org.keycloak.protocol.oidc.OIDCLoginProtocol の継承関係図

org.keycloak.protocol.oidc.OIDCLoginProtocol 連携図

公開メンバ関数
	OIDCLoginProtocol (KeycloakSession session, RealmModel realm, UriInfo uriInfo, HttpHeaders headers, EventBuilder event)

	OIDCLoginProtocol ()

OIDCLoginProtocol	setSession (KeycloakSession session)

OIDCLoginProtocol	setRealm (RealmModel realm)

OIDCLoginProtocol	setUriInfo (UriInfo uriInfo)

OIDCLoginProtocol	setHttpHeaders (HttpHeaders headers)

OIDCLoginProtocol	setEventBuilder (EventBuilder event)

Response	authenticated (UserSessionModel userSession, ClientSessionContext clientSessionCtx)

Response	sendError (AuthenticationSessionModel authSession, Error error)

void	backchannelLogout (UserSessionModel userSession, AuthenticatedClientSessionModel clientSession)

Response	frontchannelLogout (UserSessionModel userSession, AuthenticatedClientSessionModel clientSession)

Response	finishLogout (UserSessionModel userSession)

boolean	requireReauthentication (UserSessionModel userSession, AuthenticationSessionModel authSession)

boolean	sendPushRevocationPolicyRequest (RealmModel realm, ClientModel resource, int notBefore, String managementUrl)

void	close ()

静的公開変数類
static final String	LOGIN_PROTOCOL = "openid-connect"

static final String	STATE_PARAM = "state"

static final String	LOGOUT_STATE_PARAM = "OIDC_LOGOUT_STATE_PARAM"

static final String	SCOPE_PARAM = "scope"

static final String	CODE_PARAM = "code"

static final String	RESPONSE_TYPE_PARAM = "response_type"

static final String	GRANT_TYPE_PARAM = "grant_type"

static final String	REDIRECT_URI_PARAM = "redirect_uri"

static final String	CLIENT_ID_PARAM = "client_id"

static final String	NONCE_PARAM = "nonce"

static final String	MAX_AGE_PARAM = OAuth2Constants.MAX_AGE

static final String	PROMPT_PARAM = OAuth2Constants.PROMPT

static final String	LOGIN_HINT_PARAM = "login_hint"

static final String	REQUEST_PARAM = "request"

static final String	REQUEST_URI_PARAM = "request_uri"

static final String	UI_LOCALES_PARAM = OAuth2Constants.UI_LOCALES_PARAM

static final String	CLAIMS_PARAM = "claims"

static final String	ACR_PARAM = "acr_values"

static final String	LOGOUT_REDIRECT_URI = "OIDC_LOGOUT_REDIRECT_URI"

static final String	ISSUER = "iss"

static final String	RESPONSE_MODE_PARAM = "response_mode"

static final String	PROMPT_VALUE_NONE = "none"

static final String	PROMPT_VALUE_LOGIN = "login"

static final String	PROMPT_VALUE_CONSENT = "consent"

static final String	PROMPT_VALUE_SELECT_ACCOUNT = "select_account"

static final String	CLIENT_SECRET_BASIC = "client_secret_basic"

static final String	CLIENT_SECRET_POST = "client_secret_post"

static final String	CLIENT_SECRET_JWT = "client_secret_jwt"

static final String	PRIVATE_KEY_JWT = "private_key_jwt"

static final String	CODE_CHALLENGE_PARAM = "code_challenge"

static final String	CODE_CHALLENGE_METHOD_PARAM = "code_challenge_method"

static final int	PKCE_CODE_CHALLENGE_MIN_LENGTH = 43

static final int	PKCE_CODE_CHALLENGE_MAX_LENGTH = 128

static final int	PKCE_CODE_VERIFIER_MIN_LENGTH = 43

static final int	PKCE_CODE_VERIFIER_MAX_LENGTH = 128

static final String	PKCE_METHOD_PLAIN = "plain"

static final String	PKCE_METHOD_S256 = "S256"

限定公開メンバ関数
boolean	isPromptLogin (AuthenticationSessionModel authSession)

boolean	isAuthTimeExpired (UserSessionModel userSession, AuthenticationSessionModel authSession)

