org.keycloak.keys.JavaKeystoreKeyProvider クラス

org.keycloak.keys.JavaKeystoreKeyProvider の継承関係図

org.keycloak.keys.JavaKeystoreKeyProvider 連携図

公開メンバ関数
	JavaKeystoreKeyProvider (RealmModel realm, ComponentModel model)
List< KeyWrapper >	getKeys ()

限定公開メンバ関数
KeyWrapper	loadKey (RealmModel realm, ComponentModel model)
KeyWrapper	createKeyWrapper (KeyPair keyPair, X509Certificate certificate)

詳解

著者

Stian Thorgersen

構築子と解体子

JavaKeystoreKeyProvider()

org.keycloak.keys.JavaKeystoreKeyProvider.JavaKeystoreKeyProvider ( RealmModel  realm, ComponentModel  model  )

inline

                                                                           {
        super(realm, model);
    }

関数詳解

createKeyWrapper()

KeyWrapper org.keycloak.keys.AbstractRsaKeyProvider.createKeyWrapper ( KeyPair  keyPair, X509Certificate  certificate  )

inlineprotectedinherited

                                                                                        {
        KeyWrapper key = new KeyWrapper();

        key.setProviderId(model.getId());
        key.setProviderPriority(model.get("priority", 0l));

        key.setKid(KeyUtils.createKeyId(keyPair.getPublic()));
        key.setUse(KeyUse.SIG);
        key.setType(KeyType.RSA);
        key.setAlgorithm(algorithm);
        key.setStatus(status);
        key.setSignKey(keyPair.getPrivate());
        key.setVerifyKey(keyPair.getPublic());
        key.setCertificate(certificate);

        return key;
    }

getKeys()

List<KeyWrapper> org.keycloak.keys.AbstractRsaKeyProvider.getKeys ( )

inlineinherited

                                      {
        return Collections.singletonList(key);
    }

loadKey()

KeyWrapper org.keycloak.keys.JavaKeystoreKeyProvider.loadKey ( RealmModel  realm, ComponentModel  model  )

inlineprotected

                                                                         {
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(new FileInputStream(model.get(JavaKeystoreKeyProviderFactory.KEYSTORE_KEY)), model.get(JavaKeystoreKeyProviderFactory.KEYSTORE_PASSWORD_KEY).toCharArray());

            PrivateKey privateKey = (PrivateKey) keyStore.getKey(model.get(JavaKeystoreKeyProviderFactory.KEY_ALIAS_KEY), model.get(JavaKeystoreKeyProviderFactory.KEY_PASSWORD_KEY).toCharArray());
            PublicKey publicKey = KeyUtils.extractPublicKey(privateKey);

            KeyPair keyPair = new KeyPair(publicKey, privateKey);

            X509Certificate certificate = (X509Certificate) keyStore.getCertificate(model.get(JavaKeystoreKeyProviderFactory.KEY_ALIAS_KEY));
            if (certificate == null) {
                certificate = CertificateUtils.generateV1SelfSignedCertificate(keyPair, realm.getName());
            }

            return createKeyWrapper(keyPair, certificate);
        } catch (KeyStoreException kse) {
            throw new RuntimeException("KeyStore error on server. " + kse.getMessage(), kse);
        } catch (FileNotFoundException fnfe) {
            throw new RuntimeException("File not found on server. " + fnfe.getMessage(), fnfe);
        } catch (IOException ioe) {
            throw new RuntimeException("IO error on server. " + ioe.getMessage(), ioe);
        } catch (NoSuchAlgorithmException nsae) {
            throw new RuntimeException("Algorithm not available on server. " + nsae.getMessage(), nsae);
        } catch (CertificateException ce) {
            throw new RuntimeException("Certificate error on server. " + ce.getMessage(), ce);
        } catch (UnrecoverableKeyException uke) {
            throw new RuntimeException("Keystore on server can not be recovered. " + uke.getMessage(), uke);
        }
    }

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/keys/JavaKeystoreKeyProvider.java