Package com.authlete.jaxrs.spi
Class BackchannelAuthenticationCompleteRequestHandlerSpiAdapter
- java.lang.Object
-
- com.authlete.jaxrs.spi.BackchannelAuthenticationCompleteRequestHandlerSpiAdapter
-
- All Implemented Interfaces:
BackchannelAuthenticationCompleteRequestHandlerSpi
public class BackchannelAuthenticationCompleteRequestHandlerSpiAdapter extends Object implements BackchannelAuthenticationCompleteRequestHandlerSpi
Empty implementation ofBackchannelAuthenticationCompleteRequestHandlerSpiinterface.- Since:
- 2.13
- Author:
- Hideki Ikeda
-
-
Constructor Summary
Constructors Constructor Description BackchannelAuthenticationCompleteRequestHandlerSpiAdapter()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringgetAcr()Get the authentication context class reference (ACR) that was satisfied when the end-user was authenticated.StringgetErrorDescription()Get the description of the error.URIgetErrorUri()Get the URI of a document which describes the error in detail.com.authlete.common.dto.Property[]getProperties()Get extra properties to associate with an access token.com.authlete.common.dto.BackchannelAuthenticationCompleteRequest.ResultgetResult()Get the result of end-user authentication and authorization.String[]getScopes()Get scopes to be associated with the access token.longgetUserAuthenticatedAt()Get the time when the end-user was authenticated.ObjectgetUserClaim(String claimName)Get the value of a claim of the user.StringgetUserSubject()Get the subject (= unique identifier) of the end-user.voidsendNotification(com.authlete.common.dto.BackchannelAuthenticationCompleteResponse info)Send a notification to the client notification endpoint as described in CIBA Core specification.
-
-
-
Method Detail
-
getResult
public com.authlete.common.dto.BackchannelAuthenticationCompleteRequest.Result getResult()
Description copied from interface:BackchannelAuthenticationCompleteRequestHandlerSpiGet the result of end-user authentication and authorization.- Specified by:
getResultin interfaceBackchannelAuthenticationCompleteRequestHandlerSpi- Returns:
- The result of end-user authentication and authorization.
-
getUserSubject
public String getUserSubject()
Description copied from interface:BackchannelAuthenticationCompleteRequestHandlerSpiGet the subject (= unique identifier) of the end-user. It must consist of only ASCII letters and its length must not exceed 100.In a typical case, the subject is a primary key or another unique ID of the record that represents the end-user in your user database.
- Specified by:
getUserSubjectin interfaceBackchannelAuthenticationCompleteRequestHandlerSpi- Returns:
- The subject (= unique identifier) of the end-user.
-
getUserAuthenticatedAt
public long getUserAuthenticatedAt()
Description copied from interface:BackchannelAuthenticationCompleteRequestHandlerSpiGet the time when the end-user was authenticated.This method is called only when
BackchannelAuthenticationCompleteRequestHandlerSpi.getResult()has returnedAUTHORIZED.- Specified by:
getUserAuthenticatedAtin interfaceBackchannelAuthenticationCompleteRequestHandlerSpi- Returns:
- The time when the end-user authentication occurred. The number of seconds since Unix epoch (1970-01-01). Return 0 if the time is unknown.
-
getAcr
public String getAcr()
Description copied from interface:BackchannelAuthenticationCompleteRequestHandlerSpiGet the authentication context class reference (ACR) that was satisfied when the end-user was authenticated.If you don't know what ACR is, return
null.This method is called only when
BackchannelAuthenticationCompleteRequestHandlerSpi.getResult()has returnedAUTHORIZED.- Specified by:
getAcrin interfaceBackchannelAuthenticationCompleteRequestHandlerSpi- Returns:
- The authentication context class reference (ACR) that was satisfied when the end-user was authenticated.
