All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type |
Method and Description |
static ClientSessionContext |
attachAuthenticationSession(KeycloakSession session,
UserSessionModel userSession,
AuthenticationSessionModel authSession) |
boolean |
checkTokenValidForIntrospection(KeycloakSession session,
RealmModel realm,
AccessToken token,
boolean updateTimestamps)
Checks if the token is valid.
|
AccessToken |
createClientAccessToken(KeycloakSession session,
RealmModel realm,
ClientModel client,
UserModel user,
UserSessionModel userSession,
ClientSessionContext clientSessionCtx) |
static void |
dettachClientSession(AuthenticatedClientSessionModel clientSession) |
Map<String,Object> |
generateUserInfoClaims(AccessToken userInfo,
UserModel userModel) |
static Set<RoleModel> |
getAccess(UserModel user,
ClientModel client,
Stream<ClientScopeModel> clientScopes) |
static Stream<ClientScopeModel> |
getRequestedClientScopes(String scopeParam,
ClientModel client)
Return client itself + all default client scopes of client + optional client scopes requested by scope parameter
|
Stream<OIDCIdentityProvider> |
getValidOIDCIdentityProvidersForBackchannelLogout(RealmModel realm,
KeycloakSession session,
String encodedLogoutToken,
LogoutToken logoutToken) |
protected AccessToken |
initToken(RealmModel realm,
ClientModel client,
UserModel user,
UserSessionModel session,
ClientSessionContext clientSessionCtx,
javax.ws.rs.core.UriInfo uriInfo) |
static boolean |
isValidScope(String scopes,
ClientModel client) |
static UserModel |
lookupUserFromStatelessToken(KeycloakSession session,
RealmModel realm,
AccessToken token)
Lookup user from the "stateless" token.
|
static Stream<String> |
parseScopeParameter(String scopeParam) |
TokenManager.RefreshResult |
refreshAccessToken(KeycloakSession session,
javax.ws.rs.core.UriInfo uriInfo,
ClientConnection connection,
RealmModel realm,
ClientModel authorizedClient,
String encodedRefreshToken,
EventBuilder event,
javax.ws.rs.core.HttpHeaders headers,
org.jboss.resteasy.spi.HttpRequest request) |
TokenManager.AccessTokenResponseBuilder |
responseBuilder(RealmModel realm,
ClientModel client,
EventBuilder event,
KeycloakSession session,
UserSessionModel userSession,
ClientSessionContext clientSessionCtx) |
Optional<LogoutToken> |
toLogoutToken(String encodedLogoutToken) |
RefreshToken |
toRefreshToken(KeycloakSession session,
String encodedRefreshToken) |
AccessToken |
transformAccessToken(KeycloakSession session,
AccessToken token,
UserSessionModel userSession,
ClientSessionContext clientSessionCtx) |
AccessTokenResponse |
transformAccessTokenResponse(KeycloakSession session,
AccessTokenResponse accessTokenResponse,
UserSessionModel userSession,
ClientSessionContext clientSessionCtx) |
void |
transformIDToken(KeycloakSession session,
IDToken token,
UserSessionModel userSession,
ClientSessionContext clientSessionCtx) |
AccessToken |
transformUserInfoAccessToken(KeycloakSession session,
AccessToken token,
UserSessionModel userSession,
ClientSessionContext clientSessionCtx) |
Stream<OIDCIdentityProvider> |
validateLogoutTokenAgainstIdpProvider(Stream<OIDCIdentityProvider> oidcIdps,
String encodedLogoutToken,
LogoutToken logoutToken) |
TokenManager.TokenValidation |
validateToken(KeycloakSession session,
javax.ws.rs.core.UriInfo uriInfo,
ClientConnection connection,
RealmModel realm,
RefreshToken oldToken,
javax.ws.rs.core.HttpHeaders headers) |
static boolean |
verifyConsentStillAvailable(KeycloakSession session,
UserModel user,
ClientModel client,
Stream<ClientScopeModel> requestedClientScopes) |
IDToken |
verifyIDToken(KeycloakSession session,
RealmModel realm,
String encodedIDToken) |
IDToken |
verifyIDTokenSignature(KeycloakSession session,
String encodedIDToken) |
LogoutTokenValidationCode |
verifyLogoutToken(KeycloakSession session,
RealmModel realm,
String encodedLogoutToken) |
RefreshToken |
verifyRefreshToken(KeycloakSession session,
RealmModel realm,
ClientModel client,
org.jboss.resteasy.spi.HttpRequest request,
String encodedRefreshToken,
boolean checkExpiration) |