org.keycloak.keys.loader.ClientPublicKeyLoader クラス

org.keycloak.keys.loader.ClientPublicKeyLoader の継承関係図

org.keycloak.keys.loader.ClientPublicKeyLoader 連携図

公開メンバ関数
	ClientPublicKeyLoader (KeycloakSession session, ClientModel client)
Map< String, PublicKey >	loadKeys () throws Exception

静的非公開メンバ関数
static PublicKey	getSignatureValidationKey (CertificateRepresentation certInfo) throws ModelException

非公開変数類
final KeycloakSession	session
final ClientModel	client

静的非公開変数類
static final Logger	logger = Logger.getLogger(ClientPublicKeyLoader.class)

詳解

著者

Marek Posolda

構築子と解体子

ClientPublicKeyLoader()

org.keycloak.keys.loader.ClientPublicKeyLoader.ClientPublicKeyLoader ( KeycloakSession  session, ClientModel  client  )

inline

                                                                              {
        this.session = session;
        this.client = client;
    }

関数詳解

getSignatureValidationKey()

static PublicKey org.keycloak.keys.loader.ClientPublicKeyLoader.getSignatureValidationKey ( CertificateRepresentation  certInfo ) throws ModelException

inlinestaticprivate

                                                                                                                 {
        String encodedCertificate = certInfo.getCertificate();
        String encodedPublicKey = certInfo.getPublicKey();

        if (encodedCertificate == null && encodedPublicKey == null) {
            throw new ModelException("Client doesn't have certificate or publicKey configured");
        }

        if (encodedCertificate != null && encodedPublicKey != null) {
            throw new ModelException("Client has both publicKey and certificate configured");
        }

        if (encodedCertificate != null) {
            X509Certificate clientCert = KeycloakModelUtils.getCertificate(encodedCertificate);
            return clientCert.getPublicKey();
        } else {
            return KeycloakModelUtils.getPublicKey(encodedPublicKey);
        }
    }

loadKeys()

Map<String, PublicKey> org.keycloak.keys.loader.ClientPublicKeyLoader.loadKeys ( ) throws Exception

inline

                                                              {
        OIDCAdvancedConfigWrapper config = OIDCAdvancedConfigWrapper.fromClientModel(client);
        if (config.isUseJwksUrl()) {
            String jwksUrl = config.getJwksUrl();
            jwksUrl = ResolveRelative.resolveRelativeUri(session.getContext().getUri().getRequestUri(), client.getRootUrl(), jwksUrl);
            JSONWebKeySet jwks = JWKSHttpUtils.sendJwksRequest(session, jwksUrl);
            return JWKSUtils.getKeysForUse(jwks, JWK.Use.SIG);
        } else {
            try {
                CertificateRepresentation certInfo = CertificateInfoHelper.getCertificateFromClient(client, JWTClientAuthenticator.ATTR_PREFIX);
                PublicKey publicKey = getSignatureValidationKey(certInfo);

                // Check if we have kid in DB, generate otherwise
                String kid = certInfo.getKid() != null ? certInfo.getKid() : KeyUtils.createKeyId(publicKey);
                return Collections.singletonMap(kid, publicKey);
            } catch (ModelException me) {
                logger.warnf(me, "Unable to retrieve publicKey for verify signature of client '%s' . Error details: %s", client.getClientId(), me.getMessage());
                return Collections.emptyMap();
            }

        }
    }

メンバ詳解

client

final ClientModel org.keycloak.keys.loader.ClientPublicKeyLoader.client

private

logger

final Logger org.keycloak.keys.loader.ClientPublicKeyLoader.logger = Logger.getLogger(ClientPublicKeyLoader.class)

staticprivate

session

final KeycloakSession org.keycloak.keys.loader.ClientPublicKeyLoader.session

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/keys/loader/ClientPublicKeyLoader.java