Modifier and Type | Method and Description |
---|---|
protected TokenCredentials |
DirectCasClient.retrieveCredentials(WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
CasAuthenticator.validate(TokenCredentials credentials,
WebContext context) |
void |
CasRestAuthenticator.validate(UsernamePasswordCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
TokenCredentials |
TicketAndLogoutRequestExtractor.extract(WebContext context) |
Modifier and Type | Method and Description |
---|---|
RedirectAction |
CasRedirectActionBuilder.redirect(WebContext context) |
Modifier and Type | Method and Description |
---|---|
protected boolean |
CheckHttpMethodAuthorizer.check(WebContext context,
CommonProfile profile,
HttpConstants.HTTP_METHOD element) |
protected boolean |
CheckProfileTypeAuthorizer.check(WebContext context,
U profile,
Class<U> element) |
protected abstract boolean |
AbstractRequireElementAuthorizer.check(WebContext context,
U profile,
E element)
Check a specific element.
|
protected boolean |
RequireAnyRoleAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAnyPermissionAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAnyAttributeAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAllRolesAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAllPermissionsAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
ProfileAuthorizer.handleError(WebContext context)
Handle the error.
|
protected boolean |
AbstractCheckAuthenticationAuthorizer.handleError(WebContext context) |
boolean |
ProfileAuthorizer.isAllAuthorized(WebContext context,
List<U> profiles)
If all profiles are authorized.
|
boolean |
ProfileAuthorizer.isAnyAuthorized(WebContext context,
List<U> profiles)
If any of the profiles is authorized.
|
boolean |
XSSProtectionHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
XFrameOptionsHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
XContentTypeOptionsHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
StrictTransportSecurityHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
CorsAuthorizer.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
CacheControlHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
IsRememberedAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
IsFullyAuthenticatedAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
IsAuthenticatedAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
IsAnonymousAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
Authorizer.isAuthorized(WebContext context,
List<U> profiles)
Checks if the user profiles and / or the current web context are authorized.
|
boolean |
AbstractRequireElementAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
protected abstract boolean |
ProfileAuthorizer.isProfileAuthorized(WebContext context,
U profile)
Whether a specific profile is authorized.
|
boolean |
IsRememberedAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
boolean |
IsFullyAuthenticatedAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
boolean |
IsAuthenticatedAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
boolean |
IsAnonymousAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
protected boolean |
AbstractRequireAnyAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
protected boolean |
AbstractRequireAllAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
Modifier and Type | Method and Description |
---|---|
boolean |
CsrfTokenGeneratorAuthorizer.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
CsrfAuthorizer.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
Modifier and Type | Method and Description |
---|---|
protected boolean |
DefaultAuthorizationChecker.isAuthorized(WebContext context,
List<CommonProfile> profiles,
List<Authorizer> authorizers) |
boolean |
DefaultAuthorizationChecker.isAuthorized(WebContext context,
List<CommonProfile> profiles,
String authorizerNames,
Map<String,Authorizer> authorizersMap) |
boolean |
AuthorizationChecker.isAuthorized(WebContext context,
List<CommonProfile> profiles,
String authorizerNames,
Map<String,Authorizer> authorizersMap)
Check whether the user is authorized.
|
Modifier and Type | Method and Description |
---|---|
HttpAction |
IndirectClient.redirect(WebContext context) |
HttpAction |
DirectClient.redirect(WebContext context) |
HttpAction |
Client.redirect(WebContext context)
Redirect to the authentication provider for an indirect client.
|
Modifier and Type | Method and Description |
---|---|
C |
IndirectClient.getCredentials(WebContext context)
Get the credentials from the web context.
|
C |
DirectClient.getCredentials(WebContext context) |
C |
Client.getCredentials(WebContext context)
Get the credentials from the web context.
|
RedirectAction |
IndirectClient.getRedirectAction(WebContext context)
Get the redirectAction computed for this client.
|
U |
Client.getUserProfile(C credentials,
WebContext context)
Get the user profile based on the provided credentials.
|
U |
BaseClient.getUserProfile(C credentials,
WebContext context) |
HttpAction |
IndirectClient.redirect(WebContext context) |
HttpAction |
DirectClient.redirect(WebContext context) |
HttpAction |
Client.redirect(WebContext context)
Redirect to the authentication provider for an indirect client.
|
protected C |
BaseClient.retrieveCredentials(WebContext context)
Retrieve the credentials.
|
protected U |
BaseClient.retrieveUserProfile(C credentials,
WebContext context)
Retrieve a user userprofile.
|
Modifier and Type | Method and Description |
---|---|
void |
Authenticator.validate(C credentials,
WebContext context)
Validate the credentials.
|
void |
LocalCachingAuthenticator.validate(T credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
TokenCredentials |
ParameterExtractor.extract(WebContext context) |
TokenCredentials |
HeaderExtractor.extract(WebContext context) |
UsernamePasswordCredentials |
FormExtractor.extract(WebContext context) |
C |
CredentialsExtractor.extract(WebContext context)
Extract the right credentials.
|
UsernamePasswordCredentials |
BasicAuthExtractor.extract(WebContext context) |
Modifier and Type | Method and Description |
---|---|
protected HttpAction |
DefaultSecurityLogic.forbidden(C context,
List<Client> currentClients,
List<CommonProfile> profiles,
String authorizers)
Return a forbidden error.
|
protected HttpAction |
DefaultSecurityLogic.redirectToIdentityProvider(C context,
List<Client> currentClients)
Perform a redirection to start the login process of the first indirect client.
|
protected HttpAction |
DefaultCallbackLogic.redirectToOriginallyRequestedUrl(C context,
String defaultUrl) |
protected HttpAction |
DefaultSecurityLogic.unauthorized(C context,
List<Client> currentClients)
Return an unauthorized error.
|
Modifier and Type | Method and Description |
---|---|
protected HttpAction |
DefaultSecurityLogic.forbidden(C context,
List<Client> currentClients,
List<CommonProfile> profiles,
String authorizers)
Return a forbidden error.
|
protected HttpAction |
DefaultSecurityLogic.redirectToIdentityProvider(C context,
List<Client> currentClients)
Perform a redirection to start the login process of the first indirect client.
|
protected void |
DefaultSecurityLogic.saveRequestedUrl(C context,
List<Client> currentClients)
Save the requested url.
|
protected HttpAction |
DefaultSecurityLogic.unauthorized(C context,
List<Client> currentClients)
Return an unauthorized error.
|
Modifier and Type | Method and Description |
---|---|
static HttpAction |
HttpAction.forbidden(String message,
WebContext context)
Build a forbidden response.
|
static HttpAction |
HttpAction.ok(String message,
WebContext context)
Build an HTTP Ok without any content.
|
static HttpAction |
HttpAction.ok(String message,
WebContext context,
String content)
Build an HTTP Ok.
|
static HttpAction |
HttpAction.redirect(String message,
WebContext context,
String url)
Build a redirection.
|
static HttpAction |
HttpAction.status(String message,
int status,
WebContext context)
Build a response with message and status.
|
static HttpAction |
HttpAction.unauthorized(String message,
WebContext context,
String realmName)
Build a basic auth popup credentials.
|
static HttpAction |
HttpAction.unauthorizedDigest(String message,
WebContext context,
String realmName,
String qop,
String nonce)
Build a digest auth popup credentials.
|
Modifier and Type | Method and Description |
---|---|
boolean |
Matcher.matches(WebContext context)
Check if the web context matches.
|
boolean |
HttpMethodMatcher.matches(WebContext context) |
boolean |
HeaderMatcher.matches(WebContext context) |
boolean |
MatchingChecker.matches(WebContext context,
String matcherNames,
Map<String,Matcher> matchersMap)
Check if the web context matches.
|
boolean |
DefaultMatchingChecker.matches(WebContext context,
String matcherNames,
Map<String,Matcher> matchersMap) |
Modifier and Type | Method and Description |
---|---|
U |
ProfileCreator.create(C credentials,
WebContext context)
Create a profile from a credentials.
|
P |
AuthenticatorProfileCreator.create(C credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
AbstractProfileService.validate(UsernamePasswordCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
HttpAction |
RedirectAction.perform(WebContext context)
Perform a
RedirectAction on the web context. |
Modifier and Type | Method and Description |
---|---|
RedirectAction |
RedirectActionBuilder.redirect(WebContext context)
Return a redirect action for the web context.
|
Modifier and Type | Method and Description |
---|---|
protected DigestCredentials |
DirectDigestAuthClient.retrieveCredentials(WebContext context)
Per RFC 2617
If a server receives a request for an access-protected object, and an
acceptable Authorization header is not sent, the server responds with
a "401 Unauthorized" status code, and a WWW-Authenticate header
|
Modifier and Type | Method and Description |
---|---|
protected HttpAction |
FormClient.handleInvalidCredentials(WebContext context,
String username,
String message,
String errorMessage) |
Modifier and Type | Method and Description |
---|---|
protected HttpAction |
FormClient.handleInvalidCredentials(WebContext context,
String username,
String message,
String errorMessage) |
protected UsernamePasswordCredentials |
IndirectBasicAuthClient.retrieveCredentials(WebContext context) |
protected UsernamePasswordCredentials |
FormClient.retrieveCredentials(WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
IpRegexpAuthenticator.validate(TokenCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
SimpleTestTokenAuthenticator.validate(TokenCredentials credentials,
WebContext context) |
void |
SimpleTestDigestAuthenticator.validate(TokenCredentials credentials,
WebContext context) |
void |
SimpleTestUsernamePasswordAuthenticator.validate(UsernamePasswordCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
TokenCredentials |
IpExtractor.extract(WebContext context) |
DigestCredentials |
DigestAuthExtractor.extract(WebContext context)
Extracts digest Authorization header components.
