org.keycloak.authentication.requiredactions.UpdatePassword の継承関係図

org.keycloak.authentication.requiredactions.UpdatePassword 連携図

公開メンバ関数
void	evaluateTriggers (RequiredActionContext context)

void	requiredActionChallenge (RequiredActionContext context)

void	processAction (RequiredActionContext context)

void	close ()

RequiredActionProvider	create (KeycloakSession session)

RequiredActionProvider	createDisplay (KeycloakSession session, String displayType)

void	init (Config.Scope config)

void	postInit (KeycloakSessionFactory factory)

String	getDisplayText ()

String	getId ()

boolean	isOneTimeAction ()

静的非公開変数類
static final Logger	logger = Logger.getLogger(UpdatePassword.class)

詳解

著者: Bill Burke

バージョン

Revision: 1

関数詳解

◆ close()

void org.keycloak.authentication.requiredactions.UpdatePassword.close ( )

inline

                         {
 
     }

◆ create()

RequiredActionProvider org.keycloak.authentication.requiredactions.UpdatePassword.create ( KeycloakSession session )

inline

                                                                   {
         return this;
     }

◆ createDisplay()

RequiredActionProvider org.keycloak.authentication.requiredactions.UpdatePassword.createDisplay	(	KeycloakSession	session,
		String	displayType
	)

inline

                                                                                              {
         if (displayType == null) return this;
         if (!OAuth2Constants.DISPLAY_CONSOLE.equalsIgnoreCase(displayType)) return null;
         return ConsoleUpdatePassword.SINGLETON;
     }

◆ evaluateTriggers()

void org.keycloak.authentication.requiredactions.UpdatePassword.evaluateTriggers ( RequiredActionContext context )

inline

                                                                 {
         int daysToExpirePassword = context.getRealm().getPasswordPolicy().getDaysToExpirePassword();
         if(daysToExpirePassword != -1) {
             PasswordCredentialProvider passwordProvider = (PasswordCredentialProvider)context.getSession().getProvider(CredentialProvider.class, PasswordCredentialProviderFactory.PROVIDER_ID);
             CredentialModel password = passwordProvider.getPassword(context.getRealm(), context.getUser());
             if (password != null) {
                 if(password.getCreatedDate() == null) {
                     context.getUser().addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
                     logger.debug("User is required to update password");
                 } else {
                     long timeElapsed = Time.toMillis(Time.currentTime()) - password.getCreatedDate();
                     long timeToExpire = TimeUnit.DAYS.toMillis(daysToExpirePassword);
 
                     if(timeElapsed > timeToExpire) {
                         context.getUser().addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
                         logger.debug("User is required to update password");
                     }
                 }
             }
         }
     }

◆ getDisplayText()

String org.keycloak.authentication.requiredactions.UpdatePassword.getDisplayText ( )

inline

                                    {
         return "Update Password";
     }

◆ getId()

String org.keycloak.authentication.requiredactions.UpdatePassword.getId ( )

inline

                           {
         return UserModel.RequiredAction.UPDATE_PASSWORD.name();
     }

◆ init()

void org.keycloak.authentication.requiredactions.UpdatePassword.init ( Config.Scope config )

inline

                                           {
 
     }

◆ isOneTimeAction()

boolean org.keycloak.authentication.requiredactions.UpdatePassword.isOneTimeAction ( )

inline

                                      {
         return true;
     }

◆ postInit()

void org.keycloak.authentication.requiredactions.UpdatePassword.postInit ( KeycloakSessionFactory factory )

inline

                                                          {
 
     }

◆ processAction()

void org.keycloak.authentication.requiredactions.UpdatePassword.processAction ( RequiredActionContext context )

inline

                                                              {
         EventBuilder event = context.getEvent();
         MultivaluedMap<String, String> formData = context.getHttpRequest().getDecodedFormParameters();
         event.event(EventType.UPDATE_PASSWORD);
         String passwordNew = formData.getFirst("password-new");
         String passwordConfirm = formData.getFirst("password-confirm");
 
         EventBuilder errorEvent = event.clone().event(EventType.UPDATE_PASSWORD_ERROR)
                 .client(context.getAuthenticationSession().getClient())
                 .user(context.getAuthenticationSession().getAuthenticatedUser());
 
         if (Validation.isBlank(passwordNew)) {
             Response challenge = context.form()
                     .setAttribute("username", context.getAuthenticationSession().getAuthenticatedUser().getUsername())
                     .setError(Messages.MISSING_PASSWORD)
                     .createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
             context.challenge(challenge);
             errorEvent.error(Errors.PASSWORD_MISSING);
             return;
         } else if (!passwordNew.equals(passwordConfirm)) {
             Response challenge = context.form()
                     .setAttribute("username", context.getAuthenticationSession().getAuthenticatedUser().getUsername())
                     .setError(Messages.NOTMATCH_PASSWORD)
                     .createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
             context.challenge(challenge);
             errorEvent.error(Errors.PASSWORD_CONFIRM_ERROR);
             return;
         }
 
         try {
             context.getSession().userCredentialManager().updateCredential(context.getRealm(), context.getUser(), UserCredentialModel.password(passwordNew, false));
             context.success();
         } catch (ModelException me) {
             errorEvent.detail(Details.REASON, me.getMessage()).error(Errors.PASSWORD_REJECTED);
             Response challenge = context.form()
                     .setAttribute("username", context.getAuthenticationSession().getAuthenticatedUser().getUsername())
                     .setError(me.getMessage(), me.getParameters())
                     .createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
             context.challenge(challenge);
             return;
         } catch (Exception ape) {
             errorEvent.detail(Details.REASON, ape.getMessage()).error(Errors.PASSWORD_REJECTED);
             Response challenge = context.form()
                     .setAttribute("username", context.getAuthenticationSession().getAuthenticatedUser().getUsername())
                     .setError(ape.getMessage())
                     .createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
             context.challenge(challenge);
             return;
         }
     }

◆ requiredActionChallenge()

void org.keycloak.authentication.requiredactions.UpdatePassword.requiredActionChallenge ( RequiredActionContext context )

inline

                                                                        {
         Response challenge = context.form()
                 .setAttribute("username", context.getAuthenticationSession().getAuthenticatedUser().getUsername())
                 .createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
         context.challenge(challenge);
     }

メンバ詳解

◆ logger

final Logger org.keycloak.authentication.requiredactions.UpdatePassword.logger = Logger.getLogger(UpdatePassword.class)

staticprivate

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/authentication/requiredactions/UpdatePassword.java

公開メンバ関数

静的非公開変数類

詳解

関数詳解

◆ close()

◆ create()

◆ createDisplay()

◆ evaluateTriggers()

◆ getDisplayText()

◆ getId()

◆ init()

◆ isOneTimeAction()

◆ postInit()

◆ processAction()

◆ requiredActionChallenge()

メンバ詳解

◆ logger