Modifier and Type | Method and Description |
---|---|
protected CasCredentials |
CasProxyReceptor.retrieveCredentials(WebContext context) |
protected CasCredentials |
CasClient.retrieveCredentials(WebContext context) |
protected RedirectAction |
CasProxyReceptor.retrieveRedirectAction(WebContext context) |
protected CasProfile |
CasProxyReceptor.retrieveUserProfile(CasCredentials credentials,
WebContext context) |
protected CasProfile |
CasClient.retrieveUserProfile(CasCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
CasRestAuthenticator.validate(UsernamePasswordCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
protected boolean |
CheckHttpMethodAuthorizer.check(WebContext context,
CommonProfile profile,
HttpConstants.HTTP_METHOD element) |
protected boolean |
CheckProfileTypeAuthorizer.check(WebContext context,
U profile,
Class<U> element) |
protected abstract boolean |
AbstractRequireElementAuthorizer.check(WebContext context,
U profile,
E element)
Check a specific element.
|
protected boolean |
RequireAnyRoleAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAnyPermissionAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAllRolesAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAllPermissionsAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
ProfileAuthorizer.handleError(WebContext context)
Handle the error.
|
protected boolean |
AbstractCheckAuthenticationAuthorizer.handleError(WebContext context) |
boolean |
ProfileAuthorizer.isAllAuthorized(WebContext context,
List<U> profiles)
If all profiles are authorized.
|
boolean |
ProfileAuthorizer.isAnyAuthorized(WebContext context,
List<U> profiles)
If any of the profiles is authorized.
|
boolean |
XSSProtectionHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
XFrameOptionsHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
XContentTypeOptionsHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
StrictTransportSecurityHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
CacheControlHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
IsRememberedAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
IsFullyAuthenticatedAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
IsAuthenticatedAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
IsAnonymousAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
Authorizer.isAuthorized(WebContext context,
List<U> profiles)
Checks if the user profiles and / or the current web context are authorized.
|
boolean |
AbstractRequireElementAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
protected abstract boolean |
ProfileAuthorizer.isProfileAuthorized(WebContext context,
U profile)
Whether a specific profile is authorized.
|
boolean |
IsRememberedAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
boolean |
IsFullyAuthenticatedAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
boolean |
IsAuthenticatedAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
boolean |
IsAnonymousAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
protected boolean |
AbstractRequireAnyAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
protected boolean |
AbstractRequireAllAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
Modifier and Type | Method and Description |
---|---|
boolean |
CsrfTokenGeneratorAuthorizer.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
CsrfAuthorizer.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
Modifier and Type | Method and Description |
---|---|
protected boolean |
DefaultAuthorizationChecker.isAuthorized(WebContext context,
List<CommonProfile> profiles,
List<Authorizer> authorizers) |
boolean |
DefaultAuthorizationChecker.isAuthorized(WebContext context,
List<CommonProfile> profiles,
String authorizerNames,
Map<String,Authorizer> authorizersMap) |
boolean |
AuthorizationChecker.isAuthorized(WebContext context,
List<CommonProfile> profiles,
String authorizerNames,
Map<String,Authorizer> authorizersMap)
Check whether the user is authorized.
|
Modifier and Type | Method and Description |
---|---|
HttpAction |
IndirectClient.redirect(WebContext context) |
HttpAction |
DirectClient.redirect(WebContext context) |
HttpAction |
Client.redirect(WebContext context)
Redirect to the authentication provider for an indirect client.
|
Modifier and Type | Method and Description |
---|---|
C |
IndirectClient.getCredentials(WebContext context)
Get the credentials from the web context.
|
C |
DirectClientV2.getCredentials(WebContext context) |
C |
Client.getCredentials(WebContext context)
Get the credentials from the web context.
|
RedirectAction |
IndirectClient.getRedirectAction(WebContext context)
Get the redirectAction computed for this client.
|
U |
Client.getUserProfile(C credentials,
WebContext context)
Get the user profile based on the provided credentials.
|
U |
BaseClient.getUserProfile(C credentials,
WebContext context) |
HttpAction |
IndirectClient.redirect(WebContext context) |
HttpAction |
DirectClient.redirect(WebContext context) |
HttpAction |
Client.redirect(WebContext context)
Redirect to the authentication provider for an indirect client.
|
protected C |
IndirectClientV2.retrieveCredentials(WebContext context) |
protected abstract C |
IndirectClient.retrieveCredentials(WebContext context)
Retrieve the credentials.
|
protected RedirectAction |
IndirectClientV2.retrieveRedirectAction(WebContext context) |
protected abstract RedirectAction |
IndirectClient.retrieveRedirectAction(WebContext context)
Retrieve the redirect action.
|
protected U |
IndirectClientV2.retrieveUserProfile(C credentials,
WebContext context) |
protected U |
DirectClientV2.retrieveUserProfile(C credentials,
WebContext context) |
protected abstract U |
BaseClient.retrieveUserProfile(C credentials,
WebContext context)
Retrieve a user userprofile.
