org.keycloak.protocol.oidc.AccessTokenIntrospectionProvider クラス

org.keycloak.protocol.oidc.AccessTokenIntrospectionProvider の継承関係図

org.keycloak.protocol.oidc.AccessTokenIntrospectionProvider 連携図

公開メンバ関数
	AccessTokenIntrospectionProvider (KeycloakSession session)
Response	introspect (String token)
void	close ()

限定公開メンバ関数
AccessToken	verifyAccessToken (String token) throws OAuthErrorException, IOException

非公開変数類
final KeycloakSession	session
final TokenManager	tokenManager
final RealmModel	realm

詳解

著者

Pedro Igor

構築子と解体子

AccessTokenIntrospectionProvider()

org.keycloak.protocol.oidc.AccessTokenIntrospectionProvider.AccessTokenIntrospectionProvider ( KeycloakSession  session )

inline

                                                                     {
        this.session = session;
        this.realm = session.getContext().getRealm();
        this.tokenManager = new TokenManager();
    }

関数詳解

close()

void org.keycloak.protocol.oidc.AccessTokenIntrospectionProvider.close ( )

inline

                        {

    }

introspect()

Response org.keycloak.protocol.oidc.AccessTokenIntrospectionProvider.introspect ( String  token )

inline

                                             {
        try {
            AccessToken accessToken = verifyAccessToken(token);
            ObjectNode tokenMetadata;

            if (accessToken != null) {
                tokenMetadata = JsonSerialization.createObjectNode(accessToken);
                tokenMetadata.put("client_id", accessToken.getIssuedFor());
                tokenMetadata.put("username", accessToken.getPreferredUsername());
            } else {
                tokenMetadata = JsonSerialization.createObjectNode();
            }

            tokenMetadata.put("active", accessToken != null);

            return Response.ok(JsonSerialization.writeValueAsBytes(tokenMetadata)).type(MediaType.APPLICATION_JSON_TYPE).build();
        } catch (Exception e) {
            throw new RuntimeException("Error creating token introspection response.", e);
        }
    }

verifyAccessToken()

AccessToken org.keycloak.protocol.oidc.AccessTokenIntrospectionProvider.verifyAccessToken ( String  token ) throws OAuthErrorException, IOException

inlineprotected

                                                                                                  {
        AccessToken accessToken;

        try {
            TokenVerifier<AccessToken> verifier = TokenVerifier.create(token, AccessToken.class)
                    .realmUrl(Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName()));

            SignatureVerifierContext verifierContext = session.getProvider(SignatureProvider.class, verifier.getHeader().getAlgorithm().name()).verifier(verifier.getHeader().getKeyId());
            verifier.verifierContext(verifierContext);

            accessToken = verifier.verify().getToken();
        } catch (VerificationException e) {
            return null;
        }

        RealmModel realm = this.session.getContext().getRealm();

        return tokenManager.checkTokenValidForIntrospection(session, realm, accessToken) ? accessToken : null;
    }

メンバ詳解

realm

final RealmModel org.keycloak.protocol.oidc.AccessTokenIntrospectionProvider.realm

private

session

final KeycloakSession org.keycloak.protocol.oidc.AccessTokenIntrospectionProvider.session

private

tokenManager

final TokenManager org.keycloak.protocol.oidc.AccessTokenIntrospectionProvider.tokenManager

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/protocol/oidc/AccessTokenIntrospectionProvider.java