Interface WebAuthStrategy

  • All Known Implementing Classes:
    AbstractWebAuthStrategy

    public interface WebAuthStrategy
    A WebAuthStrategy provides methods for an end user to initiate authentication requests which may require a User Agent to visit an external Identity Provider (IdP) to prove their Identity. The methods exposed here are broken out in a way which is web-friendly. Expected implementations include Open ID Connect (OIDC) and Security Assertion Markup Language (SAML).
    • Method Detail

      • getType

        @Nonnull
        java.lang.String getType()
        Returns:
        the type of this WebAuthStrategy
      • isLogoutSupported

        boolean isLogoutSupported()
        Returns:
        true if this WebAuthStrategy supports end session requests, false otherwise
      • generateWebAuthRequestUri

        @Nonnull
        java.net.URI generateWebAuthRequestUri​(@Nonnull
                                               java.net.URI authRedirectUri,
                                               @Nonnull
                                               WebAuthState.Builder webAuthStateBuilder)
                                        throws WebAuthStrategyException
        Generates the appropriate IdP request URI to which the user should be redirected in order to satisfy the requirements to generate an auth response which will establish an authenticated user.
        Parameters:
        authRedirectUri - The URI to which the IdP will redirect in order to route the IdP auth response to this strategy for parsing
        webAuthStateBuilder - The WebAuthState.Builder to which certain state may be added by the WebAuthStrategy implementation to be passed in the WebAuthResponseContext
        Returns:
        The URI to initiate auth at the IdP
        Throws:
        WebAuthStrategyException - if there is a problem generating the IdP auth request URI
      • generateWebAuthEndSessionRequestUri

        @Nonnull
        java.net.URI generateWebAuthEndSessionRequestUri​(@Nonnull
                                                         java.net.URI authRedirectUri,
                                                         @Nonnull
                                                         WebAuthState.Builder webAuthStateBuilder,
                                                         @Nullable
                                                         java.lang.String signedAttributesDocument)
                                                  throws WebAuthStrategyException
        Generates the appropriate IdP request URI to which the user should be redirected in order to end their session.
        Parameters:
        authRedirectUri - The URI to which the IdP will redirect in order to route the IdP end session response to this strategy for parsing
        webAuthStateBuilder - The WebAuthState.Builder to which certain state may be added by the WebAuthStrategy implementation to be passed in the WebAuthResponseContext
        signedAttributesDocument - The optional signed attributes document from which authentication was asserted, to be used as a hint for some implementations to perform logout appropriately
        Returns:
        The URI to initiate the end session request at the IdP
        Throws:
        java.lang.UnsupportedOperationException - if this WebAuthStrategy does not support end session requests
        WebAuthStrategyException - if there is a problem generating the IdP end session request URI
      • parseWebAuthEndSessionResponse

        void parseWebAuthEndSessionResponse​(@Nonnull
                                            WebAuthResponseContext webAuthResponseContext)
                                     throws WebAuthStrategyException
        Parse the Web Auth End Session Response from the incoming Http Request details. Returns the original app redirect URI.
        Parameters:
        webAuthResponseContext - The WebAuthResponseContext which contains the WebAuthState associated with the Web Auth Request that is connected to this Web Auth Response as well as the HttpRequest details which contain the IdP's end session response
        Throws:
        java.lang.UnsupportedOperationException - if this WebAuthStrategy does not support end session requests
        WebAuthStrategyException - if there is a problem parsing web auth end session response