Package org.pac4j.core.client

Class IndirectClient

java.lang.Object
org.pac4j.core.util.InitializableObject
org.pac4j.core.client.BaseClient
org.pac4j.core.client.IndirectClient
All Implemented Interfaces:
Client
public abstract class IndirectClient extends BaseClient
Indirect client: the requested protected URL is saved, the user is redirected to the identity provider for login and back to the application after the sucessful authentication and finally to the originally requested URL.
Since:
1.9.0
Author:
Jerome Leleu

  • Field Details

    • ATTEMPTED_AUTHENTICATION_SUFFIX

      public static final String ATTEMPTED_AUTHENTICATION_SUFFIX
      Constant ATTEMPTED_AUTHENTICATION_SUFFIX="$attemptedAuthentication"
      See Also:

    • callbackUrl

      protected String callbackUrl

    • urlResolver

      protected UrlResolver urlResolver

    • callbackUrlResolver

      protected CallbackUrlResolver callbackUrlResolver

  • Constructor Details

    • IndirectClient

      public IndirectClient()

  • Method Details

    • beforeInternalInit

      protected void beforeInternalInit(boolean forceReinit)

      beforeInternalInit.

      Overrides:
      beforeInternalInit in class InitializableObject
      Parameters:
      forceReinit - a boolean

    • afterInternalInit

      protected final void afterInternalInit(boolean forceReinit)

      afterInternalInit.

      Overrides:
      afterInternalInit in class InitializableObject
      Parameters:
      forceReinit - a boolean

    • newDefaultCallbackUrlResolver

      protected CallbackUrlResolver newDefaultCallbackUrlResolver()

      newDefaultCallbackUrlResolver.

      Returns:
      a CallbackUrlResolver object

    • getRedirectionAction

      public final Optional<RedirectionAction> getRedirectionAction(CallContext ctx)

      Return the redirection action to the authentication provider (indirect clients).

      If an authentication has already been tried for this client and has failed (null credentials) or if the request is an AJAX one, an unauthorized response is thrown instead of a "redirection".

      Parameters:
      ctx - the current context
      Returns:
      the redirection to perform (optional)

    • checkCredentials

      protected void checkCredentials(CallContext ctx, Credentials credentials)
      Check the credentials.
      Overrides:
      checkCredentials in class BaseClient
      Parameters:
      ctx - the context
      credentials - the credentials

    • processLogout

      public HttpAction processLogout(CallContext ctx, Credentials credentials)
      Process the logout.
      Parameters:
      ctx - the current context
      credentials - the logout credentials
      Returns:
      the resulting HTTP action

    • getLogoutAction

      public final Optional<RedirectionAction> getLogoutAction(CallContext ctx, UserProfile currentProfile, String targetUrl)

      Return the logout action (indirect clients).

      Parameters:
      ctx - the current context
      currentProfile - the currentProfile
      targetUrl - the target url after logout
      Returns:
      the redirection to perform (optional)

    • computeFinalCallbackUrl

      public String computeFinalCallbackUrl(WebContext context)

      computeFinalCallbackUrl.

      Parameters:
      context - a WebContext object
      Returns:
      a String object

    • getStateSessionAttributeName

      public String getStateSessionAttributeName()

      getStateSessionAttributeName.

      Returns:
      a String object

    • getNonceSessionAttributeName

      public String getNonceSessionAttributeName()

      getNonceSessionAttributeName.

      Returns:
      a String object

    • getCodeVerifierSessionAttributeName

      public String getCodeVerifierSessionAttributeName()

      getCodeVerifierSessionAttributeName.

      Returns:
      a String object

    • setRedirectionActionBuilderIfUndefined

      protected void setRedirectionActionBuilderIfUndefined(RedirectionActionBuilder redirectActionBuilder)

      setRedirectionActionBuilderIfUndefined.

      Parameters:
      redirectActionBuilder - a RedirectionActionBuilder object

    • setLogoutProcessorIfUndefined

      protected void setLogoutProcessorIfUndefined(LogoutProcessor logoutProcessor)

      setLogoutProcessorIfUndefined.

      Parameters:
      logoutProcessor - a LogoutProcessor object

    • setLogoutActionBuilderIfUndefined

      protected void setLogoutActionBuilderIfUndefined(LogoutActionBuilder logoutActionBuilder)

      setLogoutActionBuilderIfUndefined.

      Parameters:
      logoutActionBuilder - a LogoutActionBuilder object