org.keycloak.protocol.oidc.OIDCLoginProtocolService クラス

org.keycloak.protocol.oidc.OIDCLoginProtocolService 連携図

公開メンバ関数
	OIDCLoginProtocolService (RealmModel realm, EventBuilder event)
Object	auth ()
Object	registerPage ()
Object	forgotCredentialsPage ()
Object	token ()
Object	getLoginStatusIframe ()
Response	getVersionPreflight ()
Response	certs ()
Object	issueUserInfo ()
Object	logout ()
Response	installedAppUrnCallback (final @QueryParam("code") String code, final @QueryParam("error") String error, final @QueryParam("error_description") String errorDescription)
Response	kcinitBrowserLoginComplete (@QueryParam("error") boolean error)
Object	resolveExtension (@PathParam("extension") String extension)

静的公開メンバ関数
static UriBuilder	tokenServiceBaseUrl (UriInfo uriInfo)
static UriBuilder	tokenServiceBaseUrl (UriBuilder baseUriBuilder)
static UriBuilder	authUrl (UriInfo uriInfo)
static UriBuilder	authUrl (UriBuilder baseUriBuilder)
static UriBuilder	tokenUrl (UriBuilder baseUriBuilder)
static UriBuilder	certsUrl (UriBuilder baseUriBuilder)
static UriBuilder	userInfoUrl (UriBuilder baseUriBuilder)
static UriBuilder	tokenIntrospectionUrl (UriBuilder baseUriBuilder)
static UriBuilder	logoutUrl (UriInfo uriInfo)
static UriBuilder	logoutUrl (UriBuilder baseUriBuilder)

非公開変数類
RealmModel	realm
TokenManager	tokenManager
EventBuilder	event
KeycloakSession	session
HttpHeaders	headers
HttpRequest	request
ClientConnection	clientConnection

詳解

Resource class for the oauth/openid connect token service

著者

Bill Burke

バージョン

Revision

1

構築子と解体子

OIDCLoginProtocolService()

org.keycloak.protocol.oidc.OIDCLoginProtocolService.OIDCLoginProtocolService ( RealmModel  realm, EventBuilder  event  )

inline

                                                                          {
        this.realm = realm;
        this.tokenManager = new TokenManager();
        this.event = event;
    }

関数詳解

auth()

Object org.keycloak.protocol.oidc.OIDCLoginProtocolService.auth ( )

inline

Authorization endpoint

                         {
        AuthorizationEndpoint endpoint = new AuthorizationEndpoint(realm, event);
        ResteasyProviderFactory.getInstance().injectProperties(endpoint);
        return endpoint;
    }

authUrl() [1/2]

static UriBuilder org.keycloak.protocol.oidc.OIDCLoginProtocolService.authUrl ( UriInfo  uriInfo )

inlinestatic

                                                      {
        UriBuilder baseUriBuilder = uriInfo.getBaseUriBuilder();
        return authUrl(baseUriBuilder);
    }

authUrl() [2/2]

static UriBuilder org.keycloak.protocol.oidc.OIDCLoginProtocolService.authUrl ( UriBuilder  baseUriBuilder )

inlinestatic

                                                                {
        UriBuilder uriBuilder = tokenServiceBaseUrl(baseUriBuilder);
        return uriBuilder.path(OIDCLoginProtocolService.class, "auth");
    }

certs()

Response org.keycloak.protocol.oidc.OIDCLoginProtocolService.certs ( )

inline

                            {
        List<JWK> keys = new LinkedList<>();
        for (KeyWrapper k : session.keys().getKeys(realm)) {
            if (k.getStatus().isEnabled() && k.getUse().equals(KeyUse.SIG) && k.getVerifyKey() != null) {
                JWKBuilder b = JWKBuilder.create().kid(k.getKid()).algorithm(k.getAlgorithm());
                if (k.getType().equals(KeyType.RSA)) {
                    keys.add(b.rsa(k.getVerifyKey()));
                } else if (k.getType().equals(KeyType.EC)) {
                    keys.add(b.ec(k.getVerifyKey()));
                }
            }
        }

        JSONWebKeySet keySet = new JSONWebKeySet();

        JWK[] k = new JWK[keys.size()];
        k = keys.toArray(k);
        keySet.setKeys(k);

