Package com.linecorp.armeria.server.saml

Interface SamlSingleSignOnHandler

public interface SamlSingleSignOnHandler

Callbacks which are invoked to handle SAML messages exchanging with an identity provider.

See Also:

SamlServiceProviderBuilder.ssoHandler(SamlSingleSignOnHandler)

Method Summary

Modifier and Type	Method	Description
default CompletionStage<Void>	beforeInitiatingSso(ServiceRequestContext ctx, HttpRequest req, org.opensaml.messaging.context.MessageContext<org.opensaml.saml.saml2.core.AuthnRequest> message, SamlIdentityProviderConfig idpConfig)	Invoked before the service provider sends an authentication request to an identity provider.
HttpResponse	loginFailed(ServiceRequestContext ctx, AggregatedHttpRequest req, org.opensaml.messaging.context.MessageContext<org.opensaml.saml.saml2.core.Response> message, Throwable cause)	Invoked when the single sign-on is failed.
HttpResponse	loginSucceeded(ServiceRequestContext ctx, AggregatedHttpRequest req, org.opensaml.messaging.context.MessageContext<org.opensaml.saml.saml2.core.Response> message, String sessionIndex, String relayState)	Invoked when the single sign-on is succeeded.

Method Details

beforeInitiatingSso

default CompletionStage<Void> beforeInitiatingSso(ServiceRequestContext ctx, HttpRequest req, org.opensaml.messaging.context.MessageContext<org.opensaml.saml.saml2.core.AuthnRequest> message, SamlIdentityProviderConfig idpConfig)

Invoked before the service provider sends an authentication request to an identity provider.

Parameters:

ctx - the ServiceRequestContext of req

req - the Request being handled

message - the MessageContext of the AuthnRequest being sent to the identity provider

idpConfig - the configuration of the identity provider that the request is sending to

loginSucceeded

HttpResponse loginSucceeded(ServiceRequestContext ctx, AggregatedHttpRequest req, org.opensaml.messaging.context.MessageContext<org.opensaml.saml.saml2.core.Response> message, @Nullable String sessionIndex, @Nullable String relayState)

Invoked when the single sign-on is succeeded. It should return an HttpResponse which sends to the client in response to the incoming req.

Parameters:

ctx - the ServiceRequestContext of req

req - the AggregatedHttpRequest being handled

message - the MessageContext of the Response received from the identity provider

sessionIndex - the retrieved value from the Response message. null if it is omitted.

relayState - the string which is sent with the AuthnRequest message and is returned with the Response message. null if it is omitted.

loginFailed

HttpResponse loginFailed(ServiceRequestContext ctx, AggregatedHttpRequest req, @Nullable org.opensaml.messaging.context.MessageContext<org.opensaml.saml.saml2.core.Response> message, Throwable cause)

Invoked when the single sign-on is failed. It should return an HttpResponse which sends to the client in response to the incoming req. Sending an error HTML page is one of the examples.

Parameters:

ctx - the ServiceRequestContext of req

req - the AggregatedHttpRequest being handled

message - the MessageContext of the Response received from the identity provider. null if the content of the req was failed to be parsed as a Response message.

cause - the reason of the failure