Package org.pac4j.core.client
Class IndirectClient
- java.lang.Object
-
- org.pac4j.core.util.InitializableObject
-
- org.pac4j.core.client.BaseClient
-
- org.pac4j.core.client.IndirectClient
-
- All Implemented Interfaces:
Client
public abstract class IndirectClient extends BaseClient
Indirect client: the requested protected URL is saved, the user is redirected to the identity provider for login and back to the application after the sucessful authentication and finally to the originally requested URL.- Since:
- 1.9.0
- Author:
- Jerome Leleu
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
ATTEMPTED_AUTHENTICATION_SUFFIX
protected java.lang.String
callbackUrl
protected CallbackUrlResolver
callbackUrlResolver
protected UrlResolver
urlResolver
-
Fields inherited from class org.pac4j.core.client.BaseClient
logger, saveProfileInSession
-
-
Constructor Summary
Constructors Constructor Description IndirectClient()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
afterInternalInit(boolean forceReinit)
protected void
beforeInternalInit(boolean forceReinit)
java.lang.String
computeFinalCallbackUrl(WebContext context)
protected void
defaultLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)
protected void
defaultRedirectionActionBuilder(RedirectionActionBuilder redirectActionBuilder)
AjaxRequestResolver
getAjaxRequestResolver()
java.lang.String
getCallbackUrl()
CallbackUrlResolver
getCallbackUrlResolver()
java.lang.String
getCodeVerifierSessionAttributeName()
java.util.Optional<Credentials>
getCredentials(WebContext context, SessionStore sessionStore)
Get the credentials from the web context.java.util.Optional<RedirectionAction>
getLogoutAction(WebContext context, SessionStore sessionStore, UserProfile currentProfile, java.lang.String targetUrl)
Return the logout action (indirect clients).LogoutActionBuilder
getLogoutActionBuilder()
java.lang.String
getNonceSessionAttributeName()
java.util.Optional<RedirectionAction>
getRedirectionAction(WebContext context, SessionStore sessionStore)
If an authentication has already been tried for this client and has failed (null
credentials) or if the request is an AJAX one, an unauthorized response is thrown instead of a "redirection".RedirectionActionBuilder
getRedirectionActionBuilder()
java.lang.String
getStateSessionAttributeName()
UrlResolver
getUrlResolver()
boolean
isCheckAuthenticationAttempt()
protected CallbackUrlResolver
newDefaultCallbackUrlResolver()
void
setAjaxRequestResolver(AjaxRequestResolver ajaxRequestResolver)
void
setCallbackUrl(java.lang.String callbackUrl)
void
setCallbackUrlResolver(CallbackUrlResolver callbackUrlResolver)
void
setCheckAuthenticationAttempt(boolean checkAuthenticationAttempt)
void
setLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)
void
setRedirectionActionBuilder(RedirectionActionBuilder redirectionActionBuilder)
void
setUrlResolver(UrlResolver urlResolver)
java.lang.String
toString()
-
Methods inherited from class org.pac4j.core.client.BaseClient
addAuthorizationGenerator, addAuthorizationGenerators, defaultAuthenticator, defaultCredentialsExtractor, defaultProfileCreator, getAuthenticator, getAuthorizationGenerators, getCredentialsExtractor, getCustomProperties, getName, getProfileCreator, getProfileFactoryWhenNotAuthenticated, getSaveProfileInSession, getUserProfile, isMultiProfile, notifySessionRenewal, renewUserProfile, retrieveCredentials, retrieveUserProfile, setAuthenticator, setAuthorizationGenerator, setAuthorizationGenerators, setAuthorizationGenerators, setCredentialsExtractor, setCustomProperties, setMultiProfile, setName, setProfileCreator, setProfileFactoryWhenNotAuthenticated, setSaveProfileInSession
-
Methods inherited from class org.pac4j.core.util.InitializableObject
getLastAttempt, getMaxAttempts, getMinTimeIntervalBetweenAttemptsInMilliseconds, getNbAttempts, init, init, internalInit, isInitialized, reinit, setMaxAttempts, setMinTimeIntervalBetweenAttemptsInMilliseconds, shouldInitialize
-
-
-
-
Field Detail
-
ATTEMPTED_AUTHENTICATION_SUFFIX