限定公開変数類
KeycloakSession	session

RealmModel	realm

UriInfo	uriInfo

HttpHeaders	headers

EventBuilder	event

OIDCResponseType	responseType

OIDCResponseMode	responseMode

非公開メンバ関数
void	setupResponseTypeAndMode (String responseType, String responseMode)

String	translateError (Error error)

静的非公開変数類
static final Logger	logger = Logger.getLogger(OIDCLoginProtocol.class)

詳解

著者: Bill Burke; Stian Thorgersen

構築子と解体子

◆ OIDCLoginProtocol() [1/2]

org.keycloak.protocol.oidc.OIDCLoginProtocol.OIDCLoginProtocol	(	KeycloakSession	session,
		RealmModel	realm,
		UriInfo	uriInfo,
		HttpHeaders	headers,
		EventBuilder	event
	)

inline

                                                                                                                                   {
         this.session = session;
         this.realm = realm;
         this.uriInfo = uriInfo;
         this.headers = headers;
         this.event = event;
     }

◆ OIDCLoginProtocol() [2/2]

org.keycloak.protocol.oidc.OIDCLoginProtocol.OIDCLoginProtocol ( )

inline

                                {
 
     }

関数詳解

◆ authenticated()

Response org.keycloak.protocol.oidc.OIDCLoginProtocol.authenticated	(	UserSessionModel	userSession,
		ClientSessionContext	clientSessionCtx
	)

inline

                                                                                                        {
         AuthenticatedClientSessionModel clientSession= clientSessionCtx.getClientSession();
         ClientSessionCode<AuthenticatedClientSessionModel> accessCode = new ClientSessionCode<>(session, realm, clientSession);
 
         String responseTypeParam = clientSession.getNote(OIDCLoginProtocol.RESPONSE_TYPE_PARAM);
         String responseModeParam = clientSession.getNote(OIDCLoginProtocol.RESPONSE_MODE_PARAM);
         setupResponseTypeAndMode(responseTypeParam, responseModeParam);
 
         String redirect = clientSession.getRedirectUri();
         OIDCRedirectUriBuilder redirectUri = OIDCRedirectUriBuilder.fromUri(redirect, responseMode);
         String state = clientSession.getNote(OIDCLoginProtocol.STATE_PARAM);
         logger.debugv("redirectAccessCode: state: {0}", state);
         if (state != null)
             redirectUri.addParam(OAuth2Constants.STATE, state);
 
         OIDCAdvancedConfigWrapper clientConfig = OIDCAdvancedConfigWrapper.fromClientModel(clientSession.getClient());
         if (!clientConfig.isExcludeSessionStateFromAuthResponse()) {
             redirectUri.addParam(OAuth2Constants.SESSION_STATE, userSession.getId());
         }
 
         // Standard or hybrid flow
         String code = null;
         if (responseType.hasResponseType(OIDCResponseType.CODE)) {
             code = accessCode.getOrGenerateCode();
             redirectUri.addParam(OAuth2Constants.CODE, code);
         }
 
         // Implicit or hybrid flow
         if (responseType.isImplicitOrHybridFlow()) {
             org.keycloak.protocol.oidc.TokenManager tokenManager = new org.keycloak.protocol.oidc.TokenManager();
             org.keycloak.protocol.oidc.TokenManager.AccessTokenResponseBuilder responseBuilder = tokenManager.responseBuilder(realm, clientSession.getClient(), event, session, userSession, clientSessionCtx)
                     .generateAccessToken();
 
             if (responseType.hasResponseType(OIDCResponseType.ID_TOKEN)) {
 
                 responseBuilder.generateIDToken();
 
                 if (responseType.hasResponseType(OIDCResponseType.TOKEN)) {
                     responseBuilder.generateAccessTokenHash();
                 }
 
                 if (responseType.hasResponseType(OIDCResponseType.CODE)) {
                     responseBuilder.generateCodeHash(code);
                 }
                 
                 // Financial API - Part 2: Read and Write API Security Profile
                 // http://openid.net/specs/openid-financial-api-part-2.html#authorization-server
                 if (state != null && !state.isEmpty())
                     responseBuilder.generateStateHash(state);
             }
 
