Interface WebAuthStrategy
-
- All Known Implementing Classes:
AbstractWebAuthStrategy
public interface WebAuthStrategy
A WebAuthStrategy provides methods for an end user to initiate authentication requests which may require a User Agent to visit an external Identity Provider (IdP) to prove their Identity. The methods exposed here are broken out in a way which is web-friendly. Expected implementations include Open ID Connect (OIDC) and Security Assertion Markup Language (SAML).
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description java.net.URI
generateWebAuthEndSessionRequestUri(java.net.URI authRedirectUri, WebAuthState.Builder webAuthStateBuilder, java.lang.String signedAttributesDocument)
Generates the appropriate IdP request URI to which the user should be redirected in order to end their session.java.net.URI
generateWebAuthRequestUri(java.net.URI authRedirectUri, WebAuthState.Builder webAuthStateBuilder)
Generates the appropriate IdP request URI to which the user should be redirected in order to satisfy the requirements to generate an auth response which will establish an authenticated user.java.lang.String
getType()
boolean
isLogoutSupported()
void
parseWebAuthEndSessionResponse(WebAuthResponseContext webAuthResponseContext)
Parse the Web Auth End Session Response from the incoming Http Request details.AttributeSource
parseWebAuthResponse(WebAuthResponseContext warc)
Parses theWebAuthResponseContext
from the IdP's auth response (encapsulated in the incoming HTTP request)
-
-
-
Method Detail
-
getType
@Nonnull java.lang.String getType()
- Returns:
- the type of this
WebAuthStrategy
-
isLogoutSupported
boolean isLogoutSupported()
- Returns:
- true if this
WebAuthStrategy
supports end session requests, false otherwise
-
generateWebAuthRequestUri
@Nonnull java.net.URI generateWebAuthRequestUri(@Nonnull java.net.URI authRedirectUri, @Nonnull WebAuthState.Builder webAuthStateBuilder) throws WebAuthStrategyException
Generates the appropriate IdP request URI to which the user should be redirected in order to satisfy the requirements to generate an auth response which will establish an authenticated user.- Parameters:
authRedirectUri
- The URI to which the IdP will redirect in order to route the IdP auth response to this strategy for parsingwebAuthStateBuilder
- TheWebAuthState.Builder
to which certain state may be added by the WebAuthStrategy implementation to be passed in theWebAuthResponseContext
- Returns:
- The URI to initiate auth at the IdP
- Throws:
WebAuthStrategyException
- if there is a problem generating the IdP auth request URI
-
parseWebAuthResponse
@Nonnull AttributeSource parseWebAuthResponse(@Nonnull WebAuthResponseContext warc) throws WebAuthStrategyException
Parses theWebAuthResponseContext
from the IdP's auth response (encapsulated in the incoming HTTP request)- Parameters:
warc
- TheWebAuthResponseContext
which contains theWebAuthState
associated with the Web Auth Request that is connected to this Web Auth Response as well as theHttpRequest
details which contain the IdP's auth response- Returns:
- The
AttributeSource
based on the given auth response + auth strategy configuration details - Throws:
WebAuthStrategyException
- if there is a problem parsing theWebAuthResponseContext
-
generateWebAuthEndSessionRequestUri
@Nonnull java.net.URI generateWebAuthEndSessionRequestUri(@Nonnull java.net.URI authRedirectUri, @Nonnull WebAuthState.Builder webAuthStateBuilder, @Nullable java.lang.String signedAttributesDocument) throws WebAuthStrategyException
Generates the appropriate IdP request URI to which the user should be redirected in order to end their session.- Parameters:
authRedirectUri
- The URI to which the IdP will redirect in order to route the IdP end session response to this strategy for parsingwebAuthStateBuilder
- TheWebAuthState.Builder
to which certain state may be added by the WebAuthStrategy implementation to be passed in theWebAuthResponseContext
signedAttributesDocument
- The optional signed attributes document from which authentication was asserted, to be used as a hint for some implementations to perform logout appropriately- Returns:
- The URI to initiate the end session request at the IdP
- Throws:
java.lang.UnsupportedOperationException
- if this WebAuthStrategy does not support end session requestsWebAuthStrategyException
- if there is a problem generating the IdP end session request URI
-
parseWebAuthEndSessionResponse
void parseWebAuthEndSessionResponse(@Nonnull WebAuthResponseContext webAuthResponseContext) throws WebAuthStrategyException
Parse the Web Auth End Session Response from the incoming Http Request details. Returns the original app redirectURI
.- Parameters:
webAuthResponseContext
- TheWebAuthResponseContext
which contains theWebAuthState
associated with the Web Auth Request that is connected to this Web Auth Response as well as theHttpRequest
details which contain the IdP's end session response- Throws:
java.lang.UnsupportedOperationException
- if this WebAuthStrategy does not support end session requestsWebAuthStrategyException
- if there is a problem parsing web auth end session response
-
-