Package io.goobi.viewer.model.security.authentication

Class OpenIdProvider

java.lang.Object
io.goobi.viewer.model.security.authentication.HttpAuthenticationProvider
io.goobi.viewer.model.security.authentication.OpenIdProvider
All Implemented Interfaces:
IAuthenticationProvider
public class OpenIdProvider extends HttpAuthenticationProvider

OpenIdProvider class.

  • Field Details

  • Constructor Details

    • OpenIdProvider

      public OpenIdProvider(String name, String label, String url, String image, long timeoutMillis, String clientId, String clientSecret)

      Constructor for OpenIdProvider.

      Parameters:
      name - a String object.
      label - a String object.
      url - a String object.
      image - a String object.
      timeoutMillis - a long.
      clientId - a String object.
      clientSecret - a String object.

  • Method Details

    • getClientId

      public String getClientId()

      Getter for the field clientId.

      Returns:
      the clientId

    • getClientSecret

      public String getClientSecret()

      Getter for the field clientSecret.

      Returns:
      the clientSecret

    • login

      public CompletableFuture<LoginResult> login(String loginName, String password) throws AuthenticationProviderException
      Returns a future containing the login result upon completion. The result optionally contains the logged in User as well as the HttpServletRequest and HttpServletResponse to be used to complete the login and possible request forwarding If an error occurs and the request can not be processed, an AuthenticationException must be thrown. If a login has been refused, the exact reasons can be determined using the methods isActive, isSuspended and isRefused
      Parameters:
      loginName - a String object.
      password - A string to be used as a password or similar for login. If the provider does not require such a string, this can be left empty or null
      Returns:
      A CompletableFuture which is resolved once login is completed and contains a LoginResult
      Throws:
      AuthenticationProviderException - if any.

    • completeLogin

      public Future<Boolean> completeLogin(org.json.JSONObject json, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Tries to find or create a valid User based on the given json object. Generates a LoginResult containing the given request and response and either an optional containing the user or nothing if no user was found, or a AuthenticationProviderException if an internal error occured during login If this method is not called within HttpAuthenticationProvider.getTimeoutMillis() ms after calling {@#login(String, String)}, a loginResponse is created containing an appropriate exception. In any case, the future returned by login(String, String) is resolved
      Parameters:
      json - The server response as json object. If null, the login request is resolved as failure
      request - a HttpServletRequest object.
      response - a HttpServletResponse object.
      Returns:
      a Future object.

    • logout

      public void logout() throws AuthenticationProviderException
      Logs the user out
      Throws:
      AuthenticationProviderException - if any.

    • allowsPasswordChange

      public boolean allowsPasswordChange()
      Check whether this authentication service allows user to edit their password or to reset it
      Returns:
      true if the authentication service provides means to change or reset the user password

    • getoAuthState

      public String getoAuthState()

      Getter for the field oAuthState.

      Returns:
      the oAuthState

    • setoAuthState

      public void setoAuthState(String oAuthState)

      Setter for the field oAuthState.

      Parameters:
      oAuthState - the oAuthState to set

    • getoAuthAccessToken

      public String getoAuthAccessToken()

      Getter for the field oAuthAccessToken.

      Returns:
      the oAuthAccessToken

    • setoAuthAccessToken

      public void setoAuthAccessToken(String oAuthAccessToken)

      Setter for the field oAuthAccessToken.

      Parameters:
      oAuthAccessToken - the oAuthAccessToken to set

    • allowsNicknameChange

      public boolean allowsNicknameChange()

      allowsNicknameChange.

      Returns:
      true if the nickname may be changed and is not essential for user identification

    • allowsEmailChange

      public boolean allowsEmailChange()

      allowsEmailChange.

      Returns:
      true if the email may be changed and is not essential for user identification