Package org.pac4j.core.client
Class IndirectClient
- java.lang.Object
-
- org.pac4j.core.util.InitializableObject
-
- org.pac4j.core.client.BaseClient
-
- org.pac4j.core.client.IndirectClient
-
- All Implemented Interfaces:
Client
public abstract class IndirectClient extends BaseClient
Indirect client: the requested protected URL is saved, the user is redirected to the identity provider for login and back to the application after the sucessful authentication and finally to the originally requested URL.- Since:
- 1.9.0
- Author:
- Jerome Leleu
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringATTEMPTED_AUTHENTICATION_SUFFIXprotected java.lang.StringcallbackUrlprotected CallbackUrlResolvercallbackUrlResolverprotected UrlResolverurlResolver-
Fields inherited from class org.pac4j.core.client.BaseClient
logger, saveProfileInSession
-
-
Constructor Summary
Constructors Constructor Description IndirectClient()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voidafterInternalInit()protected voidbeforeInternalInit()java.lang.StringcomputeFinalCallbackUrl(WebContext context)protected voiddefaultLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)protected voiddefaultRedirectionActionBuilder(RedirectionActionBuilder redirectActionBuilder)AjaxRequestResolvergetAjaxRequestResolver()java.lang.StringgetCallbackUrl()CallbackUrlResolvergetCallbackUrlResolver()java.lang.StringgetCodeVerifierSessionAttributeName()java.util.Optional<Credentials>getCredentials(WebContext context, SessionStore sessionStore)Get the credentials from the web context.java.util.Optional<RedirectionAction>getLogoutAction(WebContext context, SessionStore sessionStore, UserProfile currentProfile, java.lang.String targetUrl)Return the logout action (indirect clients).LogoutActionBuildergetLogoutActionBuilder()java.lang.StringgetNonceSessionAttributeName()java.util.Optional<RedirectionAction>getRedirectionAction(WebContext context, SessionStore sessionStore)If an authentication has already been tried for this client and has failed (nullcredentials) or if the request is an AJAX one, an unauthorized response is thrown instead of a "redirection".RedirectionActionBuildergetRedirectionActionBuilder()java.lang.StringgetStateSessionAttributeName()UrlResolvergetUrlResolver()booleanisCheckAuthenticationAttempt()protected CallbackUrlResolvernewDefaultCallbackUrlResolver()voidsetAjaxRequestResolver(AjaxRequestResolver ajaxRequestResolver)voidsetCallbackUrl(java.lang.String callbackUrl)voidsetCallbackUrlResolver(CallbackUrlResolver callbackUrlResolver)voidsetCheckAuthenticationAttempt(boolean checkAuthenticationAttempt)voidsetLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)voidsetRedirectionActionBuilder(RedirectionActionBuilder redirectionActionBuilder)voidsetUrlResolver(UrlResolver urlResolver)java.lang.StringtoString()-
Methods inherited from class org.pac4j.core.client.BaseClient
addAuthorizationGenerator, addAuthorizationGenerators, defaultAuthenticator, defaultCredentialsExtractor, defaultProfileCreator, getAuthenticator, getAuthorizationGenerators, getCredentialsExtractor, getCustomProperties, getName, getProfileCreator, getProfileFactoryWhenNotAuthenticated, getSaveProfileInSession, getUserProfile, isMultiProfile, notifySessionRenewal, renewUserProfile, retrieveCredentials, retrieveUserProfile, setAuthenticator, setAuthorizationGenerator, setAuthorizationGenerators, setAuthorizationGenerators, setCredentialsExtractor, setCustomProperties, setMultiProfile, setName, setProfileCreator, setProfileFactoryWhenNotAuthenticated, setSaveProfileInSession
-
Methods inherited from class org.pac4j.core.util.InitializableObject
init, internalInit, isInitialized
-
-
-
-
Field Detail
-
ATTEMPTED_AUTHENTICATION_SUFFIX
public static final java.lang.String ATTEMPTED_AUTHENTICATION_SUFFIX
- See Also:
- Constant Field Values
-
callbackUrl