             AccessTokenResponse res = responseBuilder.build();
 
             if (responseType.hasResponseType(OIDCResponseType.ID_TOKEN)) {
                 redirectUri.addParam(OAuth2Constants.ID_TOKEN, res.getIdToken());
             }
 
             if (responseType.hasResponseType(OIDCResponseType.TOKEN)) {
                 redirectUri.addParam(OAuth2Constants.ACCESS_TOKEN, res.getToken());
                 if (responseType.isImplicitFlow()) {
                     redirectUri.addParam("token_type", res.getTokenType());
                     redirectUri.addParam("expires_in", String.valueOf(res.getExpiresIn()));
                 }
             }
         }
 
         return redirectUri.build();
     }

◆ backchannelLogout()

void org.keycloak.protocol.oidc.OIDCLoginProtocol.backchannelLogout	(	UserSessionModel	userSession,
		AuthenticatedClientSessionModel	clientSession
	)

inline

                                                                                                                {
         ClientModel client = clientSession.getClient();
         new ResourceAdminManager(session).logoutClientSession(uriInfo.getRequestUri(), realm, client, clientSession);
     }

◆ close()

void org.keycloak.protocol.oidc.OIDCLoginProtocol.close ( )

inline

                         {
 
     }

◆ finishLogout()

Response org.keycloak.protocol.oidc.OIDCLoginProtocol.finishLogout ( UserSessionModel userSession )

inline

                                                                {
         String redirectUri = userSession.getNote(OIDCLoginProtocol.LOGOUT_REDIRECT_URI);
         String state = userSession.getNote(OIDCLoginProtocol.LOGOUT_STATE_PARAM);
         event.event(EventType.LOGOUT);
         if (redirectUri != null) {
             event.detail(Details.REDIRECT_URI, redirectUri);
         }
         event.user(userSession.getUser()).session(userSession).success();
 
         if (redirectUri != null) {
             UriBuilder uriBuilder = UriBuilder.fromUri(redirectUri);
             if (state != null)
                 uriBuilder.queryParam(STATE_PARAM, state);
             return Response.status(302).location(uriBuilder.build()).build();
         } else {
             return Response.ok().build();
         }
     }

◆ frontchannelLogout()

Response org.keycloak.protocol.oidc.OIDCLoginProtocol.frontchannelLogout	(	UserSessionModel	userSession,
		AuthenticatedClientSessionModel	clientSession
	)

inline

                                                                                                                     {
         // todo oidc redirect support
         throw new RuntimeException("NOT IMPLEMENTED");
     }

◆ isAuthTimeExpired()

boolean org.keycloak.protocol.oidc.OIDCLoginProtocol.isAuthTimeExpired	(	UserSessionModel	userSession,
		AuthenticationSessionModel	authSession
	)

inlineprotected

                                                                                                               {
         String authTime = userSession.getNote(AuthenticationManager.AUTH_TIME);
         String maxAge = authSession.getClientNote(OIDCLoginProtocol.MAX_AGE_PARAM);
         if (maxAge == null) {
             return false;
         }
 
         int authTimeInt = authTime==null ? 0 : Integer.parseInt(authTime);
         int maxAgeInt = Integer.parseInt(maxAge);
 
         if (authTimeInt + maxAgeInt < Time.currentTime()) {
             logger.debugf("Authentication time is expired, needs to reauthenticate. userSession=%s, clientId=%s, maxAge=%d, authTime=%d", userSession.getId(),
                     authSession.getClient().getId(), maxAgeInt, authTimeInt);
             return true;
         }
 
         return false;
     }

◆ isPromptLogin()

boolean org.keycloak.protocol.oidc.OIDCLoginProtocol.isPromptLogin ( AuthenticationSessionModel authSession )

inlineprotected

                                                                             {
         String prompt = authSession.getClientNote(OIDCLoginProtocol.PROMPT_PARAM);
         return TokenUtil.hasPrompt(prompt, OIDCLoginProtocol.PROMPT_VALUE_LOGIN);
     }

◆ requireReauthentication()

boolean org.keycloak.protocol.oidc.OIDCLoginProtocol.requireReauthentication	(	UserSessionModel	userSession,
		AuthenticationSessionModel	authSession
	)

inline

                                                                                                                  {
         return isPromptLogin(authSession) || isAuthTimeExpired(userSession, authSession);
     }