        Response.ResponseBuilder responseBuilder = Response.ok(keySet).cacheControl(CacheControlUtil.getDefaultCacheControl());
        return Cors.add(request, responseBuilder).allowedOrigins("*").auth().build();
    }

certsUrl()

static UriBuilder org.keycloak.protocol.oidc.OIDCLoginProtocolService.certsUrl ( UriBuilder  baseUriBuilder )

inlinestatic

                                                                 {
        UriBuilder uriBuilder = tokenServiceBaseUrl(baseUriBuilder);
        return uriBuilder.path(OIDCLoginProtocolService.class, "certs");
    }

forgotCredentialsPage()

Object org.keycloak.protocol.oidc.OIDCLoginProtocolService.forgotCredentialsPage ( )

inline

Forgot-Credentials endpoint

                                          {
        AuthorizationEndpoint endpoint = new AuthorizationEndpoint(realm, event);
        ResteasyProviderFactory.getInstance().injectProperties(endpoint);
        return endpoint.forgotCredentials();
    }

getLoginStatusIframe()

Object org.keycloak.protocol.oidc.OIDCLoginProtocolService.getLoginStatusIframe ( )

inline

                                         {
        LoginStatusIframeEndpoint endpoint = new LoginStatusIframeEndpoint();
        ResteasyProviderFactory.getInstance().injectProperties(endpoint);
        return endpoint;
    }

getVersionPreflight()

Response org.keycloak.protocol.oidc.OIDCLoginProtocolService.getVersionPreflight ( )

inline

                                          {
        return Cors.add(request, Response.ok()).allowedMethods("GET").preflight().auth().build();
    }

installedAppUrnCallback()

Response org.keycloak.protocol.oidc.OIDCLoginProtocolService.installedAppUrnCallback ( final @QueryParam("code") String  code, final @QueryParam("error") String  error, final @QueryParam("error_description") String  errorDescription  )

inline

                                                                                                                                                                                            {
        LoginFormsProvider forms = session.getProvider(LoginFormsProvider.class);
        if (code != null) {
            return forms.setClientSessionCode(code).createCode();
        } else {
            return forms.setError(error).createCode();
        }
    }

issueUserInfo()

Object org.keycloak.protocol.oidc.OIDCLoginProtocolService.issueUserInfo ( )

inline

                                  {
        UserInfoEndpoint endpoint = new UserInfoEndpoint(tokenManager, realm);
        ResteasyProviderFactory.getInstance().injectProperties(endpoint);
        return endpoint;
    }

kcinitBrowserLoginComplete()

Response org.keycloak.protocol.oidc.OIDCLoginProtocolService.kcinitBrowserLoginComplete ( @QueryParam("error") boolean  error )

inline

For KeycloakInstalled and kcinit login where command line login is delegated to a browser. This clears login cookies and outputs login success or failure messages.

引数

error

戻り値

                                                                                   {
        AuthenticationManager.expireIdentityCookie(realm, session.getContext().getUri(), clientConnection);
        AuthenticationManager.expireRememberMeCookie(realm, session.getContext().getUri(), clientConnection);
        if (error) {
            LoginFormsProvider forms = session.getProvider(LoginFormsProvider.class);
            return forms
                    .setAttribute("messageHeader", forms.getMessage(Messages.DELEGATION_FAILED_HEADER))
                    .setAttribute(Constants.SKIP_LINK, true).setError(Messages.DELEGATION_FAILED).createInfoPage();

        } else {
            LoginFormsProvider forms = session.getProvider(LoginFormsProvider.class);
            return forms
                    .setAttribute("messageHeader", forms.getMessage(Messages.DELEGATION_COMPLETE_HEADER))
                    .setAttribute(Constants.SKIP_LINK, true)
                    .setSuccess(Messages.DELEGATION_COMPLETE).createInfoPage();
        }
    }

logout()

