org.keycloak.authentication.actiontoken.verifyemail.VerifyEmailActionTokenHandler クラス

org.keycloak.authentication.actiontoken.verifyemail.VerifyEmailActionTokenHandler の継承関係図

org.keycloak.authentication.actiontoken.verifyemail.VerifyEmailActionTokenHandler 連携図

公開メンバ関数
	VerifyEmailActionTokenHandler ()
Predicate<? super VerifyEmailActionToken > []	getVerifiers (ActionTokenContext< VerifyEmailActionToken > tokenContext)
Response	handleToken (VerifyEmailActionToken token, ActionTokenContext< VerifyEmailActionToken > tokenContext)
ActionTokenHandler< T >	create (KeycloakSession session)
void	init (Scope config)
void	postInit (KeycloakSessionFactory factory)
String	getId ()
void	close ()
Class< T >	getTokenClass ()
EventType	eventType ()
String	getDefaultErrorMessage ()
String	getDefaultEventError ()
String	getAuthenticationSessionIdFromToken (T token, ActionTokenContext< T > tokenContext, AuthenticationSessionModel currentAuthSession)
AuthenticationSessionModel	startFreshAuthenticationSession (T token, ActionTokenContext< T > tokenContext)
boolean	canUseTokenRepeatedly (T token, ActionTokenContext< T > tokenContext)
Response	handleToken (T token, ActionTokenContext< T > tokenContext)
default Predicate<? super T > []	getVerifiers (ActionTokenContext< T > tokenContext)

詳解

Action token handler for verification of e-mail address.

著者

hmlnarik

構築子と解体子

VerifyEmailActionTokenHandler()

org.keycloak.authentication.actiontoken.verifyemail.VerifyEmailActionTokenHandler.VerifyEmailActionTokenHandler ( )

inline

                                           {
        super(
          VerifyEmailActionToken.TOKEN_TYPE,
          VerifyEmailActionToken.class,
          Messages.STALE_VERIFY_EMAIL_LINK,
          EventType.VERIFY_EMAIL,
          Errors.INVALID_TOKEN
        );
    }

関数詳解

canUseTokenRepeatedly()

boolean org.keycloak.authentication.actiontoken.AbstractActionTokenHander< T extends JsonWebToken >.canUseTokenRepeatedly ( T  token, ActionTokenContext< T >  tokenContext  )

inlineinherited

                                                                                      {
        return true;
    }

close()

void org.keycloak.authentication.actiontoken.AbstractActionTokenHander< T extends JsonWebToken >.close ( )

inlineinherited

                        {
    }

create()

ActionTokenHandler<T> org.keycloak.authentication.actiontoken.AbstractActionTokenHander< T extends JsonWebToken >.create ( KeycloakSession  session )

inlineinherited

                                                                 {
        return this;
    }

eventType()

EventType org.keycloak.authentication.actiontoken.AbstractActionTokenHander< T extends JsonWebToken >.eventType ( )

inlineinherited

                                 {
        return this.defaultEventType;
    }

getAuthenticationSessionIdFromToken()

String org.keycloak.authentication.actiontoken.AbstractActionTokenHander< T extends JsonWebToken >.getAuthenticationSessionIdFromToken ( T  token, ActionTokenContext< T >  tokenContext, AuthenticationSessionModel  currentAuthSession  )

inlineinherited

                                                                                                                                                  {
        return token instanceof DefaultActionToken ? ((DefaultActionToken) token).getCompoundAuthenticationSessionId() : null;
    }

getDefaultErrorMessage()

String org.keycloak.authentication.actiontoken.AbstractActionTokenHander< T extends JsonWebToken >.getDefaultErrorMessage ( )

inlineinherited

                                           {
        return this.defaultErrorMessage;
    }

getDefaultEventError()

String org.keycloak.authentication.actiontoken.AbstractActionTokenHander< T extends JsonWebToken >.getDefaultEventError ( )

inlineinherited

                                         {
        return this.defaultEventError;
    }

getId()

String org.keycloak.authentication.actiontoken.AbstractActionTokenHander< T extends JsonWebToken >.getId ( )

inlineinherited

                          {
        return this.id;
    }

getTokenClass()

Class<T> org.keycloak.authentication.actiontoken.AbstractActionTokenHander< T extends JsonWebToken >.getTokenClass ( )

inlineinherited

                                    {
        return this.tokenClass;
    }

getVerifiers() [1/2]

Predicate<? super VerifyEmailActionToken> [] org.keycloak.authentication.actiontoken.verifyemail.VerifyEmailActionTokenHandler.getVerifiers ( ActionTokenContext< VerifyEmailActionToken >  tokenContext )

inline

                                                                                                                             {
        return TokenUtils.predicates(
          TokenUtils.checkThat(
            t -> Objects.equals(t.getEmail(), tokenContext.getAuthenticationSession().getAuthenticatedUser().getEmail()),
            Errors.INVALID_EMAIL, getDefaultErrorMessage()
          )
        );
    }

getVerifiers() [2/2]

default Predicate<? super T> [] org.keycloak.authentication.actiontoken.ActionTokenHandler< T extends JsonWebToken >.getVerifiers ( ActionTokenContext< T >  tokenContext )

inlineinherited

Returns an array of verifiers that are tested prior to handling the token. All verifiers have to pass successfully for token to be handled. The returned array must not be

null 

.