◆ sendError()

Response org.keycloak.protocol.oidc.OIDCLoginProtocol.sendError	(	AuthenticationSessionModel	authSession,
		Error	error
	)

inline

                                                                                    {
         String responseTypeParam = authSession.getClientNote(OIDCLoginProtocol.RESPONSE_TYPE_PARAM);
         String responseModeParam = authSession.getClientNote(OIDCLoginProtocol.RESPONSE_MODE_PARAM);
         setupResponseTypeAndMode(responseTypeParam, responseModeParam);
 
         String redirect = authSession.getRedirectUri();
         String state = authSession.getClientNote(OIDCLoginProtocol.STATE_PARAM);
         OIDCRedirectUriBuilder redirectUri = OIDCRedirectUriBuilder.fromUri(redirect, responseMode).addParam(OAuth2Constants.ERROR, translateError(error));
         if (state != null)
             redirectUri.addParam(OAuth2Constants.STATE, state);
         new AuthenticationSessionManager(session).removeAuthenticationSession(realm, authSession, true);
         return redirectUri.build();
     }

◆ sendPushRevocationPolicyRequest()

boolean org.keycloak.protocol.oidc.OIDCLoginProtocol.sendPushRevocationPolicyRequest	(	RealmModel	realm,
		ClientModel	resource,
		int	notBefore,
		String	managementUrl
	)

inline

                                                                                                                                 {
         PushNotBeforeAction adminAction = new PushNotBeforeAction(TokenIdGenerator.generateId(), Time.currentTime() + 30, resource.getClientId(), notBefore);
         String token = session.tokens().encode(adminAction);
         logger.debugv("pushRevocation resource: {0} url: {1}", resource.getClientId(), managementUrl);
         URI target = UriBuilder.fromUri(managementUrl).path(AdapterConstants.K_PUSH_NOT_BEFORE).build();
         try {
             int status = session.getProvider(HttpClientProvider.class).postText(target.toString(), token);
             boolean success = status == 204 || status == 200;
             logger.debugf("pushRevocation success for %s: %s", managementUrl, success);
             return success;
         } catch (IOException e) {
             ServicesLogger.LOGGER.failedToSendRevocation(e);
             return false;
         }
     }

◆ setEventBuilder()

OIDCLoginProtocol org.keycloak.protocol.oidc.OIDCLoginProtocol.setEventBuilder ( EventBuilder event )

inline

                                                                  {
         this.event = event;
         return this;
     }

◆ setHttpHeaders()

OIDCLoginProtocol org.keycloak.protocol.oidc.OIDCLoginProtocol.setHttpHeaders ( HttpHeaders headers )

inline

                                                                  {
         this.headers = headers;
         return this;
     }

◆ setRealm()

OIDCLoginProtocol org.keycloak.protocol.oidc.OIDCLoginProtocol.setRealm ( RealmModel realm )

inline

                                                         {
         this.realm = realm;
         return this;
     }

◆ setSession()

OIDCLoginProtocol org.keycloak.protocol.oidc.OIDCLoginProtocol.setSession ( KeycloakSession session )

inline

                                                                  {
         this.session = session;
         return this;
     }

◆ setupResponseTypeAndMode()

void org.keycloak.protocol.oidc.OIDCLoginProtocol.setupResponseTypeAndMode	(	String	responseType,
		String	responseMode
	)

inlineprivate

                                                                                     {
         this.responseType = OIDCResponseType.parse(responseType);
         this.responseMode = OIDCResponseMode.parse(responseMode, this.responseType);
         this.event.detail(Details.RESPONSE_TYPE, responseType);
         this.event.detail(Details.RESPONSE_MODE, this.responseMode.toString().toLowerCase());
     }

◆ setUriInfo()

OIDCLoginProtocol org.keycloak.protocol.oidc.OIDCLoginProtocol.setUriInfo ( UriInfo uriInfo )

inline

                                                          {
         this.uriInfo = uriInfo;
         return this;
     }

◆ translateError()

