Package org.keycloak.authentication.actiontoken

Class AbstractActionTokenHandler<T extends JsonWebToken>

java.lang.Object

org.keycloak.authentication.actiontoken.AbstractActionTokenHandler<T>

All Implemented Interfaces:

ActionTokenHandler<T>, ActionTokenHandlerFactory<T>, Provider, ProviderFactory<ActionTokenHandler<T>>

Direct Known Subclasses:

ExecuteActionsActionTokenHandler, IdpVerifyAccountLinkActionTokenHandler, ResetCredentialsActionTokenHandler, UpdateEmailActionTokenHandler, VerifyEmailActionTokenHandler

public abstract class AbstractActionTokenHandler<T extends JsonWebToken>
extends Object
implements ActionTokenHandler<T>, ActionTokenHandlerFactory<T>

Author:

hmlnarik

Constructor Summary

Constructors

Constructor	Description
AbstractActionTokenHandler(String id, Class<T> tokenClass, String defaultErrorMessage, EventType defaultEventType, String defaultEventError)

Method Summary

Modifier and Type	Method	Description
boolean	canUseTokenRepeatedly(T token, ActionTokenContext<T> tokenContext)	Returns true when the token can be used repeatedly to invoke the action, false when the token is intended to be for single use only.
void	close()	This is called when the server shuts down.
ActionTokenHandler<T>	create(KeycloakSession session)
EventType	eventType()	Returns a event type logged with EventBuilder class.
String	getAuthenticationSessionIdFromToken(T token, ActionTokenContext<T> tokenContext, AuthenticationSessionModel currentAuthSession)	Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.
String	getDefaultErrorMessage()	Returns an error to be shown in the response when token handling fails and no more specific error message is provided.
String	getDefaultEventError()	Returns an error to be shown in the EventBuilder detail when token handling fails and no more specific error is provided.
String	getId()
Class<T>	getTokenClass()	Returns the Java token class for use with deserialization.
void	init(Config.Scope config)	Only called once when the factory is first created.
void	postInit(KeycloakSessionFactory factory)	Called after all provider factories have been initialized
AuthenticationSessionModel	startFreshAuthenticationSession(T token, ActionTokenContext<T> tokenContext)	Creates a fresh authentication session according to the information from the token.
protected TokenVerifier.Predicate<DefaultActionToken>	verifyEmail(ActionTokenContext<? extends DefaultActionToken> context)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.authentication.actiontoken.ActionTokenHandler

getVerifiers, handleToken

Methods inherited from interface org.keycloak.provider.ProviderFactory

getConfigMetadata, order

Constructor Detail

AbstractActionTokenHandler

public AbstractActionTokenHandler(String id,
                                  Class<T> tokenClass,
                                  String defaultErrorMessage,
                                  EventType defaultEventType,
                                  String defaultEventError)

Method Detail

create

public ActionTokenHandler<T> create(KeycloakSession session)

Specified by:

create in interface ProviderFactory<T extends JsonWebToken>

init

public void init(Config.Scope config)

Description copied from interface: ProviderFactory

Only called once when the factory is first created. This config is pulled from keycloak_server.json

Specified by:

init in interface ProviderFactory<T extends JsonWebToken>

postInit

public void postInit(KeycloakSessionFactory factory)

Description copied from interface: ProviderFactory

Called after all provider factories have been initialized

Specified by:

postInit in interface ProviderFactory<T extends JsonWebToken>

getId

public String getId()

Specified by:

getId in interface ProviderFactory<T extends JsonWebToken>

close

public void close()

Description copied from interface: ProviderFactory

This is called when the server shuts down.

Specified by:

close in interface Provider

Specified by:

close in interface ProviderFactory<T extends JsonWebToken>

getTokenClass

public Class<T> getTokenClass()

Description copied from interface: ActionTokenHandler

Returns the Java token class for use with deserialization.

Specified by:

getTokenClass in interface ActionTokenHandler<T extends JsonWebToken>

Returns:

eventType

public EventType eventType()

Description copied from interface: ActionTokenHandler

Returns a event type logged with EventBuilder class.

Specified by:

eventType in interface ActionTokenHandler<T extends JsonWebToken>

Returns:

getDefaultErrorMessage

public String getDefaultErrorMessage()

Description copied from interface: ActionTokenHandler

Returns an error to be shown in the response when token handling fails and no more specific error message is provided.

Specified by:

getDefaultErrorMessage in interface ActionTokenHandler<T extends JsonWebToken>

Returns:

getDefaultEventError

public String getDefaultEventError()

Description copied from interface: ActionTokenHandler

Returns an error to be shown in the EventBuilder detail when token handling fails and no more specific error is provided.

Specified by:

getDefaultEventError in interface ActionTokenHandler<T extends JsonWebToken>

Returns:

getAuthenticationSessionIdFromToken

public String getAuthenticationSessionIdFromToken(T token,
                                                  ActionTokenContext<T> tokenContext,
                                                  AuthenticationSessionModel currentAuthSession)

Description copied from interface: ActionTokenHandler

Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.

Specified by:

getAuthenticationSessionIdFromToken in interface ActionTokenHandler<T extends JsonWebToken>

Parameters:

token - Token. Can be null

currentAuthSession - Authentication session that is currently in progress, null if no authentication session is not set

Returns:

Authentication session ID (can be null if the token does not contain authentication session ID)

See Also:

AuthenticationSessionCompoundId

startFreshAuthenticationSession

public AuthenticationSessionModel startFreshAuthenticationSession(T token,
                                                                  ActionTokenContext<T> tokenContext)

Description copied from interface: ActionTokenHandler

Creates a fresh authentication session according to the information from the token. The default implementation creates a new authentication session that requests termination after required actions.

Specified by:

startFreshAuthenticationSession in interface ActionTokenHandler<T extends JsonWebToken>

Returns:

canUseTokenRepeatedly

public boolean canUseTokenRepeatedly(T token,
                                     ActionTokenContext<T> tokenContext)

Description copied from interface: ActionTokenHandler

Returns true when the token can be used repeatedly to invoke the action, false when the token is intended to be for single use only.

Specified by:

canUseTokenRepeatedly in interface ActionTokenHandler<T extends JsonWebToken>

Returns:

see above

verifyEmail

protected TokenVerifier.Predicate<DefaultActionToken> verifyEmail(ActionTokenContext<? extends DefaultActionToken> context)