引数

tokenContext

戻り値

Verifiers or an empty array. The returned array must not be

null 

.

                                                                                    {
        return new Predicate[] {};
    }

handleToken() [1/2]

Response org.keycloak.authentication.actiontoken.ActionTokenHandler< T extends JsonWebToken >.handleToken ( T  token, ActionTokenContext< T >  tokenContext  )

inherited

Performs the action as per the token details. This method is only called if all verifiers returned in handleToken succeed.

引数

token
tokenContext

戻り値

handleToken() [2/2]

Response org.keycloak.authentication.actiontoken.verifyemail.VerifyEmailActionTokenHandler.handleToken ( VerifyEmailActionToken  token, ActionTokenContext< VerifyEmailActionToken >  tokenContext  )

inline

                                                                                                                       {
        UserModel user = tokenContext.getAuthenticationSession().getAuthenticatedUser();
        EventBuilder event = tokenContext.getEvent();

        event.event(EventType.VERIFY_EMAIL).detail(Details.EMAIL, user.getEmail());

        AuthenticationSessionModel authSession = tokenContext.getAuthenticationSession();
        final UriInfo uriInfo = tokenContext.getUriInfo();
        final RealmModel realm = tokenContext.getRealm();
        final KeycloakSession session = tokenContext.getSession();

        if (tokenContext.isAuthenticationSessionFresh()) {
            // Update the authentication session in the token
            token.setCompoundOriginalAuthenticationSessionId(token.getCompoundAuthenticationSessionId());

            String authSessionEncodedId = AuthenticationSessionCompoundId.fromAuthSession(authSession).getEncodedId();
            token.setCompoundAuthenticationSessionId(authSessionEncodedId);
            UriBuilder builder = Urls.actionTokenBuilder(uriInfo.getBaseUri(), token.serialize(session, realm, uriInfo),
                    authSession.getClient().getClientId(), authSession.getTabId());
            String confirmUri = builder.build(realm.getName()).toString();

            return session.getProvider(LoginFormsProvider.class)
                    .setAuthenticationSession(authSession)
                    .setSuccess(Messages.CONFIRM_EMAIL_ADDRESS_VERIFICATION, user.getEmail())
                    .setAttribute(Constants.TEMPLATE_ATTR_ACTION_URI, confirmUri)
                    .createInfoPage();
        }

        // verify user email as we know it is valid as this entry point would never have gotten here.
        user.setEmailVerified(true);
        user.removeRequiredAction(RequiredAction.VERIFY_EMAIL);
        authSession.removeRequiredAction(RequiredAction.VERIFY_EMAIL);

        event.success();

        if (token.getCompoundOriginalAuthenticationSessionId() != null) {
            AuthenticationSessionManager asm = new AuthenticationSessionManager(tokenContext.getSession());
            asm.removeAuthenticationSession(tokenContext.getRealm(), authSession, true);

            return tokenContext.getSession().getProvider(LoginFormsProvider.class)
                    .setAuthenticationSession(authSession)
                    .setSuccess(Messages.EMAIL_VERIFIED)
                    .createInfoPage();
        }

        tokenContext.setEvent(event.clone().removeDetail(Details.EMAIL).event(EventType.LOGIN));

        String nextAction = AuthenticationManager.nextRequiredAction(session, authSession, tokenContext.getClientConnection(), tokenContext.getRequest(), uriInfo, event);
        return AuthenticationManager.redirectToRequiredActions(session, realm, authSession, uriInfo, nextAction);
    }

init()

void org.keycloak.authentication.actiontoken.AbstractActionTokenHander< T extends JsonWebToken >.init ( Scope  config )

inlineinherited

                                   {
    }

postInit()

void org.keycloak.authentication.actiontoken.AbstractActionTokenHander< T extends JsonWebToken >.postInit ( KeycloakSessionFactory  factory )

inlineinherited

                                                         {
    }

startFreshAuthenticationSession()

AuthenticationSessionModel org.keycloak.authentication.actiontoken.AbstractActionTokenHander< T extends JsonWebToken >.startFreshAuthenticationSession ( T  token, ActionTokenContext< T >  tokenContext  )

inlineinherited

                                                                                                                   {
        AuthenticationSessionModel authSession = tokenContext.createAuthenticationSessionForClient(token.getIssuedFor());
        authSession.setAuthNote(AuthenticationManager.END_AFTER_REQUIRED_ACTIONS, "true");
        return authSession;
    }

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/authentication/actiontoken/verifyemail/VerifyEmailActionTokenHandler.java