-
getUserClaim
public Object getUserClaim(String claimName)
Description copied from interface:BackchannelAuthenticationCompleteRequestHandlerSpiGet the value of a claim of the user.This method may be called multiple times. Note that this method is called only when
BackchannelAuthenticationCompleteRequestHandlerSpi.getResult()has returnedAUTHORIZED.- Specified by:
getUserClaimin interfaceBackchannelAuthenticationCompleteRequestHandlerSpi- Parameters:
claimName- A claim name such asnameandfamily_name. Standard claim names are listed in "5.1. Standard Claims" of OpenID Connect Core 1.0. Java constant values that represent the standard claims are listed inStandardClaimsclass. The value ofclaimNamedoes NOT contain a language tag.- Returns:
- The claim value.
nullif the claim value of the claim is not available.
-
getProperties
public com.authlete.common.dto.Property[] getProperties()
Description copied from interface:BackchannelAuthenticationCompleteRequestHandlerSpiGet extra properties to associate with an access token.This method is expected to return an array of extra properties. The following is an example that returns an array containing one extra property.
@Override public
Property[] getProperties() { return newProperty[] { newProperty("example_parameter", "example_value") }; }Extra properties returned from this method will appear as top-level entries in a JSON response from an authorization server as shown in 5.1. Successful Response in RFC 6749.
Note that there is an upper limit on the total size of extra properties. On the server side, the properties will be (1) converted to a multidimensional string array, (2) converted to JSON, (3) encrypted by AES/CBC/PKCS5Padding, (4) encoded by base64url, and then stored into the database. The length of the resultant string must not exceed 65,535 in bytes. This is the upper limit, but we think it is big enough.
- Specified by:
getPropertiesin interfaceBackchannelAuthenticationCompleteRequestHandlerSpi- Returns:
- Extra properties. If
nullis returned, any extra property will not be associated.
-
getScopes
public String[] getScopes()
Description copied from interface:BackchannelAuthenticationCompleteRequestHandlerSpiGet scopes to be associated with the access token. If this method returns a non-null value, the set of scopes will be used instead of the scopes specified in the original backchannel authentication request.- Specified by:
getScopesin interfaceBackchannelAuthenticationCompleteRequestHandlerSpi- Returns:
- Scopes to replace the scopes specified in the original
backchannel authentication request with. When
nullis returned from this method, replacement is not performed.
-
sendNotification
public void sendNotification(com.authlete.common.dto.BackchannelAuthenticationCompleteResponse info)
Description copied from interface:BackchannelAuthenticationCompleteRequestHandlerSpiSend a notification to the client notification endpoint as described in CIBA Core specification.Note that the specification defines how the Open ID provider deals with responses from the client notification endpoint. The following is an excerpt from "10.2. Ping Callback" and "10.3.1. Successful Token Delivery" of the specification.
For valid requests, the Client Notification Endpoint SHOULD respond with an HTTP 204 No Content. The OP SHOULD also accept responses with HTTP 200 OK and any body in the response SHOULD be ignored.
The Client MUST NOT return an HTTP 3xx code. The OP MUST NOT follow redirects.
How the OP handles HTTP error codes in the ranges of 4xx and 5xx is out-of-scope of this specification. Administrative action is likely to be needed in these cases.- Specified by:
sendNotificationin interfaceBackchannelAuthenticationCompleteRequestHandlerSpi- Parameters:
info- An object having information required to send a notification to the client notification endpoint.
-
getErrorDescription
public String getErrorDescription()
Description copied from interface:BackchannelAuthenticationCompleteRequestHandlerSpiGet the description of the error. This corresponds to theerror_descriptionproperty in the response to the client.- Specified by:
getErrorDescriptionin interfaceBackchannelAuthenticationCompleteRequestHandlerSpi- Returns:
- The description of the error.
-
getErrorUri
public URI getErrorUri()
Description copied from interface:BackchannelAuthenticationCompleteRequestHandlerSpiGet the URI of a document which describes the error in detail. This corresponds to theerror_uriproperty in the response to the client.- Specified by:
getErrorUriin interfaceBackchannelAuthenticationCompleteRequestHandlerSpi- Returns:
- The URI of a document which describes the error in detail.
-
-