Package com.inductiveautomation.ignition.gateway.auth.idp

Interface IdpAdapterManager

public interface IdpAdapterManager
An IdpAdapterManager is the source of record for all IdpAdapters configured in the system

  • Method Details

    • getAllTypes

      @Nonnull com.google.common.collect.ImmutableCollection<org.apache.commons.lang3.tuple.Triple<String,String,String>> getAllTypes()
      Returns:
      an ImmutableCollection of all triples of all registered Identity Provider Adapter type ids, their names, and their descriptions

    • getAllConfigs

      @Nonnull com.google.common.collect.ImmutableCollection<IdpAdapterMeta> getAllConfigs()
      Returns:
      an ImmutableCollection of IdpAdapterMeta for each Identity Provider Adapter configured in the system

    • getConfig

      @Nonnull Optional<IdpAdapterConfig> getConfig(@Nonnull String name)
      Fetch the IdpAdapterConfig associated with the given IdP name
      Parameters:
      name - The targeted IdP name
      Returns:
      An Optional which contains the IdpAdapterConfig associated with the given IdP name or an empty Optional if there exists no IdP Adapter with the given name

    • addConfig

      void addConfig(@Nonnull IdpAdapterConfig config) throws IdpAdapterManagerException
      Add a new Identity Provider Adapter
      Parameters:
      config - the configuration of the new IdP Adapter
      Throws:
      NameCollisionException - if the name of the new config collides with the name of an existing config
      IdpAdapterManagerException - if there is some other unexpected problem adding the new config

    • updateProviderConfig

      void updateProviderConfig(@Nonnull String name, @Nonnull IdpAdapterConfig config) throws IdpAdapterManagerException
      Update an existing Identity Provider Adapter
      Parameters:
      name - the name of the IdP Adapter to update
      config - the new configuration which will replace the IdP Adapter's current configuration
      Throws:
      NameCollisionException - if the name of the updated config collides with the name of an existing config
      NotFoundException - if a config with the given name does not exist in the system
      IdpAdapterManagerException - if there is some other unexpected problem updating the config

    • removeProviderConfig

      void removeProviderConfig(@Nonnull String name) throws IdpAdapterManagerException
      Remove an Identity Provider Adapter from the system
      Parameters:
      name - the name of the IdP Adapter to remove
      Throws:
      NotFoundException - if a config with the given name does not exist in the system
      IdpAdapterManagerException - if there is some other unexpected problem removing the config

    • generateWebAuthRequestUri

      @Nonnull URI generateWebAuthRequestUri(@Nonnull String name, @Nonnull URI requestUri, @Nonnull WebAuthState.Builder webAuthStateBuilder, boolean useBroker, boolean forceAuth) throws IdpAdapterManagerException
      Generates the URI to redirect the end user for performing web auth with an external IdP.
      Parameters:
      name - the targeted IdP Adapter name
      requestUri - the incoming request URI
      webAuthStateBuilder - the WebAuthState.Builder to attach state to be linked from pre- to post-web-auth
      forceAuth - force the IdP to re-authenticate the user
      Returns:
      the URI to redirect the end user for performing web auth with the targeted external IdP
      Throws:
      NotFoundException - if an IdP with the given name does not exist
      IdpAdapterManagerException - if there is an unexpected problem generating the web auth request URI

    • generateLogoutRequestUri

      @Nonnull URI generateLogoutRequestUri(@Nonnull String name, @Nonnull URI requestUri, @Nonnull WebAuthState.Builder webAuthStateBuilder, @Nullable String signedAttributesDocument, boolean useBroker) throws IdpAdapterManagerException
      Generates the URI to redirect the end user for performing logout with an external IdP.
      Parameters:
      name - the targeted IdP Adapter name
      requestUri - the incoming request URI
      webAuthStateBuilder - the WebAuthState.Builder to attach state to be linked from pre- to post-logout
      signedAttributesDocument - the optional signed attributes document from which authentication was asserted, to be used as a hint for some implementations to perform logout appropriately
      Returns:
      the URI to redirect the end user for performing logout with the targeted external IdP
      Throws:
      NotFoundException - if an IdP with the given name does not exist
      IdpAdapterManagerException - if there is an unexpected problem generating the logout request URI
      UnsupportedOperationException - if IdP Adapter does not support logout requests

    • createSession

      @Nonnull WebAuthSession createSession(@Nullable String name, @Nonnull com.google.common.collect.ImmutableCollection<String> securityZones)
      Creates a WebAuthSession given the targeted IdP Adapter's name
      Parameters:
      name - the targeted IdP Adapter name
      securityZones - the security zones of the context in which the WebAuthSession will run

    • search

      @Nonnull com.google.common.collect.ImmutableCollection<String> search(@Nonnull String name, @Nonnull UserAttribute attributeName, @Nonnull String attributeValue)
      Search for a user against a database of historical login information.
      Parameters:
      name - the IdP name to search
      attributeName - the UserAttribute to search
      attributeValue - the search string
      Returns:
      the attribute values which closely match the search string

    • getEventBus

      @Nonnull com.google.common.eventbus.EventBus getEventBus()
      Returns:
      the EventBus where this IdpAdapterManager publishes change events
      See Also: