Package org.pac4j.core.client

Class IndirectClient

java.lang.Object

org.pac4j.core.util.InitializableObject

org.pac4j.core.client.BaseClient

org.pac4j.core.client.IndirectClient

All Implemented Interfaces:

Client

public abstract class IndirectClient
extends BaseClient

Indirect client: the requested protected URL is saved, the user is redirected to the identity provider for login and back to the application after the sucessful authentication and finally to the originally requested URL.

Since:

1.9.0

Author:

Jerome Leleu

Field Summary

Fields

Modifier and Type	Field	Description
static final String	ATTEMPTED_AUTHENTICATION_SUFFIX
protected String	callbackUrl
protected CallbackUrlResolver	callbackUrlResolver
protected UrlResolver	urlResolver

Fields inherited from class org.pac4j.core.client.BaseClient

logger, saveProfileInSession

Constructor Summary

Constructors

Constructor	Description
IndirectClient()

Method Summary

Modifier and Type	Method	Description
protected final void	afterInternalInit(boolean forceReinit)
protected void	beforeInternalInit(boolean forceReinit)
String	computeFinalCallbackUrl(WebContext context)
protected void	defaultLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)
protected void	defaultRedirectionActionBuilder(RedirectionActionBuilder redirectActionBuilder)
AjaxRequestResolver	getAjaxRequestResolver()
String	getCallbackUrl()
CallbackUrlResolver	getCallbackUrlResolver()
String	getCodeVerifierSessionAttributeName()
final Optional<Credentials>	getCredentials(WebContext context, SessionStore sessionStore)	Get the credentials from the web context.
final Optional<RedirectionAction>	getLogoutAction(WebContext context, SessionStore sessionStore, UserProfile currentProfile, String targetUrl)	Return the logout action (indirect clients).
LogoutActionBuilder	getLogoutActionBuilder()
String	getNonceSessionAttributeName()
final Optional<RedirectionAction>	getRedirectionAction(WebContext context, SessionStore sessionStore)	If an authentication has already been tried for this client and has failed (null credentials) or if the request is an AJAX one, an unauthorized response is thrown instead of a "redirection".
RedirectionActionBuilder	getRedirectionActionBuilder()
String	getStateSessionAttributeName()
UrlResolver	getUrlResolver()
boolean	isCheckAuthenticationAttempt()
protected CallbackUrlResolver	newDefaultCallbackUrlResolver()
void	setAjaxRequestResolver(AjaxRequestResolver ajaxRequestResolver)
void	setCallbackUrl(String callbackUrl)
void	setCallbackUrlResolver(CallbackUrlResolver callbackUrlResolver)
void	setCheckAuthenticationAttempt(boolean checkAuthenticationAttempt)
void	setLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)
void	setRedirectionActionBuilder(RedirectionActionBuilder redirectionActionBuilder)
void	setUrlResolver(UrlResolver urlResolver)
String	toString()

Methods inherited from class org.pac4j.core.client.BaseClient

addAuthorizationGenerator, addAuthorizationGenerators, defaultAuthenticator, defaultCredentialsExtractor, defaultProfileCreator, getAuthenticator, getAuthorizationGenerators, getCredentialsExtractor, getCustomProperties, getName, getProfileCreator, getProfileFactoryWhenNotAuthenticated, getSaveProfileInSession, getUserProfile, isMultiProfile, notifySessionRenewal, renewUserProfile, retrieveCredentials, retrieveUserProfile, setAuthenticator, setAuthorizationGenerator, setAuthorizationGenerators, setAuthorizationGenerators, setCredentialsExtractor, setCustomProperties, setMultiProfile, setName, setProfileCreator, setProfileFactoryWhenNotAuthenticated, setSaveProfileInSession

Methods inherited from class org.pac4j.core.util.InitializableObject

getLastAttempt, getMaxAttempts, getMinTimeIntervalBetweenAttemptsInMilliseconds, getNbAttempts, init, init, internalInit, isInitialized, reinit, setMaxAttempts, setMinTimeIntervalBetweenAttemptsInMilliseconds, shouldInitialize