|
TokenCredentials |
CookieExtractor.extract(WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
JwtAuthenticator.validate(TokenCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
LdapProfileService.validate(UsernamePasswordCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
protected void |
OAuth20Authenticator.retrieveAccessToken(OAuthCredentials credentials) |
protected void |
OAuth10Authenticator.retrieveAccessToken(OAuthCredentials credentials) |
Modifier and Type | Method and Description |
---|---|
protected OAuth20Credentials |
OAuth20CredentialsExtractor.getOAuthCredentials(WebContext context) |
protected OAuth10Credentials |
OAuth10CredentialsExtractor.getOAuthCredentials(WebContext context) |
Modifier and Type | Method and Description |
---|---|
BitbucketProfile |
BitbucketProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
CasOAuthWrapperProfile |
CasOAuthWrapperProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
protected com.github.scribejava.core.model.OAuth1Token |
OAuth10ProfileCreator.getAccessToken(OAuth10Credentials credentials) |
protected com.github.scribejava.core.model.OAuth2AccessToken |
OAuth20ProfileCreator.getAccessToken(OAuth20Credentials credentials) |
Modifier and Type | Method and Description |
---|---|
abstract P |
OAuthProfileDefinition.extractUserProfile(String body)
Extract the user profile from the response (JSON, XML...) of the profile url.
|
Modifier and Type | Method and Description |
---|---|
DropBoxProfile |
DropBoxProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
FacebookProfile |
FacebookProfileDefinition.extractUserProfile(String body) |
protected FacebookProfile |
FacebookProfileCreator.retrieveUserProfileFromToken(com.github.scribejava.core.model.OAuth2AccessToken accessToken) |
Modifier and Type | Method and Description |
---|---|
FoursquareProfile |
FoursquareProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
OAuth20Profile |
GenericOAuth20ProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
GitHubProfile |
GitHubProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
Google2Profile |
Google2ProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
LinkedIn2Profile |
LinkedIn2ProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
OkProfile |
OkProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
OrcidProfile |
OrcidProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
PayPalProfile |
PayPalProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
StravaProfile |
StravaProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
VkProfile |
VkProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
WindowsLiveProfile |
WindowsLiveProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
WordPressProfile |
WordPressProfileDefinition.extractUserProfile(String body) |
Modifier and Type | Method and Description |
---|---|
protected YahooProfile |
YahooProfileCreator.retrieveUserProfileFromToken(com.github.scribejava.core.model.OAuth1Token accessToken) |
Modifier and Type | Method and Description |
---|---|
RedirectAction |
OAuth20RedirectActionBuilder.redirect(WebContext context) |
RedirectAction |
OAuth10RedirectActionBuilder.redirect(WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
OidcAuthenticator.validate(OidcCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
OidcCredentials |
OidcExtractor.extract(WebContext context) |
Modifier and Type | Method and Description |
---|---|
U |
OidcProfileCreator.create(OidcCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
RedirectAction |
OidcRedirectActionBuilder.redirect(WebContext context) |
Modifier and Type | Method and Description |
---|---|
protected YahooOpenIdProfile |
YahooAuthenticator.createProfile(org.openid4java.message.AuthSuccess authSuccess) |
void |
YahooAuthenticator.validate(OpenIdCredentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
OpenIdCredentials |
YahooCredentialsExtractor.extract(WebContext context) |
Modifier and Type | Method and Description |
---|---|
RedirectAction |
YahooRedirectActionBuilder.redirect(WebContext context) |
Modifier and Type | Method and Description |
---|---|
void |
SAML2Authenticator.validate(SAML2Credentials credentials,
WebContext context) |
Modifier and Type | Method and Description |
---|---|
RedirectAction |
SAML2RedirectActionBuilder.redirect(WebContext wc) |
Modifier and Type | Method and Description |
---|---|
void |
StormpathAuthenticator.validate(UsernamePasswordCredentials credentials,
WebContext context) |
Copyright © 2017. All rights reserved.