Package net.shibboleth.idp.authn.duo.impl

Class ExtractDuoAuthenticationFromHeaders

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.profile.action.AbstractConditionalProfileAction

net.shibboleth.idp.profile.AbstractProfileAction

net.shibboleth.idp.authn.AbstractAuthenticationAction

net.shibboleth.idp.authn.duo.impl.ExtractDuoAuthenticationFromHeaders

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action

public class ExtractDuoAuthenticationFromHeaders
extends AbstractAuthenticationAction

An action that extracts the Duo factor and device or passcode from HTTP request headers into a DuoAuthenticationContext, and attaches it to the AuthenticationContext.

Event:

EventIds.PROCEED_EVENT_ID, AuthnEventIds.NO_CREDENTIALS

Precondition:

      ProfileRequestContext.getSubcontext(AuthenticationContext.class) != null
      

Postcondition:

If getHttpServletRequest() != null, the content of the headers are checked. The information found will be attached via a DuoAuthenticationContext.

Field Summary

Fields

Modifier and Type	Field	Description
private boolean	autoAuthenticationSupported	Whether "auto" should be the default for factor and device.
private boolean	clientAddressTrusted	Whether to trust, and extract, the client address.
private String	deviceHeaderName	Header name for device.
private String	factorHeaderName	Header name for factor.
private org.slf4j.Logger	log	Class logger.
private String	passcodeHeaderName	Header name for passcode.
private Function<ProfileRequestContext,Map<String,String>>	pushInfoLookupStrategy	Strategy function for populating pushinfo AuthAPI parameter.

Constructor Summary

Constructors

Constructor	Description
ExtractDuoAuthenticationFromHeaders()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected void	doExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)
protected void	extractHeaders(DuoAuthenticationContext context)	Extracts the Duo API arguments passed in via the request headers.
boolean	isAutoAuthenticationSupported()	Get whether "auto" is the default setting.
boolean	isClientAddressTrusted()	Get whether the client address should be trusted for use in API calls.
void	setAutoAuthenticationSupported(boolean flag)	Set whether "auto" is the default setting.
void	setClientAdddressTrusted(boolean flag)	Set whether the client address should be trusted for use in API calls.
void	setDeviceHeader(String headerName)	Set the device header name.
void	setFactorHeader(String headerName)	Set the factor header name.
void	setPasscodeHeader(String headerName)	Set the passcode header name.
void	setPushInfoLookupStrategy(Function<ProfileRequestContext,Map<String,String>> strategy)	Set lookup strategy for AuthAPI pushinfo parameter.

Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction

doExecute, doPreExecute, doPreExecute, setAuthenticationContextLookupStrategy

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

autoAuthenticationSupported

private boolean autoAuthenticationSupported

Whether "auto" should be the default for factor and device.

clientAddressTrusted

private boolean clientAddressTrusted

Whether to trust, and extract, the client address.

factorHeaderName

@Nonnull
@NotEmpty
private String factorHeaderName

Header name for factor.

deviceHeaderName

@Nonnull
@NotEmpty
private String deviceHeaderName

Header name for device.

passcodeHeaderName

@Nonnull
@NotEmpty
private String passcodeHeaderName

Header name for passcode.

pushInfoLookupStrategy

@Nullable
private Function<ProfileRequestContext,Map<String,String>> pushInfoLookupStrategy

Strategy function for populating pushinfo AuthAPI parameter.

Constructor Detail

ExtractDuoAuthenticationFromHeaders

ExtractDuoAuthenticationFromHeaders()

Constructor.

Method Detail

setFactorHeader

public void setFactorHeader(@Nonnull @NotEmpty
                            String headerName)

Set the factor header name.

Parameters:

headerName - the factor header name

setDeviceHeader

public void setDeviceHeader(@Nonnull @NotEmpty
                            String headerName)

Set the device header name.

Parameters:

headerName - the factor header name

setPasscodeHeader

public void setPasscodeHeader(@Nonnull @NotEmpty
                              String headerName)

Set the passcode header name.

Parameters:

headerName - the factor header name

isClientAddressTrusted

public boolean isClientAddressTrusted()

Get whether the client address should be trusted for use in API calls.

Returns:

whether client address should be trusted

setClientAdddressTrusted

public void setClientAdddressTrusted(boolean flag)

Set whether the client address should be trusted for use in API calls.

Parameters:

flag - flag to set

isAutoAuthenticationSupported

public boolean isAutoAuthenticationSupported()

Get whether "auto" is the default setting.

Returns:

whether "auto" is the default setting

setAutoAuthenticationSupported

public void setAutoAuthenticationSupported(boolean flag)

Set whether "auto" is the default setting.

Parameters:

flag - flag to set

setPushInfoLookupStrategy

public void setPushInfoLookupStrategy(@Nullable
                                      Function<ProfileRequestContext,Map<String,String>> strategy)

Set lookup strategy for AuthAPI pushinfo parameter.

Parameters:

strategy - lookup strategy

doExecute

protected void doExecute(@Nonnull
                         ProfileRequestContext profileRequestContext,
                         @Nonnull
                         AuthenticationContext authenticationContext)

Overrides:

doExecute in class AbstractAuthenticationAction

extractHeaders

protected void extractHeaders(@Nonnull
                              DuoAuthenticationContext context)

Extracts the Duo API arguments passed in via the request headers.

Parameters:

context - the DuoApiAuthContext to store the parameters in