org.keycloak.protocol.oidc.OIDCLoginProtocolFactory の継承関係図

org.keycloak.protocol.oidc.OIDCLoginProtocolFactory 連携図

公開メンバ関数
LoginProtocol	create (KeycloakSession session)

Map< String, ProtocolMapperModel >	getBuiltinMappers ()

Object	createProtocolEndpoint (RealmModel realm, EventBuilder event)

String	getId ()

void	setupClientDefaults (ClientRepresentation rep, ClientModel newClient)

静的公開変数類
static final String	USERNAME = "username"

static final String	EMAIL = "email"

static final String	EMAIL_VERIFIED = "email verified"

static final String	GIVEN_NAME = "given name"

static final String	FAMILY_NAME = "family name"

static final String	MIDDLE_NAME = "middle name"

static final String	NICKNAME = "nickname"

static final String	PROFILE_CLAIM = "profile"

static final String	PICTURE = "picture"

static final String	WEBSITE = "website"

static final String	GENDER = "gender"

static final String	BIRTHDATE = "birthdate"

static final String	ZONEINFO = "zoneinfo"

static final String	UPDATED_AT = "updated at"

static final String	FULL_NAME = "full name"

static final String	LOCALE = "locale"

static final String	ADDRESS = "address"

static final String	PHONE_NUMBER = "phone number"

static final String	PHONE_NUMBER_VERIFIED = "phone number verified"

static final String	PROFILE_SCOPE_CONSENT_TEXT = "${profileScopeConsentText}"

static final String	EMAIL_SCOPE_CONSENT_TEXT = "${emailScopeConsentText}"

static final String	ADDRESS_SCOPE_CONSENT_TEXT = "${addressScopeConsentText}"

static final String	PHONE_SCOPE_CONSENT_TEXT = "${phoneScopeConsentText}"

static final String	OFFLINE_ACCESS_SCOPE_CONSENT_TEXT = Constants.OFFLINE_ACCESS_SCOPE_CONSENT_TEXT

限定公開メンバ関数
void	createDefaultClientScopesImpl (RealmModel newRealm)

void	addDefaults (ClientModel client)

静的関数
	[static initializer]

静的変数
static Map< String, ProtocolMapperModel >	builtins = new HashMap<>()

静的非公開メンバ関数
static void	createUserAttributeMapper (String name, String attrName, String claimName, String type)

静的非公開変数類
static final Logger	logger = Logger.getLogger(OIDCLoginProtocolFactory.class)

詳解

著者: Bill Burke

バージョン

Revision: 1

関数詳解

◆ [static initializer]()

org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.[static initializer] ( )

inlinestaticpackage

◆ addDefaults()

void org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.addDefaults ( ClientModel client )

inlineprotected

230 {

231 }

◆ create()

LoginProtocol org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.create ( KeycloakSession session )

inline

                                                          {
         return new OIDCLoginProtocol().setSession(session);
     }

◆ createDefaultClientScopesImpl()

void org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.createDefaultClientScopesImpl ( RealmModel newRealm )

inlineprotected

                                                                       {
         //name, family_name, given_name, middle_name, nickname, preferred_username, profile, picture, website, gender, birthdate, zoneinfo, locale, and updated_at.
         ClientScopeModel profileScope = newRealm.addClientScope(OAuth2Constants.SCOPE_PROFILE);
         profileScope.setDescription("OpenID Connect built-in scope: profile");
         profileScope.setDisplayOnConsentScreen(true);
         profileScope.setConsentScreenText(PROFILE_SCOPE_CONSENT_TEXT);
         profileScope.setProtocol(getId());
         profileScope.addProtocolMapper(builtins.get(FULL_NAME));
         profileScope.addProtocolMapper(builtins.get(FAMILY_NAME));
         profileScope.addProtocolMapper(builtins.get(GIVEN_NAME));
         profileScope.addProtocolMapper(builtins.get(MIDDLE_NAME));
         profileScope.addProtocolMapper(builtins.get(NICKNAME));
         profileScope.addProtocolMapper(builtins.get(USERNAME));
         profileScope.addProtocolMapper(builtins.get(PROFILE_CLAIM));
         profileScope.addProtocolMapper(builtins.get(PICTURE));
         profileScope.addProtocolMapper(builtins.get(WEBSITE));
         profileScope.addProtocolMapper(builtins.get(GENDER));
         profileScope.addProtocolMapper(builtins.get(BIRTHDATE));
         profileScope.addProtocolMapper(builtins.get(ZONEINFO));
         profileScope.addProtocolMapper(builtins.get(LOCALE));
         profileScope.addProtocolMapper(builtins.get(UPDATED_AT));
 