String org.keycloak.protocol.oidc.OIDCLoginProtocol.translateError ( Error error )

inlineprivate

                                                {
         switch (error) {
             case CANCELLED_BY_USER:
             case CONSENT_DENIED:
                 return OAuthErrorException.ACCESS_DENIED;
             case PASSIVE_INTERACTION_REQUIRED:
                 return OAuthErrorException.INTERACTION_REQUIRED;
             case PASSIVE_LOGIN_REQUIRED:
                 return OAuthErrorException.LOGIN_REQUIRED;
             default:
                 ServicesLogger.LOGGER.untranslatedProtocol(error.name());
                 return OAuthErrorException.SERVER_ERROR;
         }
     }

メンバ詳解

◆ ACR_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.ACR_PARAM = "acr_values"

static

◆ CLAIMS_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.CLAIMS_PARAM = "claims"

static

◆ CLIENT_ID_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.CLIENT_ID_PARAM = "client_id"

static

◆ CLIENT_SECRET_BASIC

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.CLIENT_SECRET_BASIC = "client_secret_basic"

static

◆ CLIENT_SECRET_JWT

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.CLIENT_SECRET_JWT = "client_secret_jwt"

static

◆ CLIENT_SECRET_POST

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.CLIENT_SECRET_POST = "client_secret_post"

static

◆ CODE_CHALLENGE_METHOD_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.CODE_CHALLENGE_METHOD_PARAM = "code_challenge_method"

static

◆ CODE_CHALLENGE_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.CODE_CHALLENGE_PARAM = "code_challenge"

static

◆ CODE_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.CODE_PARAM = "code"

static

◆ event

EventBuilder org.keycloak.protocol.oidc.OIDCLoginProtocol.event

protected

◆ GRANT_TYPE_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.GRANT_TYPE_PARAM = "grant_type"

static

◆ headers

HttpHeaders org.keycloak.protocol.oidc.OIDCLoginProtocol.headers

protected

◆ ISSUER

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.ISSUER = "iss"

static

◆ logger

final Logger org.keycloak.protocol.oidc.OIDCLoginProtocol.logger = Logger.getLogger(OIDCLoginProtocol.class)

staticprivate

◆ LOGIN_HINT_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.LOGIN_HINT_PARAM = "login_hint"

static

◆ LOGIN_PROTOCOL

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.LOGIN_PROTOCOL = "openid-connect"

static

◆ LOGOUT_REDIRECT_URI

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.LOGOUT_REDIRECT_URI = "OIDC_LOGOUT_REDIRECT_URI"

static

◆ LOGOUT_STATE_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.LOGOUT_STATE_PARAM = "OIDC_LOGOUT_STATE_PARAM"

static

◆ MAX_AGE_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.MAX_AGE_PARAM = OAuth2Constants.MAX_AGE

static

◆ NONCE_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.NONCE_PARAM = "nonce"

static

◆ PKCE_CODE_CHALLENGE_MAX_LENGTH

final int org.keycloak.protocol.oidc.OIDCLoginProtocol.PKCE_CODE_CHALLENGE_MAX_LENGTH = 128

static

◆ PKCE_CODE_CHALLENGE_MIN_LENGTH

final int org.keycloak.protocol.oidc.OIDCLoginProtocol.PKCE_CODE_CHALLENGE_MIN_LENGTH = 43

static

◆ PKCE_CODE_VERIFIER_MAX_LENGTH

final int org.keycloak.protocol.oidc.OIDCLoginProtocol.PKCE_CODE_VERIFIER_MAX_LENGTH = 128

static

◆ PKCE_CODE_VERIFIER_MIN_LENGTH

final int org.keycloak.protocol.oidc.OIDCLoginProtocol.PKCE_CODE_VERIFIER_MIN_LENGTH = 43

static

◆ PKCE_METHOD_PLAIN

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.PKCE_METHOD_PLAIN = "plain"

static

◆ PKCE_METHOD_S256

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.PKCE_METHOD_S256 = "S256"

static

◆ PRIVATE_KEY_JWT

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.PRIVATE_KEY_JWT = "private_key_jwt"

static

◆ PROMPT_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.PROMPT_PARAM = OAuth2Constants.PROMPT

static

◆ PROMPT_VALUE_CONSENT

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.PROMPT_VALUE_CONSENT = "consent"

static

◆ PROMPT_VALUE_LOGIN

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.PROMPT_VALUE_LOGIN = "login"

static

◆ PROMPT_VALUE_NONE

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.PROMPT_VALUE_NONE = "none"