Object org.keycloak.protocol.oidc.OIDCLoginProtocolService.logout ( )

inline

                           {
        LogoutEndpoint endpoint = new LogoutEndpoint(tokenManager, realm, event);
        ResteasyProviderFactory.getInstance().injectProperties(endpoint);
        return endpoint;
    }

logoutUrl() [1/2]

static UriBuilder org.keycloak.protocol.oidc.OIDCLoginProtocolService.logoutUrl ( UriInfo  uriInfo )

inlinestatic

                                                        {
        UriBuilder baseUriBuilder = uriInfo.getBaseUriBuilder();
        return logoutUrl(baseUriBuilder);
    }

logoutUrl() [2/2]

static UriBuilder org.keycloak.protocol.oidc.OIDCLoginProtocolService.logoutUrl ( UriBuilder  baseUriBuilder )

inlinestatic

                                                                  {
        UriBuilder uriBuilder = tokenServiceBaseUrl(baseUriBuilder);
        return uriBuilder.path(OIDCLoginProtocolService.class, "logout");
    }

registerPage()

Object org.keycloak.protocol.oidc.OIDCLoginProtocolService.registerPage ( )

inline

Registration endpoint

                                 {
        AuthorizationEndpoint endpoint = new AuthorizationEndpoint(realm, event);
        ResteasyProviderFactory.getInstance().injectProperties(endpoint);
        return endpoint.register();
    }

resolveExtension()

Object org.keycloak.protocol.oidc.OIDCLoginProtocolService.resolveExtension ( @PathParam("extension") String  extension )

inline

                                                                             {
        OIDCExtProvider provider = session.getProvider(OIDCExtProvider.class, extension);
        if (provider != null) {
            provider.setEvent(event);
            return provider;
        }
        throw new NotFoundException();
    }

token()

Object org.keycloak.protocol.oidc.OIDCLoginProtocolService.token ( )

inline

Token endpoint

                          {
        TokenEndpoint endpoint = new TokenEndpoint(tokenManager, realm, event);
        ResteasyProviderFactory.getInstance().injectProperties(endpoint);
        return endpoint;
    }

tokenIntrospectionUrl()

static UriBuilder org.keycloak.protocol.oidc.OIDCLoginProtocolService.tokenIntrospectionUrl ( UriBuilder  baseUriBuilder )

inlinestatic

                                                                              {
        return tokenUrl(baseUriBuilder).path(TokenEndpoint.class, "introspect");
    }

tokenServiceBaseUrl() [1/2]

static UriBuilder org.keycloak.protocol.oidc.OIDCLoginProtocolService.tokenServiceBaseUrl ( UriInfo  uriInfo )

inlinestatic

                                                                  {
        UriBuilder baseUriBuilder = uriInfo.getBaseUriBuilder();
        return tokenServiceBaseUrl(baseUriBuilder);
    }

tokenServiceBaseUrl() [2/2]

static UriBuilder org.keycloak.protocol.oidc.OIDCLoginProtocolService.tokenServiceBaseUrl ( UriBuilder  baseUriBuilder )

inlinestatic

                                                                            {
        return baseUriBuilder.path(RealmsResource.class).path("{realm}/protocol/" + OIDCLoginProtocol.LOGIN_PROTOCOL);
    }

tokenUrl()

static UriBuilder org.keycloak.protocol.oidc.OIDCLoginProtocolService.tokenUrl ( UriBuilder  baseUriBuilder )

inlinestatic

                                                                 {
        UriBuilder uriBuilder = tokenServiceBaseUrl(baseUriBuilder);
        return uriBuilder.path(OIDCLoginProtocolService.class, "token");
    }

userInfoUrl()

static UriBuilder org.keycloak.protocol.oidc.OIDCLoginProtocolService.userInfoUrl ( UriBuilder  baseUriBuilder )

inlinestatic

                                                                    {
        UriBuilder uriBuilder = tokenServiceBaseUrl(baseUriBuilder);
        return uriBuilder.path(OIDCLoginProtocolService.class, "issueUserInfo");
    }

メンバ詳解

clientConnection

ClientConnection org.keycloak.protocol.oidc.OIDCLoginProtocolService.clientConnection

private

event

EventBuilder org.keycloak.protocol.oidc.OIDCLoginProtocolService.event

private

headers

HttpHeaders org.keycloak.protocol.oidc.OIDCLoginProtocolService.headers

private

realm

RealmModel org.keycloak.protocol.oidc.OIDCLoginProtocolService.realm

private

request

HttpRequest org.keycloak.protocol.oidc.OIDCLoginProtocolService.request

private

session

KeycloakSession org.keycloak.protocol.oidc.OIDCLoginProtocolService.session

private

tokenManager

TokenManager org.keycloak.protocol.oidc.OIDCLoginProtocolService.tokenManager

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java