Package net.shibboleth.idp.authn.impl
Class PopulateAuthenticationContext
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- org.opensaml.profile.action.AbstractProfileAction
-
- org.opensaml.profile.action.AbstractConditionalProfileAction
-
- net.shibboleth.idp.profile.AbstractProfileAction
-
- net.shibboleth.idp.authn.AbstractAuthenticationAction
-
- net.shibboleth.idp.authn.impl.PopulateAuthenticationContext
-
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction,Aware,MessageSource,MessageSourceAware,Action
public class PopulateAuthenticationContext extends AbstractAuthenticationAction
An action that populates anAuthenticationContextwith theAuthenticationFlowDescriptorobjects configured into the IdP, potential flows filtered by flow IDs from a lookup function.If a
RequestedPrincipalContextchild is found, then optionally a customizedPrincipalEvalPredicateFactoryRegistrywill be installed into it.The flow IDs used for filtering must omit the
AuthenticationFlowDescriptor.FLOW_ID_PREFIXprefix.- Event:
EventIds.PROCEED_EVENT_ID- Precondition:
ProfileRequestContext.getSubcontext(AuthenticationContext.class) != null
- Postcondition:
- The AuthenticationContext is modified as above.
-
-
Field Summary
Fields Modifier and Type Field Description private Function<ProfileRequestContext,Collection<String>>activeFlowsLookupStrategyLookup function for the flow IDs to activate from within the available set.private Collection<AuthenticationFlowDescriptor>availableFlowsAll of the known flows in the system.private PrincipalEvalPredicateFactoryRegistryevalRegistryThe registry of predicate factories for custom principal evaluation.private Function<ProfileRequestContext,String>fixedEventLookupStrategyOptional lookup strategy for triggering credential validators to return a fixed event for testing.private org.slf4j.LoggerlogClass logger.private Function<ProfileRequestContext,Collection<AuthenticationFlowDescriptor>>potentialFlowsLookupStrategyLookup function for the flows to make available for possible use.
-
Constructor Summary
Constructors Constructor Description PopulateAuthenticationContext()Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voiddoExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)PrincipalEvalPredicateFactoryRegistrygetPrincipalPredicateFactoryEvalRegistry()Get the registry of predicate factories for custom principal evaluation.voidsetActiveFlowsLookupStrategy(Function<ProfileRequestContext,Collection<String>> strategy)Set the lookup strategy to use for the authentication flows to activate.voidsetAvailableFlows(Collection<AuthenticationFlowDescriptor> flows)Set the flows known to the system.voidsetFixedEventLookupStrategy(Function<ProfileRequestContext,String> strategy)Set optional lookup strategy to return a fixed event to return from credential validation to exercise error and warning logic.voidsetPotentialFlowsLookupStrategy(Function<ProfileRequestContext,Collection<AuthenticationFlowDescriptor>> strategy)Set the lookup strategy for the flows to make available for use (a subset of the available ones).voidsetPrincipalEvalPredicateFactoryRegistry(PrincipalEvalPredicateFactoryRegistry registry)Set the registry of predicate factories for custom principal evaluation.-
Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction
doExecute, doPreExecute, doPreExecute, setAuthenticationContextLookupStrategy
-
Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy
-
Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationCondition
-
Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
-
-
-
Field Detail
-
log
@Nonnull private final org.slf4j.Logger log
Class logger.
-
availableFlows
@Nonnull @NonnullElements private Collection<AuthenticationFlowDescriptor> availableFlows
All of the known flows in the system.
-
potentialFlowsLookupStrategy
@Nonnull private Function<ProfileRequestContext,Collection<AuthenticationFlowDescriptor>> potentialFlowsLookupStrategy
Lookup function for the flows to make available for possible use.
-
activeFlowsLookupStrategy
@Nonnull private Function<ProfileRequestContext,Collection<String>> activeFlowsLookupStrategy
Lookup function for the flow IDs to activate from within the available set.
-
evalRegistry
@Nullable private PrincipalEvalPredicateFactoryRegistry evalRegistry
The registry of predicate factories for custom principal evaluation.
-
fixedEventLookupStrategy
@Nullable private Function<ProfileRequestContext,String> fixedEventLookupStrategy
Optional lookup strategy for triggering credential validators to return a fixed event for testing.
-
-
Method Detail
-
setAvailableFlows
public void setAvailableFlows(@Nonnull @NonnullElements Collection<AuthenticationFlowDescriptor> flows)
Set the flows known to the system.- Parameters:
flows- the flows known to the system
-
setPotentialFlowsLookupStrategy
public void setPotentialFlowsLookupStrategy(@Nonnull Function<ProfileRequestContext,Collection<AuthenticationFlowDescriptor>> strategy)Set the lookup strategy for the flows to make available for use (a subset of the available ones).- Parameters:
strategy- lookup strategy- Since:
- 4.2.0
-
setActiveFlowsLookupStrategy
public void setActiveFlowsLookupStrategy(@Nonnull Function<ProfileRequestContext,Collection<String>> strategy)Set the lookup strategy to use for the authentication flows to activate.- Parameters:
strategy- lookup strategy
-
getPrincipalPredicateFactoryEvalRegistry
@Nonnull public PrincipalEvalPredicateFactoryRegistry getPrincipalPredicateFactoryEvalRegistry()
Get the registry of predicate factories for custom principal evaluation.- Returns:
- predicate factory registry
-
setPrincipalEvalPredicateFactoryRegistry
public void setPrincipalEvalPredicateFactoryRegistry(@Nonnull PrincipalEvalPredicateFactoryRegistry registry)Set the registry of predicate factories for custom principal evaluation.- Parameters:
registry- predicate factory registry
-
setFixedEventLookupStrategy
public void setFixedEventLookupStrategy(@Nullable Function<ProfileRequestContext,String> strategy)Set optional lookup strategy to return a fixed event to return from credential validation to exercise error and warning logic.- Parameters:
strategy- lookup strategy- Since:
- 3.4.0
-
doExecute
protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext)- Overrides:
doExecutein classAbstractAuthenticationAction
-
-