentication.authenticators.AttemptedAuthenticator (計24項目)で実装されています。

◆ requiresUser()

boolean org.keycloak.authentication.Authenticator.requiresUser ( )

Does this authenticator require that the user has already been identified? That AuthenticatorContext.getUser() is not null?

戻り値

org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator, org.keycloak.authentication.authenticators.browser.ScriptBasedAuthenticator, org.keycloak.authentication.authenticators.broker.IdpCreateUserIfUniqueAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetCredentialEmail, org.keycloak.authentication.authenticators.resetcred.ResetCredentialChooseUser, org.keycloak.authentication.authenticators.broker.IdpEmailVerificationAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidateUsername, org.keycloak.authentication.authenticators.browser.IdentityProviderAuthenticator, org.keycloak.authentication.authenticators.broker.IdpConfirmLinkAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidateOTP, org.keycloak.authentication.authenticators.browser.UsernamePasswordForm, org.keycloak.authentication.authenticators.browser.OTPFormAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidatePassword, org.keycloak.authentication.authenticators.broker.IdpAutoLinkAuthenticator, org.keycloak.authentication.authenticators.broker.IdpReviewProfileAuthenticator, org.keycloak.authentication.authenticators.resetcred.AbstractSetRequiredActionAuthenticator, org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator, org.keycloak.authentication.authenticators.challenge.BasicAuthAuthenticator, org.keycloak.authentication.authenticators.cli.CliUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.console.ConsoleUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.challenge.NoCookieFlowRedirectAuthenticator, org.keycloak.authentication.authenticators.browser.CookieAuthenticator, org.keycloak.authentication.authenticators.AttemptedAuthenticator (計23項目)で実装されています。

◆ setRequiredActions()

void org.keycloak.authentication.Authenticator.setRequiredActions	(	KeycloakSession	session,
		RealmModel	realm,
		UserModel	user
	)

Set actions to configure authenticator

org.keycloak.authentication.authenticators.browser.ConditionalOtpFormAuthenticator, org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator, org.keycloak.authentication.authenticators.browser.ScriptBasedAuthenticator, org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetCredentialEmail, org.keycloak.authentication.authenticators.challenge.BasicAuthAuthenticator, org.keycloak.authentication.authenticators.cli.CliUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.resetcred.ResetCredentialChooseUser, org.keycloak.authentication.authenticators.console.ConsoleUsernamePasswordAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidateUsername, org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator, org.keycloak.authentication.authenticators.browser.IdentityProviderAuthenticator, org.keycloak.authentication.authenticators.browser.UsernamePasswordForm, org.keycloak.authentication.authenticators.browser.OTPFormAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidateOTP, org.keycloak.authentication.authenticators.browser.CookieAuthenticator, org.keycloak.authentication.authenticators.directgrant.ValidatePassword, org.keycloak.authentication.authenticators.challenge.NoCookieFlowRedirectAuthenticator, org.keycloak.authentication.authenticators.resetcred.AbstractSetRequiredActionAuthenticator, org.keycloak.authentication.authenticators.AttemptedAuthenticator (計20項目)で実装されています。

このインタフェース詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/oidc-service/src/main/java/org/keycloak/authentication/Authenticator.java