public static final java.lang.String ATTEMPTED_AUTHENTICATION_SUFFIX
- See Also:
- Constant Field Values
-
callbackUrl
protected java.lang.String callbackUrl
-
urlResolver
protected UrlResolver urlResolver
-
callbackUrlResolver
protected CallbackUrlResolver callbackUrlResolver
-
-
Method Detail
-
beforeInternalInit
protected void beforeInternalInit(boolean forceReinit)
- Overrides:
beforeInternalInit
in classInitializableObject
-
afterInternalInit
protected final void afterInternalInit(boolean forceReinit)
- Overrides:
afterInternalInit
in classInitializableObject
-
newDefaultCallbackUrlResolver
protected CallbackUrlResolver newDefaultCallbackUrlResolver()
-
getRedirectionAction
public final java.util.Optional<RedirectionAction> getRedirectionAction(WebContext context, SessionStore sessionStore)
If an authentication has already been tried for this client and has failed (
null
credentials) or if the request is an AJAX one, an unauthorized response is thrown instead of a "redirection".- Parameters:
context
- contextsessionStore
- the session store- Returns:
- the "redirection" action
-
getCredentials
public final java.util.Optional<Credentials> getCredentials(WebContext context, SessionStore sessionStore)
Get the credentials from the web context. In some cases, a
HttpAction
may be thrown:- if the
CasClient
receives a logout request, it returns a 200 HTTP status code - for the
IndirectBasicAuthClient
, if no credentials are sent to the callback url, an unauthorized response (401 HTTP status code) is returned to request credentials through a popup.
- Parameters:
context
- the current web contextsessionStore
- the session store- Returns:
- the credentials
- if the
-
getLogoutAction
public final java.util.Optional<RedirectionAction> getLogoutAction(WebContext context, SessionStore sessionStore, UserProfile currentProfile, java.lang.String targetUrl)
Description copied from interface:Client
Return the logout action (indirect clients).
- Parameters:
context
- the current web contextsessionStore
- the session storecurrentProfile
- the currentProfiletargetUrl
- the target url after logout- Returns:
- the redirection to perform (optional)
-
computeFinalCallbackUrl
public java.lang.String computeFinalCallbackUrl(WebContext context)
-
setCallbackUrl
public void setCallbackUrl(java.lang.String callbackUrl)
-
getCallbackUrl
public java.lang.String getCallbackUrl()
-
getUrlResolver
public UrlResolver getUrlResolver()
-
setUrlResolver
public void setUrlResolver(UrlResolver urlResolver)
-
getCallbackUrlResolver
public CallbackUrlResolver getCallbackUrlResolver()
-
setCallbackUrlResolver
public void setCallbackUrlResolver(CallbackUrlResolver callbackUrlResolver)
-
getAjaxRequestResolver
public AjaxRequestResolver getAjaxRequestResolver()
-
setAjaxRequestResolver
public void setAjaxRequestResolver(AjaxRequestResolver ajaxRequestResolver)
-
getRedirectionActionBuilder
public RedirectionActionBuilder getRedirectionActionBuilder()
-
defaultRedirectionActionBuilder
protected void defaultRedirectionActionBuilder(RedirectionActionBuilder redirectActionBuilder)
-
getLogoutActionBuilder
public LogoutActionBuilder getLogoutActionBuilder()
-
defaultLogoutActionBuilder
protected void defaultLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)
-
setRedirectionActionBuilder
public void setRedirectionActionBuilder(RedirectionActionBuilder redirectionActionBuilder)
-
setLogoutActionBuilder
public void setLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)
-
getStateSessionAttributeName
public java.lang.String getStateSessionAttributeName()
-
getNonceSessionAttributeName
public java.lang.String getNonceSessionAttributeName()
-
getCodeVerifierSessionAttributeName
public java.lang.String getCodeVerifierSessionAttributeName()
-
isCheckAuthenticationAttempt
public boolean isCheckAuthenticationAttempt()
-
setCheckAuthenticationAttempt
public void setCheckAuthenticationAttempt(boolean checkAuthenticationAttempt)
-
toString
public java.lang.String toString()
- Overrides:
toString
in classBaseClient
-
-