Package org.openremote.manager.security

Class MultiTenantClientCredentialsGrantsLoginModule

java.lang.Object

org.keycloak.adapters.jaas.AbstractKeycloakLoginModule

org.openremote.manager.security.MultiTenantClientCredentialsGrantsLoginModule

All Implemented Interfaces:

LoginModule

public class MultiTenantClientCredentialsGrantsLoginModule
extends org.keycloak.adapters.jaas.AbstractKeycloakLoginModule

A version of the Keycloak AbstractKeycloakLoginModule that supports client credentials grant and lookup of KeycloakDeployment by using the KeycloakDeploymentCallback. Copied from DirectAccessGrantsLoginModule which has private members un-fortunately. Also supports including the realm roles (as well as resource roles) by setting the INCLUDE_REALM_ROLES_OPTION.

Nested Class Summary

Nested classes/interfaces inherited from class org.keycloak.adapters.jaas.AbstractKeycloakLoginModule

org.keycloak.adapters.jaas.AbstractKeycloakLoginModule.Auth

Field Summary

Fields

Modifier and Type	Field	Description
static final String	INCLUDE_REALM_ROLES_OPTION
protected boolean	includeRealmRoles
protected String	refreshToken
protected String	scope
static final String	SCOPE_OPTION

Fields inherited from class org.keycloak.adapters.jaas.AbstractKeycloakLoginModule

auth, callbackHandler, deployment, KEYCLOAK_CONFIG_FILE_OPTION, PROFILE_RESOURCE, ROLE_PRINCIPAL_CLASS_OPTION, rolePrincipalClass, subject

Constructor Summary

Constructors

Constructor	Description
MultiTenantClientCredentialsGrantsLoginModule()

Method Summary

Modifier and Type	Method	Description
protected org.keycloak.adapters.jaas.AbstractKeycloakLoginModule.Auth	clientCredentialsAuth(String username, String password)
boolean	commit()
protected org.keycloak.adapters.jaas.AbstractKeycloakLoginModule.Auth	doAuth(String username, String password)
protected org.jboss.logging.Logger	getLogger()
void	initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
boolean	login()
boolean	logout()
protected org.keycloak.adapters.jaas.AbstractKeycloakLoginModule.Auth	postTokenVerification(String tokenString, org.keycloak.representations.AccessToken token)

Methods inherited from class org.keycloak.adapters.jaas.AbstractKeycloakLoginModule

abort, bearerAuth, createRolePrincipal, resolveDeployment

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

INCLUDE_REALM_ROLES_OPTION

public static final String INCLUDE_REALM_ROLES_OPTION

See Also:

• Constant Field Values

SCOPE_OPTION

public static final String SCOPE_OPTION

See Also:

• Constant Field Values

includeRealmRoles

protected boolean includeRealmRoles

scope

protected String scope

refreshToken

protected String refreshToken

Constructor Details

MultiTenantClientCredentialsGrantsLoginModule

public MultiTenantClientCredentialsGrantsLoginModule()

Method Details

initialize

public void initialize(Subject subject,
 CallbackHandler callbackHandler,
 Map<String,?> sharedState,
 Map<String,?> options)

Specified by:

initialize in interface LoginModule

Overrides:

initialize in class org.keycloak.adapters.jaas.AbstractKeycloakLoginModule

login

public boolean login()
              throws LoginException

Specified by:

login in interface LoginModule

Overrides:

login in class org.keycloak.adapters.jaas.AbstractKeycloakLoginModule

Throws:

LoginException

getLogger

protected org.jboss.logging.Logger getLogger()

Specified by:

getLogger in class org.keycloak.adapters.jaas.AbstractKeycloakLoginModule

doAuth

protected org.keycloak.adapters.jaas.AbstractKeycloakLoginModule.Auth doAuth(String username,
 String password)
                                                                      throws IOException,
org.keycloak.common.VerificationException

Specified by:

doAuth in class org.keycloak.adapters.jaas.AbstractKeycloakLoginModule

Throws:

IOException

org.keycloak.common.VerificationException

commit

public boolean commit()
               throws LoginException

Specified by:

commit in interface LoginModule

Overrides:

commit in class org.keycloak.adapters.jaas.AbstractKeycloakLoginModule

Throws:

LoginException

clientCredentialsAuth

protected org.keycloak.adapters.jaas.AbstractKeycloakLoginModule.Auth clientCredentialsAuth(String username,
 String password)
                                                                                     throws IOException,
org.keycloak.common.VerificationException

Throws:

IOException

org.keycloak.common.VerificationException

postTokenVerification

protected org.keycloak.adapters.jaas.AbstractKeycloakLoginModule.Auth postTokenVerification(String tokenString,
 org.keycloak.representations.AccessToken token)

Overrides:

postTokenVerification in class org.keycloak.adapters.jaas.AbstractKeycloakLoginModule

logout

public boolean logout()
               throws LoginException

Specified by:

logout in interface LoginModule

Overrides:

logout in class org.keycloak.adapters.jaas.AbstractKeycloakLoginModule

Throws:

LoginException