public interface Client<C extends Credentials,U extends UserProfile>
This interface is the core of pac4j
. It represents an authentication mechanism to validate user's credentials and
retrieve the user profile.
Clients can be "indirect": in that case, credentials are not provided with the HTTP request, but the user must be redirected to an identity provider to perform login, the original requested url being saved and restored after the authentication process is done.
The redirect(WebContext, boolean)
method is called to redirect the user to the identity provider,
the getCredentials(WebContext)
method is used to retrieve the credentials provided by the remote identity provider and
the getUserProfile(Credentials, WebContext)
method is called to get the user profile from the identity provider and based
on the provided credentials.
Clients can be "direct": in that case, credentials are provided along with the HTTP request and validated by the application.
The redirect(WebContext, boolean)
method is not used, the getCredentials(WebContext)
method is used to retrieve
and validate the credentials provided and the getUserProfile(Credentials, WebContext)
method is called to get the user profile from
the appropriate system.
Modifier and Type | Method and Description |
---|---|
C |
getCredentials(WebContext context)
Get the credentials from the web context.
|
String |
getName()
Get the name of the client.
|
U |
getUserProfile(C credentials,
WebContext context)
Get the user profile based on the provided credentials.
|
void |
redirect(WebContext context,
boolean protectedTarget)
Redirect to the authentication provider for an indirect client.
|
String getName()
void redirect(WebContext context, boolean protectedTarget) throws RequiresHttpAction
Redirect to the authentication provider for an indirect client.
context
- the current web contextprotectedTarget
- whether the target url is protectedRequiresHttpAction
- whether an additional HTTP action is requiredC getCredentials(WebContext context) throws RequiresHttpAction
Get the credentials from the web context. If no validation was made remotely (direct client), credentials must be validated at this step.
In some cases, a RequiresHttpAction
may be thrown instead.
context
- the current web contextRequiresHttpAction
- whether an additional HTTP action is requiredU getUserProfile(C credentials, WebContext context)
credentials
- credentialscontext
- web contextCopyright © 2016. All rights reserved.