org.keycloak.protocol.saml.SamlProtocolFactory クラス

org.keycloak.protocol.saml.SamlProtocolFactory の継承関係図

org.keycloak.protocol.saml.SamlProtocolFactory 連携図

公開メンバ関数
Object	createProtocolEndpoint (RealmModel realm, EventBuilder event)
LoginProtocol	create (KeycloakSession session)
void	init (Config.Scope config)
String	getId ()
Map< String, ProtocolMapperModel >	getBuiltinMappers ()
void	setupClientDefaults (ClientRepresentation clientRep, ClientModel newClient)

静的公開変数類
static final String	SCOPE_ROLE_LIST = "role_list"

限定公開メンバ関数
void	createDefaultClientScopesImpl (RealmModel newRealm)
void	addDefaults (ClientModel client)

静的関数
	[static initializer]

静的変数
static Map< String, ProtocolMapperModel >	builtins = new HashMap<>()
static List< ProtocolMapperModel >	defaultBuiltins = new ArrayList<>()

非公開変数類
DestinationValidator	destinationValidator

静的非公開変数類
static final String	ROLE_LIST_CONSENT_TEXT = "${samlRoleListScopeConsentText}"

詳解

著者

Bill Burke

バージョン

Revision

1

関数詳解

[static initializer]()

org.keycloak.protocol.saml.SamlProtocolFactory.[static initializer] ( )

inlinestaticpackage

addDefaults()

void org.keycloak.protocol.saml.SamlProtocolFactory.addDefaults ( ClientModel  client )

inlineprotected

                                                   {
    }

create()

LoginProtocol org.keycloak.protocol.saml.SamlProtocolFactory.create ( KeycloakSession  session )

inline

                                                         {
        return new SamlProtocol().setSession(session);
    }

createDefaultClientScopesImpl()

void org.keycloak.protocol.saml.SamlProtocolFactory.createDefaultClientScopesImpl ( RealmModel  newRealm )

inlineprotected

                                                                      {
        ClientScopeModel roleListScope = newRealm.addClientScope(SCOPE_ROLE_LIST);
        roleListScope.setDescription("SAML role list");
        roleListScope.setDisplayOnConsentScreen(true);
        roleListScope.setConsentScreenText(ROLE_LIST_CONSENT_TEXT);
        roleListScope.setProtocol(getId());
        roleListScope.addProtocolMapper(builtins.get("role list"));
        newRealm.addDefaultClientScope(roleListScope, true);
    }

createProtocolEndpoint()

Object org.keycloak.protocol.saml.SamlProtocolFactory.createProtocolEndpoint ( RealmModel  realm, EventBuilder  event  )

inline

                                                                               {
        return new SamlService(realm, event, destinationValidator);
    }

getBuiltinMappers()

Map<String, ProtocolMapperModel> org.keycloak.protocol.saml.SamlProtocolFactory.getBuiltinMappers ( )

inline

                                                                {
        return builtins;
    }

getId()

String org.keycloak.protocol.saml.SamlProtocolFactory.getId ( )

inline

                          {
        return SamlProtocol.LOGIN_PROTOCOL;
    }

init()

void org.keycloak.protocol.saml.SamlProtocolFactory.init ( Config.Scope  config )

inline

                                          {
        //PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance();
        //sts.installDefaultConfiguration();

        this.destinationValidator = DestinationValidator.forProtocolMap(config.getArray("knownProtocols"));
    }

setupClientDefaults()

void org.keycloak.protocol.saml.SamlProtocolFactory.setupClientDefaults ( ClientRepresentation  clientRep, ClientModel  newClient  )

inline

                                                                                           {
        SamlRepresentationAttributes rep = new SamlRepresentationAttributes(clientRep.getAttributes());
        SamlClient client = new SamlClient(newClient);
        if (clientRep.isStandardFlowEnabled() == null) newClient.setStandardFlowEnabled(true);
        if (rep.getCanonicalizationMethod() == null) {
            client.setCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE);
        }
        if (rep.getSignatureAlgorithm() == null) {
            client.setSignatureAlgorithm(SignatureAlgorithm.RSA_SHA256);
        }

        if (rep.getNameIDFormat() == null) {
            client.setNameIDFormat("username");
        }

        if (rep.getIncludeAuthnStatement() == null) {
            client.setIncludeAuthnStatement(true);
        }

        if (rep.getForceNameIDFormat() == null) {
            client.setForceNameIDFormat(false);
        }

        if (rep.getSamlServerSignature() == null) {
            client.setRequiresRealmSignature(true);
        }
        if (rep.getForcePostBinding() == null) {
            client.setForcePostBinding(true);
        }

        if (rep.getClientSignature() == null) {
            client.setRequiresClientSignature(true);
        }

        if (client.requiresClientSignature() && client.getClientSigningCertificate() == null) {
            CertificateRepresentation info = KeycloakModelUtils.generateKeyPairCertificate(newClient.getClientId());
            client.setClientSigningCertificate(info.getCertificate());
            client.setClientSigningPrivateKey(info.getPrivateKey());

        }

        if (clientRep.isFrontchannelLogout() == null) {
            newClient.setFrontchannelLogout(true);
        }
    }

メンバ詳解

builtins

Map<String, ProtocolMapperModel> org.keycloak.protocol.saml.SamlProtocolFactory.builtins = new HashMap<>()

staticpackage

defaultBuiltins

List<ProtocolMapperModel> org.keycloak.protocol.saml.SamlProtocolFactory.defaultBuiltins = new ArrayList<>()

staticpackage

destinationValidator

DestinationValidator org.keycloak.protocol.saml.SamlProtocolFactory.destinationValidator

private

ROLE_LIST_CONSENT_TEXT

final String org.keycloak.protocol.saml.SamlProtocolFactory.ROLE_LIST_CONSENT_TEXT = "${samlRoleListScopeConsentText}"

staticprivate

SCOPE_ROLE_LIST

final String org.keycloak.protocol.saml.SamlProtocolFactory.SCOPE_ROLE_LIST = "role_list"

static

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolFactory.java