Package com.authlete.common.dto

Class AuthenticationCallbackResponse

  • All Implemented Interfaces:
    Serializable
    public class AuthenticationCallbackResponse
extends Object
implements Serializable
    Authentication response from a service implementation to Authlete.
    Since:
    1.1
    Author:
    Takahiko Kawasaki
    See Also:
    Serialized Form

    • Constructor Detail

      • AuthenticationCallbackResponse

        public AuthenticationCallbackResponse()

    • Method Detail

      • isAuthenticated

        public boolean isAuthenticated()
        Get the authentication result.
        Returns:
        true if the credentials of the end-user were valid. Otherwise, false.

      • setAuthenticated

        public AuthenticationCallbackResponse setAuthenticated​(boolean authenticated)
        Set the authentication result.

        When the credentials (id and password) in the authentication callback request (AuthenticationCallbackRequest) are valid, true should be set to this property.

        Parameters:
        authenticated - true if the credentials of the end-user were valid. Otherwise, false.
        Returns:
        this object.

      • getSubject

        public String getSubject()
        Get the subject (= unique identifier) of the authenticated user.
        Returns:
        The subject (= unique identifier) of the authenticated user.

      • setSubject

        public AuthenticationCallbackResponse setSubject​(String subject)
        Set the subject (= unique identifier) of the authenticated user.

        When the credentials (id and password) in the authentication callback request (AuthenticationCallbackRequest) are valid, the subject (= unique identifier) of the end-user should be set to this property.

        The value of subject does not always have to be equal to the value of id in the authentication callback request. For example, id may be an email address but a service implementation may have generated and assigned a unique identifier such as 60504791 to the end-user who is represented by the email address. In such a case, 60504791 should be set as subject.

        Parameters:
        subject - The subject (= unique identifier) of the authenticated user. When the authentication failed, this property should be null.
        Returns:
        this object.

      • getClaims

        public String getClaims()
        Get the claims of the authenticated user in JSON format.
        Returns:
        The claims of the authenticated user in JSON format.

      • setClaims

        public AuthenticationCallbackResponse setClaims​(String claims)
        Set the claims of the authenticated user in JSON format.

        For example, to embed "given_name" claim, "family_name" claim and "email" claim, the string should be formatted like the following. 

         {
   "given_name": "Takahiko",
   "family_name": "Kawasaki",
   "email": "takahiko.kawasaki@example.com"
 }

        See "5.1. Standard Claims" in OpenID Connect Core 1.0 for further details about the format.

        This property does not have to be set (1) when the credentials (id and password) in the authentication callback request (AuthenticationCallbackRequest) were invalid, (2) when the authentication callback request did not contain any claims (= claims request parameter was null or empty), or (3) when the service implementation could not provide data for any of the requested claims.

        Parameters:
        claims - The claims of the authenticated user in JSON format.
        Returns:
        this object.