public interface Client<C extends Credentials,U extends CommonProfile>
This interface is the core class of the library. It represents an authentication mechanism to validate user's credentials and retrieve his user profile.
Clients can be "indirect": in that case, credentials are not provided with the HTTP request, but the user must be redirected to an identity provider to perform login, the original requested url being saved and restored after the authentication process is done.
The redirect(WebContext)
method is called to redirect the user to the identity provider,
the getCredentials(WebContext)
method is used to retrieve the credentials provided by the remote identity provider and
the getUserProfile(Credentials, WebContext)
method is called to get the user profile from the identity provider and based
on the provided credentials.
Clients can be "direct": in that case, credentials are provided along with the HTTP request and validated by the application.
The redirect(WebContext)
method is not used, the getCredentials(WebContext)
method is used to retrieve
and validate the credentials provided and the getUserProfile(Credentials, WebContext)
method is called to get the user profile from
the appropriate system.
Modifier and Type | Method and Description |
---|---|
C |
getCredentials(WebContext context)
Get the credentials from the web context.
|
RedirectAction |
getLogoutAction(WebContext context,
U currentProfile,
String targetUrl)
Return the logout action (indirect clients).
|
String |
getName()
Get the name of the client.
|
U |
getUserProfile(C credentials,
WebContext context)
Get the user profile based on the provided credentials.
|
HttpAction |
redirect(WebContext context)
Redirect to the authentication provider for an indirect client.
|
String getName()
HttpAction redirect(WebContext context) throws HttpAction
Redirect to the authentication provider for an indirect client.
context
- the current web contextHttpAction
- whether an additional HTTP action is requiredC getCredentials(WebContext context) throws HttpAction
Get the credentials from the web context. If no validation was made remotely (direct client), credentials must be validated at this step.
In some cases, a HttpAction
may be thrown instead.
context
- the current web contextHttpAction
- whether an additional HTTP action is requiredU getUserProfile(C credentials, WebContext context) throws HttpAction
credentials
- credentialscontext
- web contextHttpAction
- whether an additional HTTP action is requiredRedirectAction getLogoutAction(WebContext context, U currentProfile, String targetUrl)
Return the logout action (indirect clients).
context
- the current web contextcurrentProfile
- the currentProfiletargetUrl
- the target url after logoutCopyright © 2017. All rights reserved.