org.keycloak.services.managers.AuthenticationSessionManager クラス

org.keycloak.services.managers.AuthenticationSessionManager 連携図

公開メンバ関数
	AuthenticationSessionManager (KeycloakSession session)
RootAuthenticationSessionModel	createAuthenticationSession (RealmModel realm, boolean browserCookie)
RootAuthenticationSessionModel	getCurrentRootAuthenticationSession (RealmModel realm)
UserSessionModel	getUserSessionFromAuthCookie (RealmModel realm)
AuthenticationSessionModel	getCurrentAuthenticationSession (RealmModel realm, ClientModel client, String tabId)
void	setAuthSessionCookie (String authSessionId, RealmModel realm)
void	removeAuthenticationSession (RealmModel realm, AuthenticationSessionModel authSession, boolean expireRestartCookie)
UserSessionModel	getUserSession (AuthenticationSessionModel authSession)
AuthenticationSessionModel	getAuthenticationSessionByIdAndClient (RealmModel realm, String authSessionId, ClientModel client, String tabId)

静的公開変数類
static final String	AUTH_SESSION_ID = "AUTH_SESSION_ID"
static final int	AUTH_SESSION_LIMIT = 3

関数
AuthSessionId	decodeAuthSessionId (String encodedAuthSessionId)
void	reencodeAuthSessionCookie (String oldEncodedAuthSessionId, AuthSessionId newAuthSessionId, RealmModel realm)
List< String >	getAuthSessionCookies (RealmModel realm)

非公開変数類
final KeycloakSession	session

静的非公開変数類
static final Logger	log = Logger.getLogger(AuthenticationSessionManager.class)

詳解

著者

Marek Posolda

構築子と解体子

AuthenticationSessionManager()

org.keycloak.services.managers.AuthenticationSessionManager.AuthenticationSessionManager ( KeycloakSession  session )

inline

                                                                 {
        this.session = session;
    }

関数詳解

createAuthenticationSession()

RootAuthenticationSessionModel org.keycloak.services.managers.AuthenticationSessionManager.createAuthenticationSession ( RealmModel  realm, boolean  browserCookie  )

inline

Creates a fresh authentication session for the given realm . Optionally sets the browser authentication session cookie AUTH_SESSION_ID with the ID of the new session.

引数

realm
browserCookie	Set the cookie in the browser for the

戻り値

                                                                                                               {
        RootAuthenticationSessionModel rootAuthSession = session.authenticationSessions().createRootAuthenticationSession(realm);

        if (browserCookie) {
            setAuthSessionCookie(rootAuthSession.getId(), realm);
        }

        return rootAuthSession;
    }

decodeAuthSessionId()

AuthSessionId org.keycloak.services.managers.AuthenticationSessionManager.decodeAuthSessionId ( String  encodedAuthSessionId )

inlinepackage

引数

encodedAuthSessionId

encoded ID with attached route in cluster environment (EG. "5e161e00-d426-4ea6-98e9-52eb9844e2d7.node1" )

戻り値

object with decoded and actually encoded authSessionId

                                                                   {
        log.debugf("Found AUTH_SESSION_ID cookie with value %s", encodedAuthSessionId);
        StickySessionEncoderProvider encoder = session.getProvider(StickySessionEncoderProvider.class);
        String decodedAuthSessionId = encoder.decodeSessionId(encodedAuthSessionId);
        String reencoded = encoder.encodeSessionId(decodedAuthSessionId);

        return new AuthSessionId(decodedAuthSessionId, reencoded);
    }

getAuthenticationSessionByIdAndClient()

AuthenticationSessionModel org.keycloak.services.managers.AuthenticationSessionManager.getAuthenticationSessionByIdAndClient ( RealmModel  realm, String  authSessionId, ClientModel  client, String  tabId  )

inline

                                                                                                                                                      {
        RootAuthenticationSessionModel rootAuthSession = session.authenticationSessions().getRootAuthenticationSession(realm, authSessionId);
        return rootAuthSession==null ? null : rootAuthSession.getAuthenticationSession(client, tabId);
    }

getAuthSessionCookies()

List<String> org.keycloak.services.managers.AuthenticationSessionManager.getAuthSessionCookies ( RealmModel  realm )

inlinepackage

引数

realm

戻り値

list of the values of AUTH_SESSION_ID cookies. It is assumed that values could be encoded with route added (EG. "5e161e00-d426-4ea6-98e9-52eb9844e2d7.node1" )

                                                         {
        Set<String> cookiesVal = CookieHelper.getCookieValue(AUTH_SESSION_ID);

        if (cookiesVal.size() > 1) {
            AuthenticationManager.expireOldAuthSessionCookie(realm, session.getContext().getUri(), session.getContext().getConnection());
        }

        List<String> authSessionIds = cookiesVal.stream().limit(AUTH_SESSION_LIMIT).collect(Collectors.toList());

        if (authSessionIds.isEmpty()) {
            log.debugf("Not found AUTH_SESSION_ID cookie");
        }

        return authSessionIds;
    }

getCurrentAuthenticationSession()

AuthenticationSessionModel org.keycloak.services.managers.AuthenticationSessionManager.getCurrentAuthenticationSession ( RealmModel  realm, ClientModel  client, String  tabId  )

inline

Returns current authentication session if it exists, otherwise returns

null 

.

