tessl/maven-org-keycloak--keycloak-common
Common library and dependencies shared with server and all adapters for the Keycloak identity and access management system
—
Pending
core-functionality.mddocs/
Core Functionality
This document covers the core functionality classes in the org.keycloak.common package that provide essential capabilities for profile management, version information, client connections, and verification operations.
Profile Management
The Profile class manages Keycloak feature profiles and feature flags, allowing runtime configuration of capabilities.
Profile Class
public class Profile {
// Static methods for profile configuration
public static Profile defaults();
public static Profile configure(ProfileConfigResolver... resolvers);
public static Profile init(ProfileName profileName, Map<Feature, Boolean> features);
public static Profile getInstance();
public static void reset();
// Feature query methods
public static boolean isFeatureEnabled(Feature feature);
public static Set<String> getAllUnversionedFeatureNames();
public static Set<String> getDisableableUnversionedFeatureNames();
public static Set<Feature> getFeatureVersions(String feature);
// Instance methods
public ProfileName getName();
public Set<Feature> getAllFeatures();
public Set<Feature> getDisabledFeatures();
public Set<Feature> getPreviewFeatures();
public Set<Feature> getExperimentalFeatures();
public Set<Feature> getDeprecatedFeatures();
public Set<Feature> getFeatures(Feature.Type type);
public Map<Feature, Boolean> getFeatures();
}ProfileName Enum
public enum ProfileName {
DEFAULT,
PREVIEW
}Feature Enum
public enum Feature {
// Identity and Access Management Features
AUTHORIZATION("authorization"),
ACCOUNT_API("account-api"),
ADMIN_FINE_GRAINED_AUTHZ("admin-fine-grained-authz"),
// Protocol and Authentication Features
DOCKER("docker"),
SCRIPTS("scripts"),
TOKEN_EXCHANGE("token-exchange"),
WEB_AUTHN("web-authn"),
CLIENT_POLICIES("client-policies"),
CIBA("ciba"),
PAR("par"),
DYNAMIC_SCOPES("dynamic-scopes"),
STEP_UP_AUTHENTICATION("step-up-authentication"),
KERBEROS("kerberos"),
RECOVERY_CODES("recovery-codes"),
PASSKEYS("passkeys"),
// Security and Compliance Features
FIPS("fips"),
DPOP("dpop"),
// Device and Client Features
DEVICE_FLOW("device-flow"),
CLIENT_TYPES("client-types"),
// User and Session Management
TRANSIENT_USERS("transient-users"),
PERSISTENT_USER_SESSIONS("persistent-user-sessions"),
// Infrastructure Features
MULTI_SITE("multi-site"),
CLUSTERLESS("clusterless"),
HOSTNAME_V2("hostname-v2"),
// Standards and Protocols
OID4VC_VCI("oid4vc-vci"),
// Monitoring and Observability
OPENTELEMETRY("opentelemetry"),
USER_EVENT_METRICS("user-event-metrics"),
// User Interface
DECLARATIVE_UI("declarative-ui"),
// Organization Management
ORGANIZATION("organization"),
// Caching and Performance
CACHE_EMBEDDED_REMOTE_STORE("cache-embedded-remote-store"),
// Federation and Integration
IPA_TUURA_FEDERATION("ipa-tuura-federation"),
// Deployment and Updates
ROLLING_UPDATES_V1("rolling-updates-v1");
// Feature methods
public String getKey();
public String getUnversionedKey();
public String getVersionedKey();
public String getLabel();
public Type getType();
public Set<Feature> getDependencies();
public int getVersion();
public boolean isAvailable();
}Feature.Type Enum
public enum Type {
DEFAULT,
DISABLED_BY_DEFAULT,
DEPRECATED,
PREVIEW,
PREVIEW_DISABLED_BY_DEFAULT,
EXPERIMENTAL
}Usage Examples
// Basic feature checking
if (Profile.isFeatureEnabled(Feature.AUTHORIZATION)) {
// Authorization feature is enabled
}
// Configure profile with specific features
Map<Feature, Boolean> features = new HashMap<>();
features.put(Feature.SCRIPTS, false);
features.put(Feature.DOCKER, true);
Profile profile = Profile.init(ProfileName.DEFAULT, features);
// Get feature information
Set<Feature> previewFeatures = profile.getPreviewFeatures();
Set<Feature> experimentalFeatures = profile.getExperimentalFeatures();
// Check feature metadata
Feature authzFeature = Feature.AUTHORIZATION;
String key = authzFeature.getKey();
Feature.Type type = authzFeature.getType();
Set<Feature> dependencies = authzFeature.getDependencies();Version Information
The Version class provides static access to Keycloak version information.