         ClientScopeModel emailScope = newRealm.addClientScope(OAuth2Constants.SCOPE_EMAIL);
         emailScope.setDescription("OpenID Connect built-in scope: email");
         emailScope.setDisplayOnConsentScreen(true);
         emailScope.setConsentScreenText(EMAIL_SCOPE_CONSENT_TEXT);
         emailScope.setProtocol(getId());
         emailScope.addProtocolMapper(builtins.get(EMAIL));
         emailScope.addProtocolMapper(builtins.get(EMAIL_VERIFIED));
 
         ClientScopeModel addressScope = newRealm.addClientScope(OAuth2Constants.SCOPE_ADDRESS);
         addressScope.setDescription("OpenID Connect built-in scope: address");
         addressScope.setDisplayOnConsentScreen(true);
         addressScope.setConsentScreenText(ADDRESS_SCOPE_CONSENT_TEXT);
         addressScope.setProtocol(getId());
         addressScope.addProtocolMapper(builtins.get(ADDRESS));
 
         ClientScopeModel phoneScope = newRealm.addClientScope(OAuth2Constants.SCOPE_PHONE);
         phoneScope.setDescription("OpenID Connect built-in scope: phone");
         phoneScope.setDisplayOnConsentScreen(true);
         phoneScope.setConsentScreenText(PHONE_SCOPE_CONSENT_TEXT);
         phoneScope.setProtocol(getId());
         phoneScope.addProtocolMapper(builtins.get(PHONE_NUMBER));
         phoneScope.addProtocolMapper(builtins.get(PHONE_NUMBER_VERIFIED));
 
         // 'profile' and 'email' will be default scopes for now. 'address' and 'phone' will be optional scopes
         newRealm.addDefaultClientScope(profileScope, true);
         newRealm.addDefaultClientScope(emailScope, true);
         newRealm.addDefaultClientScope(addressScope, false);
         newRealm.addDefaultClientScope(phoneScope, false);
 
         RoleModel offlineRole = newRealm.getRole(OAuth2Constants.OFFLINE_ACCESS);
         if (offlineRole != null) {
             ClientScopeModel offlineAccessScope = KeycloakModelUtils.getClientScopeByName(newRealm, OAuth2Constants.OFFLINE_ACCESS);
             if (offlineAccessScope == null) {
                 DefaultClientScopes.createOfflineAccessClientScope(newRealm, offlineRole);
             }
         }
     }

◆ createProtocolEndpoint()

Object org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.createProtocolEndpoint	(	RealmModel	realm,
		EventBuilder	event
	)

inline

                                                                                {
         return new OIDCLoginProtocolService(realm, event);
     }

◆ createUserAttributeMapper()

static void org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.createUserAttributeMapper	(	String	name,
		String	attrName,
		String	claimName,
		String	type
	)

inlinestaticprivate

                                                                                                                {
         ProtocolMapperModel model = UserAttributeMapper.createClaimMapper(name,
                 attrName,
                 claimName, type,
                 true, true, false);
         builtins.put(name, model);
     }

◆ getBuiltinMappers()

Map<String, ProtocolMapperModel> org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.getBuiltinMappers ( )

inline

                                                                 {
         return builtins;
     }

◆ getId()

String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.getId ( )

inline

                           {
         return OIDCLoginProtocol.LOGIN_PROTOCOL;
     }

◆ setupClientDefaults()

void org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.setupClientDefaults	(	ClientRepresentation	rep,
		ClientModel	newClient
	)

inline

                                                                                      {
         if (rep.getRootUrl() != null && (rep.getRedirectUris() == null || rep.getRedirectUris().isEmpty())) {
             String root = rep.getRootUrl();
             if (root.endsWith("/")) root = root + "*";
             else root = root + "/*";
             newClient.addRedirectUri(root);
 
             Set<String> origins = new HashSet<String>();
             String origin = UriUtils.getOrigin(root);
             logger.debugv("adding default client origin: {0}" , origin);
             origins.add(origin);
             newClient.setWebOrigins(origins);
         }
         if (rep.isBearerOnly() == null
                 && rep.isPublicClient() == null) {
             newClient.setPublicClient(true);
         }
         if (rep.isBearerOnly() == null) newClient.setBearerOnly(false);
         if (rep.getAdminUrl() == null && rep.getRootUrl() != null) {
             newClient.setManagementUrl(rep.getRootUrl());
         }
 