|
Modifier and Type | Method and Description |
---|---|
AnonymousCredentials |
AnonymousClient.getCredentials(WebContext context) |
protected AnonymousProfile |
AnonymousClient.retrieveUserProfile(AnonymousCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
Authenticator.validate(C credentials,
WebContext context)
Validate the credentials.
|
void |
TokenAuthenticator.validate(TokenCredentials credentials,
WebContext context) |
void |
LocalCachingAuthenticator.validate(T credentials,
WebContext context) |
void |
UsernamePasswordAuthenticator.validate(UsernamePasswordCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
TokenCredentials |
HeaderExtractor.extract(WebContext context) |
UsernamePasswordCredentials |
FormExtractor.extract(WebContext context) |
C |
CredentialsExtractor.extract(WebContext context)
Extract the right credentials.
|
UsernamePasswordCredentials |
BasicAuthExtractor.extract(WebContext context) |
Modifier and Type | Method and Description |
---|---|
protected HttpAction |
DefaultSecurityLogic.forbidden(C context,
List<Client> currentClients,
List<CommonProfile> profiles,
String authorizers)
Return a forbidden error.
|
protected HttpAction |
DefaultSecurityLogic.redirectToIdentityProvider(C context,
List<Client> currentClients)
Perform a redirection to start the login process of the first indirect client.
|
protected HttpAction |
DefaultCallbackLogic.redirectToOriginallyRequestedUrl(C context,
String defaultUrl) |
protected HttpAction |
DefaultSecurityLogic.unauthorized(C context,
List<Client> currentClients)
Return an unauthorized error.
|
Modifier and Type | Method and Description |
---|---|
protected HttpAction |
DefaultSecurityLogic.redirectToIdentityProvider(C context,
List<Client> currentClients)
Perform a redirection to start the login process of the first indirect client.
|
protected void |
DefaultSecurityLogic.saveRequestedUrl(C context,
List<Client> currentClients)
Save the requested url.
|
Modifier and Type | Method and Description |
---|---|
static HttpAction |
HttpAction.forbidden(String message,
WebContext context)
Build a forbidden response.
|
static HttpAction |
HttpAction.ok(String message,
WebContext context)
Build an HTTP Ok.
|
static HttpAction |
HttpAction.ok(String message,
WebContext context,
String content)
Build an HTTP Ok.
|
static HttpAction |
HttpAction.redirect(String message,
WebContext context,
String url)
Build a redirection.
|
static HttpAction |
HttpAction.status(String message,
int status,
WebContext context)
Build a response with message and status.
|
static HttpAction |
HttpAction.unauthorized(String message,
WebContext context,
String realmName)
Build a basic auth popup credentials.
|
static HttpAction |
HttpAction.unauthorizedDigest(String message,
WebContext context,
String realmName,
String qop,
String nonce)
Build a digest auth popup credentials.
|
Modifier and Type | Method and Description |
---|---|
boolean |
Matcher.matches(WebContext context)
Check if the web context matches.
|
boolean |
MatchingChecker.matches(WebContext context,
String matcherNames,
Map<String,Matcher> matchersMap)
Check if the web context matches.
|
boolean |
DefaultMatchingChecker.matches(WebContext context,
String matcherNames,
Map<String,Matcher> matchersMap) |
Modifier and Type | Method and Description |
---|---|
U |
ProfileCreator.create(C credentials,
WebContext context)
Create a profile from a credentials.
|
P |
AuthenticatorProfileCreator.create(C credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
RedirectAction |
RedirectActionBuilder.redirect(WebContext context)
Return a redirect action for the web context.
|
Modifier and Type | Method and Description |
---|---|
protected GaeUserCredentials |
GaeUserServiceClient.retrieveCredentials(WebContext context) |
protected GaeUserServiceProfile |
GaeUserServiceClient.retrieveUserProfile(GaeUserCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
DigestCredentials |
DirectDigestAuthClient.getCredentials(WebContext context)
Per RFC 2617
If a server receives a request for an access-protected object, and an
acceptable Authorization header is not sent, the server responds with
a "401 Unauthorized" status code, and a WWW-Authenticate header
|
Modifier and Type | Method and Description |
---|---|
protected UsernamePasswordCredentials |
IndirectBasicAuthClient.retrieveCredentials(WebContext context) |
protected UsernamePasswordCredentials |
FormClient.retrieveCredentials(WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
IpRegexpAuthenticator.validate(TokenCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
SimpleTestTokenAuthenticator.validate(TokenCredentials credentials,
WebContext context) |
void |
SimpleTestDigestAuthenticator.validate(TokenCredentials credentials,
WebContext context) |
void |
SimpleTestUsernamePasswordAuthenticator.validate(UsernamePasswordCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
TokenCredentials |
ParameterExtractor.extract(WebContext context) |
TokenCredentials |
IpExtractor.extract(WebContext context) |
DigestCredentials |
DigestAuthExtractor.extract(WebContext context)
Extracts digest Authorization header components.
