Package io.goobi.viewer.model.security.authentication

Class OpenIdProvider

java.lang.Object
io.goobi.viewer.model.security.authentication.HttpAuthenticationProvider
io.goobi.viewer.model.security.authentication.OpenIdProvider
All Implemented Interfaces:
IAuthenticationProvider
public class OpenIdProvider extends HttpAuthenticationProvider

OpenIdProvider class.

  • Field Details

  • Constructor Details

    • OpenIdProvider

      public OpenIdProvider(String name, String label, String url, String image, long timeoutMillis, String clientId, String clientSecret)

      Constructor for OpenIdProvider.

      Parameters:
      name - a String object.
      label - a String object.
      url - a String object.
      image - a String object.
      timeoutMillis - a long.
      clientId - a String object.
      clientSecret - a String object.

  • Method Details

    • login

      public CompletableFuture<LoginResult> login(String loginName, String password) throws AuthenticationProviderException
      Returns a future containing the login result upon completion. The result optionally contains the logged in User as well as the HttpServletRequest and HttpServletResponse to be used to complete the login and possible request forwarding If an error occurs and the request can not be processed, an AuthenticationException must be thrown. If a login has been refused, the exact reasons can be determined using the methods User.isActive(), User.isSuspended() and LoginResult.isRefused()
      Parameters:
      loginName - a String object.
      password - A string to be used as a password or similar for login. If the provider does not require such a string, this can be left empty or null
      Returns:
      A CompletableFuture which is resolved once login is completed and contains a LoginResult
      Throws:
      AuthenticationProviderException - if any.

    • completeLogin

      public Future<Boolean> completeLogin(com.auth0.jwt.interfaces.DecodedJWT jwt, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
      Tries to find or create a valid User based on the given json object. Generates a LoginResult containing the given request and response and either an optional containing the user or nothing if no user was found, or a AuthenticationProviderException if an internal error occured during login If this method is not called within HttpAuthenticationProvider.getTimeoutMillis() ms after calling login(String, String), a loginResponse is created containing an appropriate exception. In any case, the future returned by login(String, String) is resolved.
      Parameters:
      jwt - DecodedJWT
      request - a HttpServletRequest object.
      response - a HttpServletResponse object.
      Returns:
      a Future object.

    • logout

      public void logout() throws AuthenticationProviderException
      Logs the user out
      Throws:
      AuthenticationProviderException - if any.

    • allowsPasswordChange

      public boolean allowsPasswordChange()
      Check whether this authentication service allows user to edit their password or to reset it
      Returns:
      true if the authentication service provides means to change or reset the user password

    • allowsNicknameChange

      public boolean allowsNicknameChange()

      allowsNicknameChange.

      Returns:
      true if the nickname may be changed and is not essential for user identification

    • allowsEmailChange

      public boolean allowsEmailChange()

      allowsEmailChange.

      Returns:
      true if the email may be changed and is not essential for user identification

    • getDiscoveryUri

      public String getDiscoveryUri()
      Returns:
      the discoveryUri

    • setDiscoveryUri

      public OpenIdProvider setDiscoveryUri(String discoveryUri)
      Parameters:
      discoveryUri - the discoveryUri to set
      Returns:
      this

    • getClientId

      public String getClientId()

      Getter for the field clientId.

      Returns:
      the clientId

    • getClientSecret

      public String getClientSecret()

      Getter for the field clientSecret.

      Returns:
      the clientSecret

    • getTokenEndpoint

      public String getTokenEndpoint()
      Returns:
      the tokenEndpoint

    • setTokenEndpoint

      public OpenIdProvider setTokenEndpoint(String tokenEndpoint)
      Parameters:
      tokenEndpoint - the tokenEndpoint to set
      Returns:
      this

    • getJwksUri

      public String getJwksUri()
      Returns:
      the jwksUri

    • setJwksUri

      public OpenIdProvider setJwksUri(String jwksUri)
      Parameters:
      jwksUri - the jwksUri to set
      Returns:
      this

    • getRedirectionEndpoint

      public String getRedirectionEndpoint()
      Returns:
      the redirectionEndpoint

    • setRedirectionEndpoint

      public OpenIdProvider setRedirectionEndpoint(String redirectionEndpoint)
      Parameters:
      redirectionEndpoint - the redirectionEndpoint to set
      Returns:
      this

    • getScope

      public String getScope()
      Returns:
      the scope

    • setScope

      public OpenIdProvider setScope(String scope)
      Parameters:
      scope - the scope to set
      Returns:
      this

    • getResponseType

      public String getResponseType()
      Returns:
      the responseType

    • setResponseType

      public OpenIdProvider setResponseType(String responseType)
      Parameters:
      responseType - the responseType to set
      Returns:
      this

    • getResponseMode

      public String getResponseMode()
      Returns:
      the responseMode

    • setResponseMode

      public OpenIdProvider setResponseMode(String responseMode)
      Parameters:
      responseMode - the responseMode to set
      Returns:
      this

    • getIssuer

      public String getIssuer()
      Returns:
      the issuer

    • setIssuer

      public OpenIdProvider setIssuer(String issuer)
      Parameters:
      issuer - the issuer to set
      Returns:
      this

    • getTokenCheckDelay

      public long getTokenCheckDelay()
      Returns:
      the tokenCheckDelay

    • setTokenCheckDelay

      public OpenIdProvider setTokenCheckDelay(long tokenCheckDelay)
      Parameters:
      tokenCheckDelay - the tokenCheckDelay to set
      Returns:
      this

    • getThirdPartyLoginUrl

      public String getThirdPartyLoginUrl()

    • getThirdPartyLoginApiKey

      public String getThirdPartyLoginApiKey()

    • getThirdPartyLoginScope

      public String getThirdPartyLoginScope()

    • getThirdPartyLoginReqParamDef

      public String getThirdPartyLoginReqParamDef()

    • getThirdPartyLoginClaim

      public String getThirdPartyLoginClaim()

    • setThirdPartyVariables

      public IAuthenticationProvider setThirdPartyVariables(String thirdPartyLoginUrl, String thirdPartyLoginApiKey, String thirdPartyLoginScope, String thirdPartyLoginReqParamDef, String thirdPartyLoginClaim)

    • getoAuthState

      public String getoAuthState()

      Getter for the field oAuthState.

      Returns:
      the oAuthState

    • setoAuthState

      public void setoAuthState(String oAuthState)

      Setter for the field oAuthState.

      Parameters:
      oAuthState - the oAuthState to set

    • getoAuthAccessToken

      public String getoAuthAccessToken()

      Getter for the field oAuthAccessToken.

      Returns:
      the oAuthAccessToken

    • setoAuthAccessToken

      public void setoAuthAccessToken(String oAuthAccessToken)

      Setter for the field oAuthAccessToken.

      Parameters:
      oAuthAccessToken - the oAuthAccessToken to set