public class Version {
// Version constants
public static final String UNKNOWN;
public static final String NAME; // "Keycloak"
public static final String NAME_HTML;
public static final String VERSION;
public static final String RESOURCES_VERSION;
public static final String BUILD_TIME;
}Usage Examples
// Get version information
String keycloakVersion = Version.VERSION;
String buildTime = Version.BUILD_TIME;
String productName = Version.NAME;
// Use in logging or diagnostics
logger.info("Running {} version {} (built {})",
Version.NAME, Version.VERSION, Version.BUILD_TIME);Client Connection Interface
The ClientConnection interface provides information about client network connections.
public interface ClientConnection {
/**
* Returns the IP address as a string if available, otherwise null
*/
String getRemoteAddr();
/**
* Returns the remote host (IP address or proxy header info)
*/
String getRemoteHost();
/**
* Returns the remote port
*/
int getRemotePort();
/**
* Returns the local address
*/
String getLocalAddr();
/**
* Returns the local port
*/
int getLocalPort();
}Usage Examples
public void logClientConnection(ClientConnection connection) {
String remoteAddr = connection.getRemoteAddr();
String remoteHost = connection.getRemoteHost();
int remotePort = connection.getRemotePort();
logger.info("Client connection from {}:{} ({})",
remoteHost, remotePort, remoteAddr);
}
public boolean isLocalConnection(ClientConnection connection) {
String remoteAddr = connection.getRemoteAddr();
return "127.0.0.1".equals(remoteAddr) || "::1".equals(remoteAddr);
}Verification Exception
The VerificationException is thrown during verification operations, particularly in cryptographic contexts.
public class VerificationException extends Exception {
/**
* Default constructor
*/
public VerificationException();
/**
* Constructor with message
*/
public VerificationException(String message);
/**
* Constructor with message and cause
*/
public VerificationException(String message, Throwable cause);
/**
* Constructor with cause
*/
public VerificationException(Throwable cause);
}Usage Examples
public void verifySignature(byte[] signature, byte[] data) throws VerificationException {
try {
// Perform signature verification
if (!isValidSignature(signature, data)) {
throw new VerificationException("Signature verification failed");
}
} catch (Exception e) {
throw new VerificationException("Error during verification", e);
}
}
public void handleVerification() {
try {
verifySignature(signature, data);
} catch (VerificationException e) {
logger.error("Verification failed: {}", e.getMessage());
// Handle verification failure
}
}Error Handling Patterns
// Profile configuration errors
try {
Profile profile = Profile.configure(resolver);
} catch (ProfileException e) {
logger.error("Profile configuration failed: {}", e.getMessage());
// Handle configuration failure - use defaults or fail gracefully
}
// Feature availability checking with error handling
try {
if (Feature.AUTHORIZATION.isAvailable() && Profile.isFeatureEnabled(Feature.AUTHORIZATION)) {
// Use authorization features
} else {
logger.warn("Authorization feature not available or not enabled");
}
} catch (Exception e) {
logger.error("Error checking feature availability", e);
}
// Safe version access with null checking
String version = Version.VERSION != null ? Version.VERSION : Version.UNKNOWN;
// Verification exception handling
public void processSecureOperation() throws VerificationException {
try {
// Perform verification logic
verifySignature(data, signature);
} catch (GeneralSecurityException e) {
throw new VerificationException("Cryptographic verification failed", e);
} catch (Exception e) {
throw new VerificationException("Unexpected error during verification", e);
}
}Install with Tessl CLI
npx tessl i tessl/maven-org-keycloak--keycloak-common