Package org.nuxeo.ecm.platform.ui.web.keycloak

Class KeycloakAuthenticationPlugin

java.lang.Object

org.nuxeo.ecm.platform.ui.web.keycloak.KeycloakAuthenticationPlugin

All Implemented Interfaces:

NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension

public class KeycloakAuthenticationPlugin
extends Object
implements NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension

Authentication plugin for handling auth flow with Keyloack

Since:

7.4

Field Summary

Fields

Modifier and Type	Field	Description
static final String	DEFAULT_MAPPING_NAME
static final String	KEYCLOAK_CONFIG_FILE_KEY
static final String	KEYCLOAK_MAPPING_NAME_KEY
protected KeycloakAuthenticatorProvider	keycloakAuthenticatorProvider
protected String	mappingName

Constructor Summary

Constructors

Constructor	Description
KeycloakAuthenticationPlugin()

Method Summary

Modifier and Type	Method	Description
List<String>	getUnAuthenticatedURLPrefix()	Returns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.
Boolean	handleLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String baseURL)	Handles the Login Prompt.
Boolean	handleLogout(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)	Handles logout operation.
UserIdentificationInfo	handleRetrieveIdentity(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)	Retrieves user identification information from the request.
void	initPlugin(Map<String,String> parameters)	Initializes the Plugin from parameters set in the XML descriptor.
Boolean	needLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest)	Defines if the authentication plugin needs to do a login prompt.
void	setKeycloakAuthenticatorProvider(KeycloakAuthenticatorProvider keycloakAuthenticatorProvider)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

KEYCLOAK_CONFIG_FILE_KEY

public static final String KEYCLOAK_CONFIG_FILE_KEY

See Also:

• Constant Field Values

KEYCLOAK_MAPPING_NAME_KEY

public static final String KEYCLOAK_MAPPING_NAME_KEY

See Also:

• Constant Field Values

DEFAULT_MAPPING_NAME

public static final String DEFAULT_MAPPING_NAME

See Also:

• Constant Field Values

keycloakAuthenticatorProvider

protected KeycloakAuthenticatorProvider keycloakAuthenticatorProvider

mappingName

protected String mappingName

Constructor Details

KeycloakAuthenticationPlugin

public KeycloakAuthenticationPlugin()

Method Details

initPlugin

public void initPlugin(Map<String,String> parameters)

Description copied from interface: NuxeoAuthenticationPlugin

Initializes the Plugin from parameters set in the XML descriptor.

Specified by:

initPlugin in interface NuxeoAuthenticationPlugin

needLoginPrompt

public Boolean needLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest)

Description copied from interface: NuxeoAuthenticationPlugin

Defines if the authentication plugin needs to do a login prompt.

Specified by:

needLoginPrompt in interface NuxeoAuthenticationPlugin

Returns:

true if LoginPrompt is used

handleLoginPrompt

public Boolean handleLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest,
 javax.servlet.http.HttpServletResponse httpResponse,
 String baseURL)

Description copied from interface: NuxeoAuthenticationPlugin

Handles the Login Prompt.

Specified by:

handleLoginPrompt in interface NuxeoAuthenticationPlugin

Parameters:

httpRequest - the request

httpResponse - the response

Returns:

true if AuthFilter must stop execution (ie: login prompt generated a redirect), false otherwise

getUnAuthenticatedURLPrefix

public List<String> getUnAuthenticatedURLPrefix()

Description copied from interface: NuxeoAuthenticationPlugin

Returns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.

Specified by:

getUnAuthenticatedURLPrefix in interface NuxeoAuthenticationPlugin

handleRetrieveIdentity

public UserIdentificationInfo handleRetrieveIdentity(javax.servlet.http.HttpServletRequest httpRequest,
 javax.servlet.http.HttpServletResponse httpResponse)

Description copied from interface: NuxeoAuthenticationPlugin

Retrieves user identification information from the request.

Specified by:

handleRetrieveIdentity in interface NuxeoAuthenticationPlugin

Parameters:

httpRequest - the request

httpResponse - the response

handleLogout

public Boolean handleLogout(javax.servlet.http.HttpServletRequest httpRequest,
 javax.servlet.http.HttpServletResponse httpResponse)

Description copied from interface: NuxeoAuthenticationPluginLogoutExtension

Handles logout operation.

Generic logout (killing session and Seam objects) is done by LogoutActionBean This interface must be implemented by auth plugin when the target auth system needs a specific logout procedure.

Specified by:

handleLogout in interface NuxeoAuthenticationPluginLogoutExtension

Returns:

true if caller must stop execution (ie: logout generated a redirect), false otherwise

setKeycloakAuthenticatorProvider

public void setKeycloakAuthenticatorProvider(KeycloakAuthenticatorProvider keycloakAuthenticatorProvider)