FinalizeMultiFactorAuthentication (Shibboleth IdP :: Authentication Implementation 3.4.1 API)

java.lang.Object
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
- - org.opensaml.profile.action.AbstractProfileAction<InboundMessageType,OutboundMessageType>
  - - org.opensaml.profile.action.AbstractConditionalProfileAction<InboundMessageType,OutboundMessageType>
    - - net.shibboleth.idp.profile.AbstractProfileAction<InboundMessageType,OutboundMessageType>
      - net.shibboleth.idp.authn.AbstractAuthenticationAction
        
        net.shibboleth.idp.authn.impl.FinalizeMultiFactorAuthentication

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction, org.springframework.beans.factory.Aware, org.springframework.context.MessageSource, org.springframework.context.MessageSourceAware, org.springframework.webflow.execution.Action
```
public class FinalizeMultiFactorAuthentication
extends AbstractAuthenticationAction
```
An authentication action that completes MFA by producing a final AuthenticationResult out of whatever constituent parts and pieces exist, by means of an overridable function, storing it in the AuthenticationContext and preparing a fresh SubjectCanonicalizationContext to operate on.
Event:

EventIds.PROCEED_EVENT_ID, EventIds.INVALID_PROFILE_CTX, AuthnEventIds.INVALID_AUTHN_CTX

Precondition:
```
ProfileRequestContext.getSubcontext(AuthenticationContext.class).getSubcontext(
      MultiFactorAuthenticationContext.class) != null
```
Postcondition:
```
ProfileRequestContext.getSubcontext(AuthenticationContext.class).getAuthenticationResult() != null
```
,
```
ProfileRequestContext.getSubcontext(SubjectCanonicalizationContext.class) != null
```

Nested Class Summary

Nested Classes
Modifier and Type	Class and Description
`static class`	`FinalizeMultiFactorAuthentication.DefaultResultMergingStrategy` Default merging strategy to combine individual `AuthenticationResult` objects into a single result.

Field Summary

Fields
Modifier and Type	Field and Description
`private org.slf4j.Logger`	`log` Class logger.
`private MultiFactorAuthenticationContext`	`mfaContext` A subordinate `MultiFactorAuthenticationContext`, if any.
`private com.google.common.base.Function<ProfileRequestContext,MultiFactorAuthenticationContext>`	`multiFactorContextLookupStrategy` Lookup function for the context to evaluate.
`private com.google.common.base.Function<ProfileRequestContext,String>`	`requesterLookupStrategy` Function used to obtain the requester ID.
`private com.google.common.base.Function<ProfileRequestContext,String>`	`responderLookupStrategy` Function used to obtain the responder ID.
`private com.google.common.base.Predicate<ProfileRequestContext>`	`resultCachingPredicate` Predicate to apply when setting AuthenticationResult cacheability.
`private com.google.common.base.Function<ProfileRequestContext,AuthenticationResult>`	`resultMergingStrategy` Strategy function to produce a final, merged result.

Constructor Summary

Constructors
Constructor and Description

FinalizeMultiFactorAuthentication()
Constructor.

Constructors
Constructor and Description
`FinalizeMultiFactorAuthentication()` Constructor.

Method Summary

Methods
Modifier and Type	Method and Description
`protected void`	`doExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)`
`protected void`	`doInitialize()`
`protected boolean`	`doPreExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)`
`void`	`setMultiFactorContextLookupStrategy(com.google.common.base.Function<ProfileRequestContext,MultiFactorAuthenticationContext> strategy)` Set the lookup strategy to use for the context to evaluate.
`void`	`setRequesterLookupStrategy(com.google.common.base.Function<ProfileRequestContext,String> strategy)` Set the strategy used to locate the requester ID for canonicalization.
`void`	`setResponderLookupStrategy(com.google.common.base.Function<ProfileRequestContext,String> strategy)` Set the strategy used to locate the responder ID for canonicalization.
`void`	`setResultCachingPredicate(com.google.common.base.Predicate<ProfileRequestContext> predicate)` Set predicate to apply to determine cacheability of `AuthenticationResult`.
`void`	`setResultMergingStrategy(com.google.common.base.Function<ProfileRequestContext,AuthenticationResult> strategy)` Set the result merging strategy to use.

Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction
doExecute, doPreExecute, setLookupStrategy

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

multiFactorContextLookupStrategy

@Nonnull
private com.google.common.base.Function<ProfileRequestContext,MultiFactorAuthenticationContext> multiFactorContextLookupStrategy

Lookup function for the context to evaluate.

resultMergingStrategy

@NonnullAfterInit
private com.google.common.base.Function<ProfileRequestContext,AuthenticationResult> resultMergingStrategy

Strategy function to produce a final, merged result.

resultCachingPredicate

@Nullable
private com.google.common.base.Predicate<ProfileRequestContext> resultCachingPredicate

Predicate to apply when setting AuthenticationResult cacheability.

requesterLookupStrategy

@Nullable
private com.google.common.base.Function<ProfileRequestContext,String> requesterLookupStrategy

Function used to obtain the requester ID.

responderLookupStrategy

@Nullable
private com.google.common.base.Function<ProfileRequestContext,String> responderLookupStrategy

Function used to obtain the responder ID.

mfaContext

@Nullable
private MultiFactorAuthenticationContext mfaContext

A subordinate MultiFactorAuthenticationContext, if any.

Constructor Detail
- FinalizeMultiFactorAuthentication
```
public FinalizeMultiFactorAuthentication()
```
  Constructor.

Method Detail

setMultiFactorContextLookupStrategy

public void setMultiFactorContextLookupStrategy(@Nonnull
                                       com.google.common.base.Function<ProfileRequestContext,MultiFactorAuthenticationContext> strategy)

Set the lookup strategy to use for the context to evaluate.

Parameters:: strategy - lookup strategy

setResultMergingStrategy

public void setResultMergingStrategy(@Nullable
                            com.google.common.base.Function<ProfileRequestContext,AuthenticationResult> strategy)

Set the result merging strategy to use.

Parameters:: strategy - result merging strategy

setResultCachingPredicate

public void setResultCachingPredicate(@Nullable
                             com.google.common.base.Predicate<ProfileRequestContext> predicate)

Set predicate to apply to determine cacheability of AuthenticationResult.

Parameters:: predicate - predicate to apply, or null

setRequesterLookupStrategy

public void setRequesterLookupStrategy(@Nullable
                              com.google.common.base.Function<ProfileRequestContext,String> strategy)

Set the strategy used to locate the requester ID for canonicalization.

Parameters:: strategy - lookup strategy

setResponderLookupStrategy

public void setResponderLookupStrategy(@Nullable
                              com.google.common.base.Function<ProfileRequestContext,String> strategy)

Set the strategy used to locate the responder ID for canonicalization.

Parameters:: strategy - lookup strategy

doInitialize
```
protected void doInitialize()
                     throws ComponentInitializationException
```
Overrides:

doInitialize in class AbstractInitializableComponent

Throws:

ComponentInitializationException

doPreExecute

protected boolean doPreExecute(@Nonnull
                   ProfileRequestContext profileRequestContext,
                   @Nonnull
                   AuthenticationContext authenticationContext)

Overrides:: doPreExecute in class AbstractAuthenticationAction

doExecute

protected void doExecute(@Nonnull
             ProfileRequestContext profileRequestContext,
             @Nonnull
             AuthenticationContext authenticationContext)

Overrides:: doExecute in class AbstractAuthenticationAction

Class FinalizeMultiFactorAuthentication

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

Methods inherited from class java.lang.Object

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent