Class DeviceGrantType
java.lang.Object
org.keycloak.protocol.oidc.grants.OAuth2GrantTypeBase
org.keycloak.protocol.oidc.grants.device.DeviceGrantType
- All Implemented Interfaces:
OAuth2GrantType,Provider
OAuth 2.0 Device Authorization Grant
https://datatracker.ietf.org/doc/html/rfc8628#section-3.4
- Author:
- Hiroyuki Wada, Michito Okai
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.keycloak.protocol.oidc.grants.OAuth2GrantType
OAuth2GrantType.Context -
Field Summary
FieldsFields inherited from class org.keycloak.protocol.oidc.grants.OAuth2GrantTypeBase
client, clientAuthAttributes, clientConfig, clientConnection, context, cors, event, formParams, headers, realm, request, response, session, tokenManager -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic jakarta.ws.rs.core.ResponseapproveOAuth2DeviceAuthorization(AuthenticationSessionModel authSession, AuthenticatedClientSessionModel clientSession, KeycloakSession session) static booleanapproveUserCode(KeycloakSession session, RealmModel realm, String userCode, String userSessionId, Map<String, String> additionalParams) static jakarta.ws.rs.core.ResponsedenyOAuth2DeviceAuthorization(AuthenticationSessionModel authSession, LoginProtocol.Error error, KeycloakSession session) static booleandenyUserCode(KeycloakSession session, RealmModel realm, String userCode) static OAuth2DeviceCodeModelgetDeviceByDeviceCode(KeycloakSession session, RealmModel realm, ClientModel client, EventBuilder event, String deviceCode) Returns the event type associated with this OAuth 2.0 grant type.static booleanisDeviceCodeDeniedForDeviceVerificationFlow(KeycloakSession session, RealmModel realm, AuthenticationSessionModel authSession) static booleanisOAuth2DeviceVerificationFlow(AuthenticationSessionModel authSession) static booleanisPollingAllowed(KeycloakSession session, OAuth2DeviceCodeModel deviceCodeModel) static jakarta.ws.rs.core.UriBuilderoauth2DeviceAuthUrl(jakarta.ws.rs.core.UriBuilder baseUriBuilder) static jakarta.ws.rs.core.UriBuilderoauth2DeviceVerificationCompletedUrl(jakarta.ws.rs.core.UriInfo baseUri) static jakarta.ws.rs.core.UriBuilderoauth2DeviceVerificationUrl(jakarta.ws.rs.core.UriInfo uriInfo) jakarta.ws.rs.core.Responseprocess(OAuth2GrantType.Context context) Processes grant request.static URIrealmOAuth2DeviceVerificationAction(URI baseUri, String realmName) static voidremoveDeviceByDeviceCode(KeycloakSession session, String deviceCode) static voidremoveDeviceByUserCode(KeycloakSession session, RealmModel realm, String userCode) Methods inherited from class org.keycloak.protocol.oidc.grants.OAuth2GrantTypeBase
checkAndBindMtlsHoKToken, checkClient, close, createTokenResponse, getRequestedScopes, setContext, updateClientSession, updateUserSessionFromClientAuthMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.keycloak.protocol.oidc.grants.OAuth2GrantType
getSupportedMultivaluedRequestParameters
-
Field Details
-
OAUTH2_DEVICE_VERIFIED_USER_CODE
- See Also:
-
OAUTH2_DEVICE_USER_CODE
- See Also:
-
OAUTH2_USER_CODE_VERIFY
- See Also:
-
-
Constructor Details
-
DeviceGrantType
public DeviceGrantType()
-
-
Method Details
-
oauth2DeviceVerificationUrl
public static jakarta.ws.rs.core.UriBuilder oauth2DeviceVerificationUrl(jakarta.ws.rs.core.UriInfo uriInfo) -
realmOAuth2DeviceVerificationAction
-
oauth2DeviceAuthUrl
public static jakarta.ws.rs.core.UriBuilder oauth2DeviceAuthUrl(jakarta.ws.rs.core.UriBuilder baseUriBuilder) -
oauth2DeviceVerificationCompletedUrl
public static jakarta.ws.rs.core.UriBuilder oauth2DeviceVerificationCompletedUrl(jakarta.ws.rs.core.UriInfo baseUri) -
denyOAuth2DeviceAuthorization
public static jakarta.ws.rs.core.Response denyOAuth2DeviceAuthorization(AuthenticationSessionModel authSession, LoginProtocol.Error error, KeycloakSession session) -
approveOAuth2DeviceAuthorization
public static jakarta.ws.rs.core.Response approveOAuth2DeviceAuthorization(AuthenticationSessionModel authSession, AuthenticatedClientSessionModel clientSession, KeycloakSession session) -
isOAuth2DeviceVerificationFlow
-
getDeviceByDeviceCode
public static OAuth2DeviceCodeModel getDeviceByDeviceCode(KeycloakSession session, RealmModel realm, ClientModel client, EventBuilder event, String deviceCode) -
isDeviceCodeDeniedForDeviceVerificationFlow
public static boolean isDeviceCodeDeniedForDeviceVerificationFlow(KeycloakSession session, RealmModel realm, AuthenticationSessionModel authSession) -
removeDeviceByDeviceCode
-
removeDeviceByUserCode
public static void removeDeviceByUserCode(KeycloakSession session, RealmModel realm, String userCode) -
isPollingAllowed
public static boolean isPollingAllowed(KeycloakSession session, OAuth2DeviceCodeModel deviceCodeModel) -
approveUserCode
public static boolean approveUserCode(KeycloakSession session, RealmModel realm, String userCode, String userSessionId, Map<String, String> additionalParams) -
denyUserCode
-
process
Description copied from interface:OAuth2GrantTypeProcesses grant request.- Parameters:
context- grant request context- Returns:
- token response
-
getEventType
Description copied from interface:OAuth2GrantTypeReturns the event type associated with this OAuth 2.0 grant type.- Returns:
- event type
-