 
         // Backwards compatibility only
         if (rep.isDirectGrantsOnly() != null) {
             ServicesLogger.LOGGER.usingDeprecatedDirectGrantsOnly();
             newClient.setStandardFlowEnabled(!rep.isDirectGrantsOnly());
             newClient.setDirectAccessGrantsEnabled(rep.isDirectGrantsOnly());
         } else {
             if (rep.isStandardFlowEnabled() == null) newClient.setStandardFlowEnabled(true);
             if (rep.isDirectAccessGrantsEnabled() == null) newClient.setDirectAccessGrantsEnabled(true);
 
         }
 
         if (rep.isImplicitFlowEnabled() == null) newClient.setImplicitFlowEnabled(false);
         if (rep.isPublicClient() == null) newClient.setPublicClient(true);
         if (rep.isFrontchannelLogout() == null) newClient.setFrontchannelLogout(false);
     }

メンバ詳解

◆ ADDRESS

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.ADDRESS = "address"

static

◆ ADDRESS_SCOPE_CONSENT_TEXT

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.ADDRESS_SCOPE_CONSENT_TEXT = "${addressScopeConsentText}"

static

◆ BIRTHDATE

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.BIRTHDATE = "birthdate"

static

◆ builtins

Map<String, ProtocolMapperModel> org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.builtins = new HashMap<>()

staticpackage

◆ EMAIL

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.EMAIL = "email"

static

◆ EMAIL_SCOPE_CONSENT_TEXT

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.EMAIL_SCOPE_CONSENT_TEXT = "${emailScopeConsentText}"

static

◆ EMAIL_VERIFIED

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.EMAIL_VERIFIED = "email verified"

static

◆ FAMILY_NAME

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.FAMILY_NAME = "family name"

static

◆ FULL_NAME

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.FULL_NAME = "full name"

static

◆ GENDER

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.GENDER = "gender"

static

◆ GIVEN_NAME

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.GIVEN_NAME = "given name"

static

◆ LOCALE

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.LOCALE = "locale"

static

◆ logger

final Logger org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.logger = Logger.getLogger(OIDCLoginProtocolFactory.class)

staticprivate

◆ MIDDLE_NAME

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.MIDDLE_NAME = "middle name"

static

◆ NICKNAME

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.NICKNAME = "nickname"

static

◆ OFFLINE_ACCESS_SCOPE_CONSENT_TEXT

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.OFFLINE_ACCESS_SCOPE_CONSENT_TEXT = Constants.OFFLINE_ACCESS_SCOPE_CONSENT_TEXT

static

◆ PHONE_NUMBER

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.PHONE_NUMBER = "phone number"

static

◆ PHONE_NUMBER_VERIFIED

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.PHONE_NUMBER_VERIFIED = "phone number verified"

static

◆ PHONE_SCOPE_CONSENT_TEXT

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.PHONE_SCOPE_CONSENT_TEXT = "${phoneScopeConsentText}"

static

◆ PICTURE

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.PICTURE = "picture"

static

◆ PROFILE_CLAIM

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.PROFILE_CLAIM = "profile"

static

◆ PROFILE_SCOPE_CONSENT_TEXT

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.PROFILE_SCOPE_CONSENT_TEXT = "${profileScopeConsentText}"

static

◆ UPDATED_AT

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.UPDATED_AT = "updated at"

static

◆ USERNAME

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.USERNAME = "username"

static

◆ WEBSITE

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.WEBSITE = "website"

static

◆ ZONEINFO

final String org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.ZONEINFO = "zoneinfo"

static

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolFactory.java

公開メンバ関数

静的公開変数類

限定公開メンバ関数

静的関数

静的変数

静的非公開メンバ関数

静的非公開変数類

詳解

関数詳解

◆ [static initializer]()

◆ addDefaults()

◆ create()

◆ createDefaultClientScopesImpl()

◆ createProtocolEndpoint()

◆ createUserAttributeMapper()

◆ getBuiltinMappers()

◆ getId()

◆ setupClientDefaults()

メンバ詳解

◆ ADDRESS

◆ ADDRESS_SCOPE_CONSENT_TEXT

◆ BIRTHDATE

◆ builtins

◆ EMAIL

◆ EMAIL_SCOPE_CONSENT_TEXT

◆ EMAIL_VERIFIED

◆ FAMILY_NAME

◆ FULL_NAME

◆ GENDER

◆ GIVEN_NAME

◆ LOCALE

◆ logger

◆ MIDDLE_NAME

◆ NICKNAME

◆ OFFLINE_ACCESS_SCOPE_CONSENT_TEXT

◆ PHONE_NUMBER

◆ PHONE_NUMBER_VERIFIED

◆ PHONE_SCOPE_CONSENT_TEXT

◆ PICTURE

◆ PROFILE_CLAIM

◆ PROFILE_SCOPE_CONSENT_TEXT

◆ UPDATED_AT

◆ USERNAME

◆ WEBSITE

◆ ZONEINFO