引数

realm

戻り値

                                                                                                                          {
        List<String> authSessionCookies = getAuthSessionCookies(realm);

        return authSessionCookies.stream().map(oldEncodedId -> {
            AuthSessionId authSessionId = decodeAuthSessionId(oldEncodedId);
            String sessionId = authSessionId.getDecodedId();

            AuthenticationSessionModel authSession = getAuthenticationSessionByIdAndClient(realm, sessionId, client, tabId);

            if (authSession != null) {
                reencodeAuthSessionCookie(oldEncodedId, authSessionId, realm);
                return authSession;
            }

            return null;
        }).filter(authSession -> Objects.nonNull(authSession)).findFirst().orElse(null);
    }

getCurrentRootAuthenticationSession()

RootAuthenticationSessionModel org.keycloak.services.managers.AuthenticationSessionManager.getCurrentRootAuthenticationSession ( RealmModel  realm )

inline

                                                                                                {
        List<String> authSessionCookies = getAuthSessionCookies(realm);

        return authSessionCookies.stream().map(oldEncodedId -> {
            AuthSessionId authSessionId = decodeAuthSessionId(oldEncodedId);
            String sessionId = authSessionId.getDecodedId();

            RootAuthenticationSessionModel rootAuthSession = session.authenticationSessions().getRootAuthenticationSession(realm, sessionId);

            if (rootAuthSession != null) {
                reencodeAuthSessionCookie(oldEncodedId, authSessionId, realm);
                return rootAuthSession;
            }

            return null;
        }).filter(authSession -> Objects.nonNull(authSession)).findFirst().orElse(null);
    }

getUserSession()

UserSessionModel org.keycloak.services.managers.AuthenticationSessionManager.getUserSession ( AuthenticationSessionModel  authSession )

inline

                                                                                   {
        return session.sessions().getUserSession(authSession.getRealm(), authSession.getParentSession().getId());
    }

getUserSessionFromAuthCookie()

UserSessionModel org.keycloak.services.managers.AuthenticationSessionManager.getUserSessionFromAuthCookie ( RealmModel  realm )

inline

                                                                           {
        List<String> authSessionCookies = getAuthSessionCookies(realm);

        return authSessionCookies.stream().map(oldEncodedId -> {
            AuthSessionId authSessionId = decodeAuthSessionId(oldEncodedId);
            String sessionId = authSessionId.getDecodedId();

            UserSessionModel userSession = session.sessions().getUserSession(realm, sessionId);

            if (userSession != null) {
                reencodeAuthSessionCookie(oldEncodedId, authSessionId, realm);
                return userSession;
            }

            return null;
        }).filter(authSession -> Objects.nonNull(authSession)).findFirst().orElse(null);
    }

reencodeAuthSessionCookie()

void org.keycloak.services.managers.AuthenticationSessionManager.reencodeAuthSessionCookie ( String  oldEncodedAuthSessionId, AuthSessionId  newAuthSessionId, RealmModel  realm  )

inlinepackage

                                                                                                                     {
        if (!oldEncodedAuthSessionId.equals(newAuthSessionId.getEncodedId())) {
            log.debugf("Route changed. Will update authentication session cookie. Old: '%s', New: '%s'", oldEncodedAuthSessionId,
                    newAuthSessionId.getEncodedId());
            setAuthSessionCookie(newAuthSessionId.getDecodedId(), realm);
        }
    }

removeAuthenticationSession()

void org.keycloak.services.managers.AuthenticationSessionManager.removeAuthenticationSession ( RealmModel  realm, AuthenticationSessionModel  authSession, boolean  expireRestartCookie  )

inline

                                                                                                                                   {
        RootAuthenticationSessionModel rootAuthSession = authSession.getParentSession();

        log.debugf("Removing authSession '%s'. Expire restart cookie: %b", rootAuthSession.getId(), expireRestartCookie);
        session.authenticationSessions().removeRootAuthenticationSession(realm, rootAuthSession);

        // expire restart cookie
        if (expireRestartCookie) {
            ClientConnection clientConnection = session.getContext().getConnection();
            UriInfo uriInfo = session.getContext().getUri();
            RestartLoginCookie.expireRestartCookie(realm, clientConnection, uriInfo);
        }
    }

setAuthSessionCookie()

void org.keycloak.services.managers.AuthenticationSessionManager.setAuthSessionCookie ( String  authSessionId, RealmModel  realm  )

inline

引数

authSessionId	decoded authSessionId (without route info attached)
realm

                                                                             {
        UriInfo uriInfo = session.getContext().getUri();
        String cookiePath = AuthenticationManager.getRealmCookiePath(realm, uriInfo);

        boolean sslRequired = realm.getSslRequired().isRequired(session.getContext().getConnection());

        StickySessionEncoderProvider encoder = session.getProvider(StickySessionEncoderProvider.class);
        String encodedAuthSessionId = encoder.encodeSessionId(authSessionId);

        CookieHelper.addCookie(AUTH_SESSION_ID, encodedAuthSessionId, cookiePath, null, null, -1, sslRequired, true);

        log.debugf("Set AUTH_SESSION_ID cookie with value %s", encodedAuthSessionId);
    }

メンバ詳解

AUTH_SESSION_ID

final String org.keycloak.services.managers.AuthenticationSessionManager.AUTH_SESSION_ID = "AUTH_SESSION_ID"

static

AUTH_SESSION_LIMIT

final int org.keycloak.services.managers.AuthenticationSessionManager.AUTH_SESSION_LIMIT = 3

static

log

final Logger org.keycloak.services.managers.AuthenticationSessionManager.log = Logger.getLogger(AuthenticationSessionManager.class)

staticprivate

session

final KeycloakSession org.keycloak.services.managers.AuthenticationSessionManager.session

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/services/managers/AuthenticationSessionManager.java