Package com.inductiveautomation.ignition.gateway.auth.idp

Interface IdpAdapterManager

  • public interface IdpAdapterManager
    An IdpAdapterManager is the source of record for all IdpAdapters configured in the system

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      void addConfig​(IdpAdapterConfig config)
      Add a new Identity Provider Adapter
      WebAuthSession createSession​(java.lang.String name, com.google.common.collect.ImmutableCollection<java.lang.String> securityZones)
      Creates a WebAuthSession given the targeted IdP Adapter's name
      java.net.URI generateLogoutRequestUri​(java.lang.String name, java.net.URI requestUri, WebAuthState.Builder webAuthStateBuilder, java.lang.String signedAttributesDocument, boolean useBroker)
      Generates the URI to redirect the end user for performing logout with an external IdP.
      java.net.URI generateWebAuthRequestUri​(java.lang.String name, java.net.URI requestUri, WebAuthState.Builder webAuthStateBuilder, boolean useBroker, boolean forceAuth)
      Generates the URI to redirect the end user for performing web auth with an external IdP.
      com.google.common.collect.ImmutableCollection<IdpAdapterMeta> getAllConfigs()  
      com.google.common.collect.ImmutableCollection<org.apache.commons.lang3.tuple.Triple<java.lang.String,​java.lang.String,​java.lang.String>> getAllTypes()  
      java.util.Optional<IdpAdapterConfig> getConfig​(java.lang.String name)
      Fetch the IdpAdapterConfig associated with the given IdP name
      com.google.common.eventbus.EventBus getEventBus()  
      void removeProviderConfig​(java.lang.String name)
      Remove an Identity Provider Adapter from the system
      com.google.common.collect.ImmutableCollection<java.lang.String> search​(java.lang.String name, UserAttribute attributeName, java.lang.String attributeValue)
      Search for a user against a database of historical login information.
      void updateProviderConfig​(java.lang.String name, IdpAdapterConfig config)
      Update an existing Identity Provider Adapter

    • Method Detail

      • getAllTypes

        @Nonnull
com.google.common.collect.ImmutableCollection<org.apache.commons.lang3.tuple.Triple<java.lang.String,​java.lang.String,​java.lang.String>> getAllTypes()
        Returns:
        an ImmutableCollection of all triples of all registered Identity Provider Adapter type ids, their names, and their descriptions

      • getAllConfigs

        @Nonnull
com.google.common.collect.ImmutableCollection<IdpAdapterMeta> getAllConfigs()
        Returns:
        an ImmutableCollection of IdpAdapterMeta for each Identity Provider Adapter configured in the system

      • getConfig

        @Nonnull
java.util.Optional<IdpAdapterConfig> getConfig​(@Nonnull
                                               java.lang.String name)
        Fetch the IdpAdapterConfig associated with the given IdP name
        Parameters:
        name - The targeted IdP name
        Returns:
        An Optional which contains the IdpAdapterConfig associated with the given IdP name or an empty Optional if there exists no IdP Adapter with the given name

      • updateProviderConfig

        void updateProviderConfig​(@Nonnull
                          java.lang.String name,
                          @Nonnull
                          IdpAdapterConfig config)
                   throws IdpAdapterManagerException
        Update an existing Identity Provider Adapter
        Parameters:
        name - the name of the IdP Adapter to update
        config - the new configuration which will replace the IdP Adapter's current configuration
        Throws:
        NameCollisionException - if the name of the updated config collides with the name of an existing config
        NotFoundException - if a config with the given name does not exist in the system
        IdpAdapterManagerException - if there is some other unexpected problem updating the config

      • removeProviderConfig

        void removeProviderConfig​(@Nonnull
                          java.lang.String name)
                   throws IdpAdapterManagerException
        Remove an Identity Provider Adapter from the system
        Parameters:
        name - the name of the IdP Adapter to remove
        Throws:
        NotFoundException - if a config with the given name does not exist in the system
        IdpAdapterManagerException - if there is some other unexpected problem removing the config

      • generateWebAuthRequestUri

        @Nonnull
java.net.URI generateWebAuthRequestUri​(@Nonnull
                                       java.lang.String name,
                                       @Nonnull
                                       java.net.URI requestUri,
                                       @Nonnull
                                       WebAuthState.Builder webAuthStateBuilder,
                                       boolean useBroker,
                                       boolean forceAuth)
                                throws IdpAdapterManagerException
        Generates the URI to redirect the end user for performing web auth with an external IdP.
        Parameters:
        name - the targeted IdP Adapter name
        requestUri - the incoming request URI
        webAuthStateBuilder - the WebAuthState.Builder to attach state to be linked from pre- to post-web-auth
        forceAuth - force the IdP to re-authenticate the user
        Returns:
        the URI to redirect the end user for performing web auth with the targeted external IdP
        Throws:
        NotFoundException - if an IdP with the given name does not exist
        IdpAdapterManagerException - if there is an unexpected problem generating the web auth request URI

      • generateLogoutRequestUri

        @Nonnull
java.net.URI generateLogoutRequestUri​(@Nonnull
                                      java.lang.String name,
                                      @Nonnull
                                      java.net.URI requestUri,
                                      @Nonnull
                                      WebAuthState.Builder webAuthStateBuilder,
                                      @Nullable
                                      java.lang.String signedAttributesDocument,
                                      boolean useBroker)
                               throws IdpAdapterManagerException
        Generates the URI to redirect the end user for performing logout with an external IdP.
        Parameters:
        name - the targeted IdP Adapter name
        requestUri - the incoming request URI
        webAuthStateBuilder - the WebAuthState.Builder to attach state to be linked from pre- to post-logout
        signedAttributesDocument - the optional signed attributes document from which authentication was asserted, to be used as a hint for some implementations to perform logout appropriately
        Returns:
        the URI to redirect the end user for performing logout with the targeted external IdP
        Throws:
        NotFoundException - if an IdP with the given name does not exist
        IdpAdapterManagerException - if there is an unexpected problem generating the logout request URI
        java.lang.UnsupportedOperationException - if IdP Adapter does not support logout requests

      • createSession

        @Nonnull
WebAuthSession createSession​(@Nullable
                             java.lang.String name,
                             @Nonnull
                             com.google.common.collect.ImmutableCollection<java.lang.String> securityZones)
        Creates a WebAuthSession given the targeted IdP Adapter's name
        Parameters:
        name - the targeted IdP Adapter name
        securityZones - the security zones of the context in which the WebAuthSession will run

      • search

        @Nonnull
com.google.common.collect.ImmutableCollection<java.lang.String> search​(@Nonnull
                                                                       java.lang.String name,
                                                                       @Nonnull
                                                                       UserAttribute attributeName,
                                                                       @Nonnull
                                                                       java.lang.String attributeValue)
        Search for a user against a database of historical login information.
        Parameters:
        name - the IdP name to search
        attributeName - the UserAttribute to search
        attributeValue - the search string
        Returns:
        the attribute values which closely match the search string