org.keycloak.protocol.docker.DockerAuthenticator クラス

org.keycloak.protocol.docker.DockerAuthenticator の継承関係図

org.keycloak.protocol.docker.DockerAuthenticator 連携図

公開メンバ関数
boolean	configuredFor (KeycloakSession session, RealmModel realm, UserModel user)
void	authenticate (final AuthenticationFlowContext context)
void	action (final AuthenticationFlowContext context)
boolean	requiresUser ()
void	setRequiredActions (final KeycloakSession session, final RealmModel realm, final UserModel user)
void	close ()

静的公開変数類
static final String	ID = "docker-http-basic-authenticator"

限定公開メンバ関数
void	notValidCredentialsAction (final AuthenticationFlowContext context, final RealmModel realm, final UserModel user)
void	nullUserAction (final AuthenticationFlowContext context, final RealmModel realm, final String userId)
void	userDisabledAction (AuthenticationFlowContext context, RealmModel realm, UserModel user)
void	userSuccessAction (AuthenticationFlowContext context, UserModel user)

非公開メンバ関数
void	invalidUserAction (final AuthenticationFlowContext context, final RealmModel realm, final String userId, final Locale locale)

静的非公開変数類
static final Logger	logger = Logger.getLogger(DockerAuthenticator.class)

詳解

関数詳解

action()

void org.keycloak.protocol.saml.profile.ecp.authenticator.HttpBasicAuthenticator.action ( final AuthenticationFlowContext  context )

inlineinherited

                                                                {

    }

authenticate()

void org.keycloak.protocol.saml.profile.ecp.authenticator.HttpBasicAuthenticator.authenticate ( final AuthenticationFlowContext  context )

inlineinherited

                                                                      {
        final HttpRequest httpRequest = context.getHttpRequest();
        final HttpHeaders httpHeaders = httpRequest.getHttpHeaders();
        final String[] usernameAndPassword = getUsernameAndPassword(httpHeaders);

        context.attempted();

        if (usernameAndPassword != null) {
            final RealmModel realm = context.getRealm();
            final String username = usernameAndPassword[0];
            final UserModel user = context.getSession().users().getUserByUsername(username, realm);

            if (user != null) {
                final String password = usernameAndPassword[1];
                final boolean valid = context.getSession().userCredentialManager().isValid(realm, user, UserCredentialModel.password(password));

                if (valid) {
                    if (user.isEnabled()) {
                        userSuccessAction(context, user);
                    } else {
                        userDisabledAction(context, realm, user);
                    }
                } else {
                    notValidCredentialsAction(context, realm, user);
                }
            } else {
                nullUserAction(context, realm, username);
            }
        }
    }

close()

void org.keycloak.protocol.saml.profile.ecp.authenticator.HttpBasicAuthenticator.close ( )

inlineinherited

                        {

    }

configuredFor()

boolean org.keycloak.protocol.docker.DockerAuthenticator.configuredFor ( KeycloakSession  session, RealmModel  realm, UserModel  user  )

inline

                                                                                            {
        return true;
    }

invalidUserAction()

void org.keycloak.protocol.docker.DockerAuthenticator.invalidUserAction ( final AuthenticationFlowContext  context, final RealmModel  realm, final String  userId, final Locale  locale  )

inlineprivate

For Docker protocol the same error message will be returned for invalid credentials and incorrect user name. For SAML ECP, there is a different behavior for each.

                                                                                                                                              {
        context.getEvent().user(userId);
        context.getEvent().error(Errors.INVALID_USER_CREDENTIALS);

        final DockerError error = new DockerError("UNAUTHORIZED","Invalid username or password.",
                Collections.singletonList(new DockerAccess(context.getAuthenticationSession().getClientNote(DockerAuthV2Protocol.SCOPE_PARAM))));

        context.failure(AuthenticationFlowError.INVALID_USER, new ResponseBuilderImpl()
                .status(Response.Status.UNAUTHORIZED)
                .header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON)
                .entity(new DockerErrorResponseToken(Collections.singletonList(error)))
                .build());
    }

notValidCredentialsAction()

void org.keycloak.protocol.docker.DockerAuthenticator.notValidCredentialsAction ( final AuthenticationFlowContext  context, final RealmModel  realm, final UserModel  user  )

inlineprotected

                                                                                                                                    {
        invalidUserAction(context, realm, user.getUsername(), context.getSession().getContext().resolveLocale(user));
    }

nullUserAction()

void org.keycloak.protocol.docker.DockerAuthenticator.nullUserAction ( final AuthenticationFlowContext  context, final RealmModel  realm, final String  userId  )

inlineprotected

                                                                                                                        {
        final String localeString = Optional.ofNullable(realm.getDefaultLocale()).orElse(Locale.ENGLISH.toString());
        invalidUserAction(context, realm, userId, new Locale(localeString));
    }

requiresUser()

boolean org.keycloak.protocol.saml.profile.ecp.authenticator.HttpBasicAuthenticator.requiresUser ( )

inlineinherited

                                  {
        return false;
    }

setRequiredActions()

void org.keycloak.protocol.saml.profile.ecp.authenticator.HttpBasicAuthenticator.setRequiredActions ( final KeycloakSession  session, final RealmModel  realm, final UserModel  user  )

inlineinherited

                                                                                                                {

    }

userDisabledAction()

void org.keycloak.protocol.docker.DockerAuthenticator.userDisabledAction ( AuthenticationFlowContext  context, RealmModel  realm, UserModel  user  )

inlineprotected

                                                                                                           {
        context.getEvent().user(user);
        context.getEvent().error(Errors.USER_DISABLED);

        final DockerError error = new DockerError("UNAUTHORIZED","Invalid username or password.",
                Collections.singletonList(new DockerAccess(context.getAuthenticationSession().getClientNote(DockerAuthV2Protocol.SCOPE_PARAM))));

        context.failure(AuthenticationFlowError.USER_DISABLED, new ResponseBuilderImpl()
                .status(Response.Status.UNAUTHORIZED)
                .header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON)
                .entity(new DockerErrorResponseToken(Collections.singletonList(error)))
                .build());
    }

userSuccessAction()

void org.keycloak.protocol.saml.profile.ecp.authenticator.HttpBasicAuthenticator.userSuccessAction ( AuthenticationFlowContext  context, UserModel  user  )

inlineprotectedinherited

                                                                                        {
        context.getAuthenticationSession().setAuthenticatedUser(user);
        context.success();
    }

メンバ詳解

ID

final String org.keycloak.protocol.docker.DockerAuthenticator.ID = "docker-http-basic-authenticator"

static

logger

final Logger org.keycloak.protocol.docker.DockerAuthenticator.logger = Logger.getLogger(DockerAuthenticator.class)

staticprivate

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/protocol/docker/DockerAuthenticator.java