Example 11 with OAuth2DeviceTokenStoreProvider
use of org.keycloak.models.OAuth2DeviceTokenStoreProvider in project keycloak by keycloak.
the class BackchannelAuthenticationEndpoint method storeAuthenticationRequest.
/**
* TODO: Leverage the device code storage for tracking authentication requests. Not sure if we need a specific storage,
* but probably make the {@link OAuth2DeviceTokenStoreProvider} more generic for ciba, device, or any other use case
* that relies on cross-references for unsolicited user authentication requests from devices.
*/
private void storeAuthenticationRequest(CIBAAuthenticationRequest request, CibaConfig cibaConfig, String authReqId) {
ClientModel client = request.getClient();
int expiresIn = cibaConfig.getExpiresIn();
int poolingInterval = cibaConfig.getPoolingInterval();
String cibaMode = cibaConfig.getBackchannelTokenDeliveryMode(client);
// Set authReqId just for the ping mode as it is relatively big and not necessarily needed in the infinispan cache for the "poll" mode
if (!CibaConfig.CIBA_PING_MODE.equals(cibaMode)) {
authReqId = null;
}
OAuth2DeviceCodeModel deviceCode = OAuth2DeviceCodeModel.create(realm, client, request.getId(), request.getScope(), null, expiresIn, poolingInterval, request.getClientNotificationToken(), authReqId, Collections.emptyMap(), null, null);
String authResultId = request.getAuthResultId();
OAuth2DeviceUserCodeModel userCode = new OAuth2DeviceUserCodeModel(realm, deviceCode.getDeviceCode(), authResultId);
// To inform "expired_token" to the client, the lifespan of the cache provider is longer than device code
int lifespanSeconds = expiresIn + poolingInterval + 10;
OAuth2DeviceTokenStoreProvider store = session.getProvider(OAuth2DeviceTokenStoreProvider.class);
store.put(deviceCode, userCode, lifespanSeconds);
}
Also used :
OAuth2DeviceTokenStoreProvider(org.keycloak.models.OAuth2DeviceTokenStoreProvider)
ClientModel(org.keycloak.models.ClientModel)
OAuth2DeviceCodeModel(org.keycloak.models.OAuth2DeviceCodeModel)
OAuth2DeviceUserCodeModel(org.keycloak.models.OAuth2DeviceUserCodeModel)
Aggregations
OAuth2DeviceTokenStoreProvider (org.keycloak.models.OAuth2DeviceTokenStoreProvider)11
OAuth2DeviceCodeModel (org.keycloak.models.OAuth2DeviceCodeModel)7
OAuthErrorException (org.keycloak.OAuthErrorException)3
ClientModel (org.keycloak.models.ClientModel)3
ErrorResponseException (org.keycloak.services.ErrorResponseException)3
ClientPolicyException (org.keycloak.services.clientpolicy.ClientPolicyException)3
UriBuilder (javax.ws.rs.core.UriBuilder)2
ClientSessionContext (org.keycloak.models.ClientSessionContext)2
KeycloakContext (org.keycloak.models.KeycloakContext)2
KeycloakUriInfo (org.keycloak.models.KeycloakUriInfo)2
OAuth2DeviceUserCodeModel (org.keycloak.models.OAuth2DeviceUserCodeModel)2
OAuth2DeviceUserCodeProvider (org.keycloak.models.OAuth2DeviceUserCodeProvider)2
RealmModel (org.keycloak.models.RealmModel)2
UserModel (org.keycloak.models.UserModel)2
UserSessionModel (org.keycloak.models.UserSessionModel)2
CorsErrorResponseException (org.keycloak.services.CorsErrorResponseException)2
DefaultClientSessionContext (org.keycloak.services.util.DefaultClientSessionContext)2
IOException (java.io.IOException)1
Consumes (javax.ws.rs.Consumes)1
GET (javax.ws.rs.GET)1
