Package org.pac4j.core.client

Class IndirectClient

java.lang.Object

org.pac4j.core.util.InitializableObject

org.pac4j.core.client.BaseClient

org.pac4j.core.client.IndirectClient

All Implemented Interfaces:

Client

public abstract class IndirectClient
extends BaseClient

Indirect client: the requested protected URL is saved, the user is redirected to the identity provider for login and back to the application after the sucessful authentication and finally to the originally requested URL.

Since:

1.9.0

Author:

Jerome Leleu

Field Summary

Fields

Modifier and Type	Field	Description
static final String	ATTEMPTED_AUTHENTICATION_SUFFIX
protected String	callbackUrl
protected CallbackUrlResolver	callbackUrlResolver
protected UrlResolver	urlResolver

Fields inherited from class org.pac4j.core.client.BaseClient

logger, saveProfileInSession

Constructor Summary

Constructors

Constructor	Description
IndirectClient()

Method Summary

Modifier and Type	Method	Description
protected final void	afterInternalInit(boolean forceReinit)
protected void	beforeInternalInit(boolean forceReinit)
String	computeFinalCallbackUrl(WebContext context)
protected void	defaultLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)
protected void	defaultRedirectionActionBuilder(RedirectionActionBuilder redirectActionBuilder)
String	getCodeVerifierSessionAttributeName()
final Optional<Credentials>	getCredentials(WebContext context, SessionStore sessionStore, ProfileManagerFactory profileManagerFactory)	Get the credentials from the web context.
final Optional<RedirectionAction>	getLogoutAction(WebContext context, SessionStore sessionStore, UserProfile currentProfile, String targetUrl)	Return the logout action (indirect clients).
String	getNonceSessionAttributeName()
final Optional<RedirectionAction>	getRedirectionAction(WebContext context, SessionStore sessionStore)	If an authentication has already been tried for this client and has failed (null credentials) or if the request is an AJAX one, an unauthorized response is thrown instead of a "redirection".
String	getStateSessionAttributeName()
protected CallbackUrlResolver	newDefaultCallbackUrlResolver()

Methods inherited from class org.pac4j.core.client.BaseClient

addAuthorizationGenerator, addAuthorizationGenerators, defaultAuthenticator, defaultCredentialsExtractor, defaultProfileCreator, getName, getSaveProfileInSession, getUserProfile, isMultiProfile, notifySessionRenewal, renewUserProfile, retrieveCredentials, retrieveUserProfile, setAuthorizationGenerator, setAuthorizationGenerators, setAuthorizationGenerators, setCustomProperties, setProfileFactoryWhenNotAuthenticated

Methods inherited from class org.pac4j.core.util.InitializableObject

getNbAttempts, init, init, internalInit, isInitialized, reinit, shouldInitialize

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

ATTEMPTED_AUTHENTICATION_SUFFIX

public static final String ATTEMPTED_AUTHENTICATION_SUFFIX

See Also:

• Constant Field Values

callbackUrl

protected String callbackUrl

urlResolver

protected UrlResolver urlResolver

callbackUrlResolver

protected CallbackUrlResolver callbackUrlResolver

Constructor Details

IndirectClient

public IndirectClient()

Method Details

beforeInternalInit

protected void beforeInternalInit(boolean forceReinit)

Overrides:

beforeInternalInit in class InitializableObject

afterInternalInit

protected final void afterInternalInit(boolean forceReinit)

Overrides:

afterInternalInit in class InitializableObject

newDefaultCallbackUrlResolver

protected CallbackUrlResolver newDefaultCallbackUrlResolver()

getRedirectionAction

public final Optional<RedirectionAction> getRedirectionAction(WebContext context,
 SessionStore sessionStore)

If an authentication has already been tried for this client and has failed (null credentials) or if the request is an AJAX one, an unauthorized response is thrown instead of a "redirection".

Parameters:

context - context

sessionStore - the session store

Returns:

the "redirection" action

getCredentials

public final Optional<Credentials> getCredentials(WebContext context,
 SessionStore sessionStore,
 ProfileManagerFactory profileManagerFactory)

Get the credentials from the web context. In some cases, a HttpAction may be thrown:

• if the CasClient receives a logout request, it returns a 200 HTTP status code
• for the IndirectBasicAuthClient, if no credentials are sent to the callback url, an unauthorized response (401 HTTP status code) is returned to request credentials through a popup.

Parameters:

context - the current web context

sessionStore - the session store

profileManagerFactory - the profile manager factory

Returns:

the credentials

getLogoutAction

public final Optional<RedirectionAction> getLogoutAction(WebContext context,
 SessionStore sessionStore,
 UserProfile currentProfile,
 String targetUrl)

Description copied from interface: Client

Return the logout action (indirect clients).

Parameters:

context - the current web context

sessionStore - the session store

currentProfile - the currentProfile

targetUrl - the target url after logout

Returns:

the redirection to perform (optional)

computeFinalCallbackUrl

public String computeFinalCallbackUrl(WebContext context)

defaultRedirectionActionBuilder

protected void defaultRedirectionActionBuilder(RedirectionActionBuilder redirectActionBuilder)

defaultLogoutActionBuilder

protected void defaultLogoutActionBuilder(LogoutActionBuilder logoutActionBuilder)

getStateSessionAttributeName

public String getStateSessionAttributeName()

getNonceSessionAttributeName

public String getNonceSessionAttributeName()

getCodeVerifierSessionAttributeName

public String getCodeVerifierSessionAttributeName()