|
TokenCredentials |
CookieExtractor.extract(WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
JwtAuthenticator.validate(TokenCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
LdapAuthenticator.validate(UsernamePasswordCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
MongoAuthenticator.validate(UsernamePasswordCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
protected YahooProfile |
YahooClient.extractUserProfile(String body) |
protected WordPressProfile |
WordPressClient.extractUserProfile(String body) |
protected WindowsLiveProfile |
WindowsLiveClient.extractUserProfile(String body) |
protected VkProfile |
VkClient.extractUserProfile(String body) |
protected TwitterProfile |
TwitterClient.extractUserProfile(String body) |
protected StravaProfile |
StravaClient.extractUserProfile(String body) |
protected PayPalProfile |
PayPalClient.extractUserProfile(String body) |
protected OrcidProfile |
OrcidClient.extractUserProfile(String body) |
protected OkProfile |
OkClient.extractUserProfile(String body) |
protected LinkedIn2Profile |
LinkedIn2Client.extractUserProfile(String body) |
protected Google2Profile |
Google2Client.extractUserProfile(String body) |
protected GitHubProfile |
GitHubClient.extractUserProfile(String body) |
protected FoursquareProfile |
FoursquareClient.extractUserProfile(String body) |
protected FacebookProfile |
FacebookClient.extractUserProfile(String body) |
protected DropBoxProfile |
DropBoxClient.extractUserProfile(String body) |
protected CasOAuthWrapperProfile |
CasOAuthWrapperClient.extractUserProfile(String body) |
protected BitbucketProfile |
BitbucketClient.extractUserProfile(String body) |
protected abstract U |
BaseOAuthClient.extractUserProfile(String body)
Extract the user profile from the response (JSON, XML...) of the profile url.
|
protected abstract T |
BaseOAuthClient.getAccessToken(OAuthCredentials credentials)
Get the access token from OAuth credentials.
|
protected com.github.scribejava.core.model.OAuth2AccessToken |
BaseOAuth20Client.getAccessToken(OAuthCredentials credentials) |
protected com.github.scribejava.core.model.OAuth1Token |
BaseOAuth10Client.getAccessToken(OAuthCredentials credentials) |
protected OAuthCredentials |
DropBoxClient.getOAuthCredentials(WebContext context) |
protected abstract OAuthCredentials |
BaseOAuthClient.getOAuthCredentials(WebContext context)
Get the OAuth credentials from the web context.
|
protected OAuthCredentials |
BaseOAuth20StateClient.getOAuthCredentials(WebContext context) |
protected OAuthCredentials |
BaseOAuth20Client.getOAuthCredentials(WebContext context) |
protected OAuthCredentials |
BaseOAuth10Client.getOAuthCredentials(WebContext context) |
protected abstract String |
BaseOAuthClient.retrieveAuthorizationUrl(WebContext context)
Retrieve the authorization url to redirect to the OAuth provider.
|
protected String |
BaseOAuth20StateClient.retrieveAuthorizationUrl(WebContext context) |
protected String |
BaseOAuth20Client.retrieveAuthorizationUrl(WebContext context) |
protected String |
BaseOAuth10Client.retrieveAuthorizationUrl(WebContext context) |
protected OAuthCredentials |
BaseOAuthClient.retrieveCredentials(WebContext context) |
protected RedirectAction |
BaseOAuthClient.retrieveRedirectAction(WebContext context) |
protected U |
BaseOAuthClient.retrieveUserProfile(OAuthCredentials credentials,
WebContext context) |
protected YahooProfile |
YahooClient.retrieveUserProfileFromToken(com.github.scribejava.core.model.OAuth1Token accessToken) |
protected FacebookProfile |
FacebookClient.retrieveUserProfileFromToken(com.github.scribejava.core.model.OAuth2AccessToken accessToken) |
protected U |
BaseOAuthClient.retrieveUserProfileFromToken(T accessToken)
Retrieve the user profile from the access token.
|
Modifier and Type | Method and Description |
---|---|
protected OidcCredentials |
OidcClient.retrieveCredentials(WebContext context) |
protected RedirectAction |
OidcClient.retrieveRedirectAction(WebContext context) |
protected U |
OidcClient.retrieveUserProfile(OidcCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
protected YahooOpenIdProfile |
YahooOpenIdClient.createProfile(org.openid4java.message.AuthSuccess authSuccess) |
protected abstract U |
BaseOpenIdClient.createProfile(org.openid4java.message.AuthSuccess authSuccess)
Create the appropriate OpenID profile.
|
protected OpenIdCredentials |
BaseOpenIdClient.retrieveCredentials(WebContext context) |
protected RedirectAction |
BaseOpenIdClient.retrieveRedirectAction(WebContext context) |
protected U |
BaseOpenIdClient.retrieveUserProfile(OpenIdCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
protected SAML2Credentials |
SAML2Client.retrieveCredentials(WebContext wc) |
protected RedirectAction |
SAML2Client.retrieveRedirectAction(WebContext wc) |
protected SAML2Profile |
SAML2Client.retrieveUserProfile(SAML2Credentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
DbAuthenticator.validate(UsernamePasswordCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
StormpathAuthenticator.validate(UsernamePasswordCredentials credentials,
WebContext context) |
Copyright © 2016. All rights reserved.