Class KeycloakAuthentication
java.lang.Object
io.camunda.identity.sdk.authentication.AbstractAuthentication
io.camunda.identity.sdk.impl.generic.GenericAuthentication
io.camunda.identity.sdk.impl.keycloak.KeycloakAuthentication
- All Implemented Interfaces:
Authentication
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringstatic final Stringstatic final Stringstatic final StringFields inherited from class io.camunda.identity.sdk.impl.generic.GenericAuthentication
jwkProviderFields inherited from class io.camunda.identity.sdk.authentication.AbstractAuthentication
configuration, JWKS_CACHE_LIFETIME_DAYS, JWKS_CACHE_SIZE, restClient, tokenCache, WELL_KNOWN_PATH -
Constructor Summary
ConstructorsConstructorDescriptionKeycloakAuthentication(IdentityConfiguration configuration, RestClient restClient) -
Method Summary
Modifier and TypeMethodDescriptionauthorizeUriBuilder(String redirectUri) Returns a new Authorize uri builder.exchangeAuthCode(AuthCodeDto authCodeDto, String redirectUri) Exchanges provided auth code with access tokens.getClientId(String token) Gets the client ID associated to the tokengetGroupsInOrganization(com.auth0.jwt.interfaces.DecodedJWT token, String organizationId) getPermissions(com.auth0.jwt.interfaces.DecodedJWT token, String audience) booleanisM2MToken(String token) Checks if the token passed in is considered an M2M token.protected com.auth0.jwk.JwkProviderrenewToken(String refreshToken) Exchanges provided refresh token with an access tokens.protected TokensrequestFreshToken(String audience) voidrevokeToken(String refreshToken) Logs out from Identity backend.Methods inherited from class io.camunda.identity.sdk.impl.generic.GenericAuthentication
fromAccessTokenDto, getAssignedOrganizations, isRevokeAvailable, isSingleSignOutAvailable, wellKnownConfigurationMethods inherited from class io.camunda.identity.sdk.authentication.AbstractAuthentication
decodeJWT, generateSingleSignOutUri, getGroups, getGroups, getGroupsInOrganization, getGroupsInOrganization, getPermissions, getPermissions, getUserDetails, isAvailable, requestToken, singleSignOut, singleSignOutUriBuilder, verifyAndDecode, verifyToken, verifyToken, verifyToken, verifyTokenIgnoringAudience
-
Field Details
-
AUTHORIZE_PATH
- See Also:
-
TOKEN_PATH
- See Also:
-
LOGOUT_PATH
- See Also:
-
JWKS_PATH
- See Also:
-
-
Constructor Details
-
KeycloakAuthentication
-
-
Method Details
-
authorizeUriBuilder
Description copied from interface:AuthenticationReturns a new Authorize uri builder. It is used to build the authorize uri for user authentication.- Specified by:
authorizeUriBuilderin interfaceAuthentication- Overrides:
authorizeUriBuilderin classGenericAuthentication- Parameters:
redirectUri- the redirect uri- Returns:
- the authorize uri builder
-
exchangeAuthCode
public Tokens exchangeAuthCode(AuthCodeDto authCodeDto, String redirectUri) throws CodeExchangeException Description copied from interface:AuthenticationExchanges provided auth code with access tokens. The provided redirect uri argument must match the redirect uri that was used to build the authorize uri.- Specified by:
exchangeAuthCodein interfaceAuthentication- Overrides:
exchangeAuthCodein classGenericAuthentication- Parameters:
authCodeDto- the auth code dtoredirectUri- the redirect uri- Returns:
- the tokens
- Throws:
CodeExchangeException- if code exchange fails
-
requestFreshToken
- Overrides:
requestFreshTokenin classGenericAuthentication
-
renewToken
Description copied from interface:AuthenticationExchanges provided refresh token with an access tokens.- Specified by:
renewTokenin interfaceAuthentication- Overrides:
renewTokenin classGenericAuthentication- Parameters:
refreshToken- refresh token used for the request- Returns:
- the tokens
-
revokeToken
Description copied from interface:AuthenticationLogs out from Identity backend. This will invalidate the given refresh token and refresh tokens issued for other applications during the same session. The user's session or access token still has to be deleted by the client application.- Specified by:
revokeTokenin interfaceAuthentication- Overrides:
revokeTokenin classGenericAuthentication- Parameters:
refreshToken- refresh token used for the request
-
getPermissions
- Overrides:
getPermissionsin classGenericAuthentication
-
getGroupsInOrganization
protected List<String> getGroupsInOrganization(com.auth0.jwt.interfaces.DecodedJWT token, String organizationId) - Overrides:
getGroupsInOrganizationin classAbstractAuthentication
-
isM2MToken
Description copied from interface:AuthenticationChecks if the token passed in is considered an M2M token.- Specified by:
isM2MTokenin interfaceAuthentication- Overrides:
isM2MTokenin classGenericAuthentication- Parameters:
token- the token- Returns:
- true if the token is a M2M token, else false
-
getClientId
Description copied from interface:AuthenticationGets the client ID associated to the token- Specified by:
getClientIdin interfaceAuthentication- Overrides:
getClientIdin classGenericAuthentication- Parameters:
token- the token- Returns:
- the clientID
-
jwkProvider
protected com.auth0.jwk.JwkProvider jwkProvider()- Overrides:
jwkProviderin classGenericAuthentication
-