Package net.shibboleth.idp.authn.impl
Class FinalizeMultiFactorAuthentication
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- org.opensaml.profile.action.AbstractProfileAction
-
- org.opensaml.profile.action.AbstractConditionalProfileAction
-
- net.shibboleth.idp.profile.AbstractProfileAction
-
- net.shibboleth.idp.authn.AbstractAuthenticationAction
-
- net.shibboleth.idp.authn.impl.FinalizeMultiFactorAuthentication
-
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction,Aware,MessageSource,MessageSourceAware,Action
public class FinalizeMultiFactorAuthentication extends AbstractAuthenticationAction
An authentication action that completes MFA by producing a finalAuthenticationResultout of whatever constituent parts and pieces exist, by means of an overridable function, storing it in theAuthenticationContextand preparing a freshSubjectCanonicalizationContextto operate on.- Event:
EventIds.PROCEED_EVENT_ID,EventIds.INVALID_PROFILE_CTX,AuthnEventIds.INVALID_AUTHN_CTX- Precondition:
ProfileRequestContext.getSubcontext(AuthenticationContext.class).getSubcontext( MultiFactorAuthenticationContext.class) != null- Postcondition:
ProfileRequestContext.getSubcontext(AuthenticationContext.class).getAuthenticationResult() != null
,ProfileRequestContext.getSubcontext(SubjectCanonicalizationContext.class) != null
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classFinalizeMultiFactorAuthentication.DefaultResultMergingStrategyDefault merging strategy to combine individualAuthenticationResultobjects into a single result.
-
Field Summary
Fields Modifier and Type Field Description private org.slf4j.LoggerlogClass logger.private MultiFactorAuthenticationContextmfaContextA subordinateMultiFactorAuthenticationContext, if any.private Function<ProfileRequestContext,MultiFactorAuthenticationContext>multiFactorContextLookupStrategyLookup function for the context to evaluate.private Function<ProfileRequestContext,String>requesterLookupStrategyFunction used to obtain the requester ID.private Function<ProfileRequestContext,String>responderLookupStrategyFunction used to obtain the responder ID.private Predicate<ProfileRequestContext>resultCachingPredicatePredicate to apply when setting AuthenticationResult cacheability.private Function<ProfileRequestContext,AuthenticationResult>resultMergingStrategyStrategy function to produce a final, merged result.
-
Constructor Summary
Constructors Constructor Description FinalizeMultiFactorAuthentication()Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voiddoExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)protected voiddoInitialize()protected booleandoPreExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)voidsetMultiFactorContextLookupStrategy(Function<ProfileRequestContext,MultiFactorAuthenticationContext> strategy)Set the lookup strategy to use for the context to evaluate.voidsetRequesterLookupStrategy(Function<ProfileRequestContext,String> strategy)Set the strategy used to locate the requester ID for canonicalization.voidsetResponderLookupStrategy(Function<ProfileRequestContext,String> strategy)Set the strategy used to locate the responder ID for canonicalization.voidsetResultCachingPredicate(Predicate<ProfileRequestContext> predicate)Set predicate to apply to determine cacheability ofAuthenticationResult.voidsetResultMergingStrategy(Function<ProfileRequestContext,AuthenticationResult> strategy)Set the result merging strategy to use.-
Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction
doExecute, doPreExecute, setAuthenticationContextLookupStrategy
-
Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy
-
Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationCondition
-
Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
-
-
-
Field Detail
-
log
@Nonnull private final org.slf4j.Logger log
Class logger.
-
multiFactorContextLookupStrategy
@Nonnull private Function<ProfileRequestContext,MultiFactorAuthenticationContext> multiFactorContextLookupStrategy
Lookup function for the context to evaluate.
-
resultMergingStrategy
@NonnullAfterInit private Function<ProfileRequestContext,AuthenticationResult> resultMergingStrategy
Strategy function to produce a final, merged result.
-
resultCachingPredicate
@Nullable private Predicate<ProfileRequestContext> resultCachingPredicate
Predicate to apply when setting AuthenticationResult cacheability.
-
requesterLookupStrategy
@Nullable private Function<ProfileRequestContext,String> requesterLookupStrategy
Function used to obtain the requester ID.
-
responderLookupStrategy
@Nullable private Function<ProfileRequestContext,String> responderLookupStrategy
Function used to obtain the responder ID.
-
mfaContext
@Nullable private MultiFactorAuthenticationContext mfaContext
A subordinateMultiFactorAuthenticationContext, if any.
-
-
Method Detail
-
setMultiFactorContextLookupStrategy
public void setMultiFactorContextLookupStrategy(@Nonnull Function<ProfileRequestContext,MultiFactorAuthenticationContext> strategy)Set the lookup strategy to use for the context to evaluate.- Parameters:
strategy- lookup strategy
-
setResultMergingStrategy
public void setResultMergingStrategy(@Nullable Function<ProfileRequestContext,AuthenticationResult> strategy)Set the result merging strategy to use.- Parameters:
strategy- result merging strategy
-
setResultCachingPredicate
public void setResultCachingPredicate(@Nullable Predicate<ProfileRequestContext> predicate)Set predicate to apply to determine cacheability ofAuthenticationResult.- Parameters:
predicate- predicate to apply, or null
-
setRequesterLookupStrategy
public void setRequesterLookupStrategy(@Nullable Function<ProfileRequestContext,String> strategy)Set the strategy used to locate the requester ID for canonicalization.- Parameters:
strategy- lookup strategy
-
setResponderLookupStrategy
public void setResponderLookupStrategy(@Nullable Function<ProfileRequestContext,String> strategy)Set the strategy used to locate the responder ID for canonicalization.- Parameters:
strategy- lookup strategy
-
doInitialize
protected void doInitialize() throws ComponentInitializationException- Overrides:
doInitializein classAbstractInitializableComponent- Throws:
ComponentInitializationException
-
doPreExecute
protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext)- Overrides:
doPreExecutein classAbstractAuthenticationAction
-
doExecute
protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext)- Overrides:
doExecutein classAbstractAuthenticationAction
-
-