static

◆ PROMPT_VALUE_SELECT_ACCOUNT

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.PROMPT_VALUE_SELECT_ACCOUNT = "select_account"

static

◆ realm

RealmModel org.keycloak.protocol.oidc.OIDCLoginProtocol.realm

protected

◆ REDIRECT_URI_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.REDIRECT_URI_PARAM = "redirect_uri"

static

◆ REQUEST_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_PARAM = "request"

static

◆ REQUEST_URI_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_URI_PARAM = "request_uri"

static

◆ RESPONSE_MODE_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.RESPONSE_MODE_PARAM = "response_mode"

static

◆ RESPONSE_TYPE_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.RESPONSE_TYPE_PARAM = "response_type"

static

◆ responseMode

OIDCResponseMode org.keycloak.protocol.oidc.OIDCLoginProtocol.responseMode

protected

◆ responseType

OIDCResponseType org.keycloak.protocol.oidc.OIDCLoginProtocol.responseType

protected

◆ SCOPE_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.SCOPE_PARAM = "scope"

static

◆ session

KeycloakSession org.keycloak.protocol.oidc.OIDCLoginProtocol.session

protected

◆ STATE_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.STATE_PARAM = "state"

static

◆ UI_LOCALES_PARAM

final String org.keycloak.protocol.oidc.OIDCLoginProtocol.UI_LOCALES_PARAM = OAuth2Constants.UI_LOCALES_PARAM

static

◆ uriInfo

UriInfo org.keycloak.protocol.oidc.OIDCLoginProtocol.uriInfo

protected

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java

公開メンバ関数

静的公開変数類

限定公開メンバ関数

限定公開変数類

非公開メンバ関数

静的非公開変数類

詳解

構築子と解体子

◆ OIDCLoginProtocol() [1/2]

◆ OIDCLoginProtocol() [2/2]

関数詳解

◆ authenticated()

◆ backchannelLogout()

◆ close()

◆ finishLogout()

◆ frontchannelLogout()

◆ isAuthTimeExpired()

◆ isPromptLogin()

◆ requireReauthentication()

◆ sendError()

◆ sendPushRevocationPolicyRequest()

◆ setEventBuilder()

◆ setHttpHeaders()

◆ setRealm()

◆ setSession()

◆ setupResponseTypeAndMode()

◆ setUriInfo()

◆ translateError()

メンバ詳解

◆ ACR_PARAM

◆ CLAIMS_PARAM

◆ CLIENT_ID_PARAM

◆ CLIENT_SECRET_BASIC

◆ CLIENT_SECRET_JWT

◆ CLIENT_SECRET_POST

◆ CODE_CHALLENGE_METHOD_PARAM

◆ CODE_CHALLENGE_PARAM

◆ CODE_PARAM

◆ event

◆ GRANT_TYPE_PARAM

◆ headers

◆ ISSUER

◆ logger

◆ LOGIN_HINT_PARAM

◆ LOGIN_PROTOCOL

◆ LOGOUT_REDIRECT_URI

◆ LOGOUT_STATE_PARAM

◆ MAX_AGE_PARAM

◆ NONCE_PARAM

◆ PKCE_CODE_CHALLENGE_MAX_LENGTH

◆ PKCE_CODE_CHALLENGE_MIN_LENGTH

◆ PKCE_CODE_VERIFIER_MAX_LENGTH

◆ PKCE_CODE_VERIFIER_MIN_LENGTH

◆ PKCE_METHOD_PLAIN

◆ PKCE_METHOD_S256

◆ PRIVATE_KEY_JWT

◆ PROMPT_PARAM

◆ PROMPT_VALUE_CONSENT

◆ PROMPT_VALUE_LOGIN

◆ PROMPT_VALUE_NONE

◆ PROMPT_VALUE_SELECT_ACCOUNT

◆ realm

◆ REDIRECT_URI_PARAM

◆ REQUEST_PARAM

◆ REQUEST_URI_PARAM

◆ RESPONSE_MODE_PARAM

◆ RESPONSE_TYPE_PARAM

◆ responseMode

◆ responseType

◆ SCOPE_PARAM

◆ session

◆ STATE_PARAM

◆ UI_LOCALES_PARAM

◆ uriInfo