keycloak-service
クラス | 公開メンバ関数 | 限定公開メンバ関数 | 限定公開変数類 | 静的非公開変数類 | 全メンバ一覧
org.keycloak.services.resources.AbstractSecuredLocalService クラスabstract
org.keycloak.services.resources.AbstractSecuredLocalService の継承関係図
Inheritance graph
org.keycloak.services.resources.AbstractSecuredLocalService 連携図
Collaboration graph

クラス

class  OAuthRedirect
 

公開メンバ関数

 AbstractSecuredLocalService (RealmModel realm, ClientModel client)
 
Response loginRedirect (@QueryParam("code") String code, @QueryParam("state") String state, @QueryParam("error") String error, @QueryParam("path") String path, @QueryParam("referrer") String referrer, @Context HttpHeaders headers)
 

限定公開メンバ関数

abstract Set< String > getValidPaths ()
 
abstract URI getBaseRedirectUri ()
 
Response login (String path)
 

限定公開変数類

final ClientModel client
 
RealmModel realm
 
HttpHeaders headers
 
ClientConnection clientConnection
 
String stateChecker
 
KeycloakSession session
 
HttpRequest request
 
Auth auth
 

静的非公開変数類

static final Logger logger = Logger.getLogger(AbstractSecuredLocalService.class)
 

詳解

Helper class for securing local services. Provides login basics as well as CSRF check basics

著者
Bill Burke
バージョン
Revision
1

構築子と解体子

◆ AbstractSecuredLocalService()

org.keycloak.services.resources.AbstractSecuredLocalService.AbstractSecuredLocalService ( RealmModel  realm,
ClientModel  client 
)
inline
72  {
73  this.realm = realm;
74  this.client = client;
75  }
org.keycloak.services.resources.AbstractSecuredLocalService.realm
RealmModel realm
Definition: AbstractSecuredLocalService.java:59
org.keycloak.services.resources.AbstractSecuredLocalService.client
final ClientModel client
Definition: AbstractSecuredLocalService.java:58

関数詳解

◆ getBaseRedirectUri()

abstract URI org.keycloak.services.resources.AbstractSecuredLocalService.getBaseRedirectUri ( )
abstractprotected

◆ getValidPaths()

abstract Set<String> org.keycloak.services.resources.AbstractSecuredLocalService.getValidPaths ( )
abstractprotected

◆ login()

Response org.keycloak.services.resources.AbstractSecuredLocalService.login ( String  path)
inlineprotected
132  {
133  OAuthRedirect oauth = new OAuthRedirect();
134  String authUrl = OIDCLoginProtocolService.authUrl(session.getContext().getUri()).build(realm.getName()).toString();
135  oauth.setAuthUrl(authUrl);
136 
137  oauth.setClientId(client.getClientId());
138 
139  oauth.setSecure(realm.getSslRequired().isRequired(clientConnection));
140 
141  UriBuilder uriBuilder = UriBuilder.fromUri(getBaseRedirectUri()).path("login-redirect");
142 
143  if (path != null) {
144  uriBuilder.queryParam("path", path);
145  }
146 
147  String referrer = session.getContext().getUri().getQueryParameters().getFirst("referrer");
148  if (referrer != null) {
149  uriBuilder.queryParam("referrer", referrer);
150  }
151 
152  String referrerUri = session.getContext().getUri().getQueryParameters().getFirst("referrer_uri");
153  if (referrerUri != null) {
154  uriBuilder.queryParam("referrer_uri", referrerUri);
155  }
156 
157  URI accountUri = uriBuilder.build(realm.getName());
158 
159  oauth.setStateCookiePath(accountUri.getRawPath());
160  return oauth.redirect(session.getContext().getUri(), accountUri.toString());
161  }
org.keycloak.services.resources.AbstractSecuredLocalService.clientConnection
ClientConnection clientConnection
Definition: AbstractSecuredLocalService.java:64
org.keycloak.services.resources.AbstractSecuredLocalService.session
KeycloakSession session
Definition: AbstractSecuredLocalService.java:67
org.keycloak.services.resources.AbstractSecuredLocalService.realm
RealmModel realm
Definition: AbstractSecuredLocalService.java:59
org.keycloak.services.resources.AbstractSecuredLocalService.client
final ClientModel client
Definition: AbstractSecuredLocalService.java:58

