Package io.goobi.viewer.model.security.authentication

Class HttpHeaderProvider

java.lang.Object

io.goobi.viewer.model.security.authentication.HttpAuthenticationProvider

io.goobi.viewer.model.security.authentication.HttpHeaderProvider

All Implemented Interfaces:

IAuthenticationProvider

public class HttpHeaderProvider
extends HttpAuthenticationProvider

Authentication provider that authenticates users by reading a user identifier from an HTTP request header (or parameter), then looking up or creating the corresponding User account.

Field Summary

Fields

Modifier and Type	Field	Description
static final String	PARAMETER_TYPE_HEADER
static final String	TYPE_HTTP_HEADER	Constant TYPE_OPENID="openId".

Fields inherited from class io.goobi.viewer.model.security.authentication.HttpAuthenticationProvider

addUserToGroups, connectionManager, DEFAULT_EMAIL, image, label, name, redirectUrl, timeoutMillis, type, TYPE_USER_PASSWORD, url

Constructor Summary

Constructors

Constructor	Description
HttpHeaderProvider(String name, String label, String url, String image, long timeoutMillis, String parameterType, String parameterName)

Method Summary

Modifier and Type	Method	Description
boolean	allowsEmailChange()	allowsEmailChange.
boolean	allowsNicknameChange()	allowsNicknameChange.
boolean	allowsPasswordChange()	Checks whether this authentication service allows user to edit their password or to reset it.
Future<Boolean>	completeLogin(String ssoId, HttpServletRequest request, HttpServletResponse response)
List<String>	getAddUserToGroups()	getAddUserToGroups.
String	getParameterName()
String	getParameterType()
User	loadUser(String parameterValue)
CompletableFuture<LoginResult>	login(String ssoId, String password)	Returns a future containing the login result upon completion.
void	logout()	Logs the user out.
void	setAddUserToGroups(List<String> addUserToGroups)	setAddUserToGroups.
void	setLoginResult(LoginResult loginResult)

Methods inherited from class io.goobi.viewer.model.security.authentication.HttpAuthenticationProvider

get, getImage, getImageUrl, getLabel, getName, getRedirectUrl, getTimeoutMillis, getType, getUrl, post, setRedirectUrl

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

TYPE_HTTP_HEADER

public static final String TYPE_HTTP_HEADER

Constant TYPE_OPENID="openId".

See Also:

• Constant Field Values

PARAMETER_TYPE_HEADER

public static final String PARAMETER_TYPE_HEADER

See Also:

• Constant Field Values

Constructor Details

HttpHeaderProvider

public HttpHeaderProvider(String name,
 String label,
 String url,
 String image,
 long timeoutMillis,
 String parameterType,
 String parameterName)

Parameters:

name - unique provider name/identifier

label - display label shown in the UI

url - redirect URL for the authentication endpoint

image - path to the provider icon image

timeoutMillis - maximum wait time in milliseconds for the login response

parameterType - type of the incoming parameter (e.g. "header")

parameterName - name of the header or request parameter carrying the user identifier

Method Details

login

public CompletableFuture<LoginResult> login(String ssoId,
 String password)
                                     throws AuthenticationProviderException

Returns a future containing the login result upon completion. The result optionally contains the logged in User as well as the HttpServletRequest and HttpServletResponse to be used to complete the login and possible request forwarding If an error occurs and the request can not be processed, an AuthenticationException must be thrown. If a login has been refused, the exact reasons can be determined using the methods User.isActive(), User.isSuspended() and LoginResult.isRefused()

Parameters:

ssoId - login name or identifier supplied by the user

password - A string to be used as a password or similar for login. If the provider does not require such a string, this can be left empty or null

Returns:

A CompletableFuture which is resolved once login is completed and contains a LoginResult

Throws:

AuthenticationProviderException - if any.

loadUser

public User loadUser(String parameterValue)

Parameters:

parameterValue - the value of the user-identifying parameter to look up

Returns:

User if found; otherwise null

completeLogin

public Future<Boolean> completeLogin(String ssoId,
 HttpServletRequest request,
 HttpServletResponse response)

Parameters:

ssoId - User identifier

request - a HttpServletRequest object.

response - a HttpServletResponse object.

Returns:

a Future resolving to true if login succeeded, false otherwise

logout

public void logout()
            throws AuthenticationProviderException

Logs the user out.

Throws:

AuthenticationProviderException - if any.

allowsPasswordChange

public boolean allowsPasswordChange()

Checks whether this authentication service allows user to edit their password or to reset it.

Returns:

true if the authentication service provides means to change or reset the user password

allowsNicknameChange

public boolean allowsNicknameChange()

allowsNicknameChange.

Returns:

true if the nickname may be changed and is not essential for user identification

allowsEmailChange

public boolean allowsEmailChange()

allowsEmailChange.

Returns:

true if the email may be changed and is not essential for user identification

getAddUserToGroups

public List<String> getAddUserToGroups()

getAddUserToGroups.

Specified by:

getAddUserToGroups in interface IAuthenticationProvider

Overrides:

getAddUserToGroups in class HttpAuthenticationProvider

Returns:

list of group names to add the user to on login

setAddUserToGroups

public void setAddUserToGroups(List<String> addUserToGroups)

setAddUserToGroups.

Specified by:

setAddUserToGroups in interface IAuthenticationProvider

Overrides:

setAddUserToGroups in class HttpAuthenticationProvider

Parameters:

addUserToGroups - group names to assign new or returning users to

getParameterType

public String getParameterType()

getParameterName

public String getParameterName()

setLoginResult

public void setLoginResult(LoginResult loginResult)