protected java.lang.String callbackUrl
-
urlResolver
protected UrlResolver urlResolver
-
callbackUrlResolver
protected CallbackUrlResolver callbackUrlResolver
-
-
Method Detail
-
beforeInternalInit
protected void beforeInternalInit()
- Overrides:
beforeInternalInitin classInitializableObject
-
afterInternalInit
protected final void afterInternalInit()
- Overrides:
afterInternalInitin classInitializableObject
-
newDefaultCallbackUrlResolver
protected CallbackUrlResolver newDefaultCallbackUrlResolver()
-
getRedirectionAction
public final java.util.Optional<RedirectionAction> getRedirectionAction(WebContext context, SessionStore sessionStore)
If an authentication has already been tried for this client and has failed (
nullcredentials) or if the request is an AJAX one, an unauthorized response is thrown instead of a "redirection".- Parameters:
context- contextsessionStore- the session store- Returns:
- the "redirection" action
-
getCredentials
public final java.util.Optional<Credentials> getCredentials(WebContext context, SessionStore sessionStore)
Get the credentials from the web context. In some cases, a
HttpActionmay be thrown:- if the
CasClientreceives a logout request, it returns a 200 HTTP status code - for the
IndirectBasicAuthClient, if no credentials are sent to the callback url, an unauthorized response (401 HTTP status code) is returned to request credentials through a popup.
- Parameters:
context- the current web contextsessionStore- the session store- Returns:
- the credentials
- if the
-
getLogoutAction
public final java.util.Optional<RedirectionAction> getLogoutAction(WebContext context, SessionStore sessionStore, UserProfile currentProfile, java.lang.String targetUrl)
Description copied from interface:ClientReturn the logout action (indirect clients).
- Parameters:
context- the current web contextsessionStore- the session storecurrentProfile- the currentProfiletargetUrl- the target url after logout- Returns:
- the redirection to perform (optional)
-
computeFinalCallbackUrl
public java.lang.String computeFinalCallbackUrl(WebContext context)
-
setCallbackUrl
public void setCallbackUrl(java.lang.String callbackUrl)
-
getCallbackUrl
public java.lang.String getCallbackUrl()
-
getUrlResolver
public UrlResolver getUrlResolver()
-
setUrlResolver
public void setUrlResolver(UrlResolver urlResolver)
-
getCallbackUrlResolver
public CallbackUrlResolver getCallbackUrlResolver()
-
setCallbackUrlResolver
public void setCallbackUrlResolver(CallbackUrlResolver callbackUrlResolver)
-
getAjaxRequestResolver
public AjaxRequestResolver getAjaxRequestResolver()
-
setAjaxRequestResolver
public void setAjaxRequestResolver(AjaxRequestResolver ajaxRequestResolver)
-
getRedirectionActionBuilder
public RedirectionActionBuilder getRedirectionActionBuilder()
-
defaultRedirectionActionBuilder
protected void defaultRedirectionActionBuilder(RedirectionActionBuilder redirectActionBuilder)
-
getLogoutActionBuilder
public LogoutActionBuilder getLogoutActionBuilder()
-
defaultLogoutActionBuilder
protected void defaultLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)
-
setRedirectionActionBuilder
public void setRedirectionActionBuilder(RedirectionActionBuilder redirectionActionBuilder)
-
setLogoutActionBuilder
public void setLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)
-
getStateSessionAttributeName
public java.lang.String getStateSessionAttributeName()
-
getNonceSessionAttributeName
public java.lang.String getNonceSessionAttributeName()
-
getCodeVerifierSessionAttributeName
public java.lang.String getCodeVerifierSessionAttributeName()
-
isCheckAuthenticationAttempt
public boolean isCheckAuthenticationAttempt()
-
setCheckAuthenticationAttempt
public void setCheckAuthenticationAttempt(boolean checkAuthenticationAttempt)
-
toString
public java.lang.String toString()
- Overrides:
toStringin classBaseClient
-
-