◆ loginRedirect()

Response org.keycloak.services.resources.AbstractSecuredLocalService.loginRedirect ( @QueryParam("code") String  code,
@QueryParam("state") String  state,
@QueryParam("error") String  error,
@QueryParam("path") String  path,
@QueryParam("referrer") String  referrer,
@Context HttpHeaders  headers 
)
inline
84  {
85  try {
86  if (error != null) {
87  if (OAuthErrorException.ACCESS_DENIED.equals(error)) {
88  // cased by CANCELLED_BY_USER or CONSENT_DENIED
89  session.getContext().setClient(client);
90  return session.getProvider(LoginFormsProvider.class).setError(Messages.NO_ACCESS).createErrorPage(Response.Status.FORBIDDEN);
91  } else {
92  logger.debug("error from oauth");
93  throw new ForbiddenException("error");
94  }
95  }
96  if (path != null && !getValidPaths().contains(path)) {
97  throw new BadRequestException("Invalid path");
98  }
99  if (!realm.isEnabled()) {
100  logger.debug("realm not enabled");
101  throw new ForbiddenException();
102  }
103  if (!client.isEnabled()) {
104  logger.debug("account management app not enabled");
105  throw new ForbiddenException();
106  }
107  if (code == null) {
108  logger.debug("code not specified");
109  throw new BadRequestException("code not specified");
110  }
111  if (state == null) {
112  logger.debug("state not specified");
113  throw new BadRequestException("state not specified");
114  }
115  KeycloakUriBuilder redirect = KeycloakUriBuilder.fromUri(getBaseRedirectUri());
116  if (path != null) {
117  redirect.path(path);
118  }
119  if (referrer != null) {
120  redirect.queryParam("referrer", referrer);
121  }
122 
123  return Response.status(302).location(redirect.build()).build();
124  } finally {
125  }
126  }
org.keycloak.services.resources.AbstractSecuredLocalService.logger
static final Logger logger
Definition: AbstractSecuredLocalService.java:56
org.keycloak.services.resources.AbstractSecuredLocalService.session
KeycloakSession session
Definition: AbstractSecuredLocalService.java:67
org.keycloak.services.resources.AbstractSecuredLocalService.realm
RealmModel realm
Definition: AbstractSecuredLocalService.java:59
org.keycloak.services.resources.AbstractSecuredLocalService.client
final ClientModel client
Definition: AbstractSecuredLocalService.java:58

メンバ詳解

◆ auth

Auth org.keycloak.services.resources.AbstractSecuredLocalService.auth
protected

◆ client

final ClientModel org.keycloak.services.resources.AbstractSecuredLocalService.client
protected

◆ clientConnection

ClientConnection org.keycloak.services.resources.AbstractSecuredLocalService.clientConnection
protected

◆ headers

HttpHeaders org.keycloak.services.resources.AbstractSecuredLocalService.headers
protected

◆ logger

final Logger org.keycloak.services.resources.AbstractSecuredLocalService.logger = Logger.getLogger(AbstractSecuredLocalService.class)
staticprivate

◆ realm

RealmModel org.keycloak.services.resources.AbstractSecuredLocalService.realm
protected

◆ request

HttpRequest org.keycloak.services.resources.AbstractSecuredLocalService.request
protected

◆ session

KeycloakSession org.keycloak.services.resources.AbstractSecuredLocalService.session
protected

◆ stateChecker

String org.keycloak.services.resources.AbstractSecuredLocalService.stateChecker
protected
このクラス詳解は次のファイルから抽出されました:
2018年11月18日(日) 14時00分28秒作成 - keycloak-service / 構成:   doxygen 1.8.13