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Details

ATTEMPTED_AUTHENTICATION_SUFFIX

public static final String ATTEMPTED_AUTHENTICATION_SUFFIX

See Also:

• Constant Field Values

callbackUrl

protected String callbackUrl

urlResolver

protected UrlResolver urlResolver

callbackUrlResolver

protected CallbackUrlResolver callbackUrlResolver

Constructor Details

IndirectClient

public IndirectClient()

Method Details

beforeInternalInit

protected void beforeInternalInit(boolean forceReinit)

Overrides:

beforeInternalInit in class InitializableObject

afterInternalInit

protected final void afterInternalInit(boolean forceReinit)

Overrides:

afterInternalInit in class InitializableObject

newDefaultCallbackUrlResolver

protected CallbackUrlResolver newDefaultCallbackUrlResolver()

getRedirectionAction

public final Optional<RedirectionAction> getRedirectionAction(WebContext context,
 SessionStore sessionStore)

If an authentication has already been tried for this client and has failed (null credentials) or if the request is an AJAX one, an unauthorized response is thrown instead of a "redirection".

Parameters:

context - context

sessionStore - the session store

Returns:

the "redirection" action

getCredentials

public final Optional<Credentials> getCredentials(WebContext context,
 SessionStore sessionStore)

Get the credentials from the web context. In some cases, a HttpAction may be thrown:

• if the CasClient receives a logout request, it returns a 200 HTTP status code
• for the IndirectBasicAuthClient, if no credentials are sent to the callback url, an unauthorized response (401 HTTP status code) is returned to request credentials through a popup.

Parameters:

context - the current web context

sessionStore - the session store

Returns:

the credentials

getLogoutAction

public final Optional<RedirectionAction> getLogoutAction(WebContext context,
 SessionStore sessionStore,
 UserProfile currentProfile,
 String targetUrl)

Description copied from interface: Client

Return the logout action (indirect clients).

Parameters:

context - the current web context

sessionStore - the session store

currentProfile - the currentProfile

targetUrl - the target url after logout

Returns:

the redirection to perform (optional)

computeFinalCallbackUrl

public String computeFinalCallbackUrl(WebContext context)

setCallbackUrl

public void setCallbackUrl(String callbackUrl)

getCallbackUrl

public String getCallbackUrl()

getUrlResolver

public UrlResolver getUrlResolver()

setUrlResolver

public void setUrlResolver(UrlResolver urlResolver)

getCallbackUrlResolver

public CallbackUrlResolver getCallbackUrlResolver()

setCallbackUrlResolver

public void setCallbackUrlResolver(CallbackUrlResolver callbackUrlResolver)

getAjaxRequestResolver

public AjaxRequestResolver getAjaxRequestResolver()

setAjaxRequestResolver

public void setAjaxRequestResolver(AjaxRequestResolver ajaxRequestResolver)

getRedirectionActionBuilder

public RedirectionActionBuilder getRedirectionActionBuilder()

defaultRedirectionActionBuilder

protected void defaultRedirectionActionBuilder(RedirectionActionBuilder redirectActionBuilder)

getLogoutActionBuilder

public LogoutActionBuilder getLogoutActionBuilder()

defaultLogoutActionBuilder

protected void defaultLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)

setRedirectionActionBuilder

public void setRedirectionActionBuilder(RedirectionActionBuilder redirectionActionBuilder)

setLogoutActionBuilder

public void setLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)

getStateSessionAttributeName

public String getStateSessionAttributeName()

getNonceSessionAttributeName

public String getNonceSessionAttributeName()

getCodeVerifierSessionAttributeName

public String getCodeVerifierSessionAttributeName()

isCheckAuthenticationAttempt

public boolean isCheckAuthenticationAttempt()

setCheckAuthenticationAttempt

public void setCheckAuthenticationAttempt(boolean checkAuthenticationAttempt)

toString

public String toString()

Overrides:

toString in class BaseClient