Package com.authlete.jaxrs.spi

Class BackchannelAuthenticationRequestHandlerSpiAdapter

    • Constructor Detail

      • BackchannelAuthenticationRequestHandlerSpiAdapter

        public BackchannelAuthenticationRequestHandlerSpiAdapter()

    • Method Detail

      • getUserByHint

        public com.authlete.common.types.User getUserByHint​(com.authlete.common.types.UserIdentificationHintType hintType,
                                                    String hint,
                                                    String sub)
        Description copied from interface: BackchannelAuthenticationRequestHandlerSpi
        Get a user by the hint.
        Specified by:
        getUserByHint in interface BackchannelAuthenticationRequestHandlerSpi
        Parameters:
        hintType - The type of the hint contained in the backchannel authentication request.
        hint - The hint contained in the backchannel authentication request. This value is equivalent to the value of the "login_hint" request parameter, the "id_token_hint" request parameter or the "login_hint_token" request parameter contained in the backchannel authentication request.
        sub - The value of the "sub" claim of the ID token hint contained in the backchannel authentication request as the "id_token_hint" request parameter. This value is null if the backchannel authentication request does not contain the "id_token_hint" request parameter.
        Returns:
        A user identified by the hint. null is returned if a user is not found using the hint.

      • isLoginHintTokenExpired

        public boolean isLoginHintTokenExpired​(String loginHintToken)
        Description copied from interface: BackchannelAuthenticationRequestHandlerSpi
        Check whether a login hint token expired or not.

        This method is called only when the "login_hint_token" request parameter is contained in the backchannel authentication request.

        Specified by:
        isLoginHintTokenExpired in interface BackchannelAuthenticationRequestHandlerSpi
        Parameters:
        loginHintToken - The value of the "login_hint_token" request parameter contained in the backchannel authentication request..
        Returns:
        true if the login hint token has already expired. Otherwise, false.

      • shouldCheckUserCode

        public boolean shouldCheckUserCode​(com.authlete.common.types.User user,
                                   com.authlete.common.dto.BackchannelAuthenticationResponse info)
        Description copied from interface: BackchannelAuthenticationRequestHandlerSpi
        Check whether a user code should be checked or not.
        Specified by:
        shouldCheckUserCode in interface BackchannelAuthenticationRequestHandlerSpi
        Parameters:
        user - A user from whom the client asks for authorization.
        info - The information about the backchannel authentication request.
        Returns:
        true if a user code should be checked. Otherwise, false.

      • startCommunicationWithAuthenticationDevice

        public void startCommunicationWithAuthenticationDevice​(com.authlete.common.types.User user,
                                                       com.authlete.common.dto.BackchannelAuthenticationResponse baRes,
                                                       com.authlete.common.dto.BackchannelAuthenticationIssueResponse baiRes)
        Description copied from interface: BackchannelAuthenticationRequestHandlerSpi
        Start a background process where the authorization server starts communicating with an authentication device for end-user authentication and authorization.

        Typically this method will invoke a new thread in which the communication between the authorization server and the authentication device will occur.

        Specified by:
        startCommunicationWithAuthenticationDevice in interface BackchannelAuthenticationRequestHandlerSpi
        Parameters:
        user - A user who is to be authenticated and asked to authorize the client application.
        baRes - The response from Authlete's /api/backchannel/authentication API.
        baiRes - The response from Authlete's /api/backchannel/authentication/issue API.

      • isValidBindingMessage

        public boolean isValidBindingMessage​(String bindingMessage)
        Description copied from interface: BackchannelAuthenticationRequestHandlerSpi
        Check if a binding message is valid or not.

        This method is called only when the binding_message request parameter is contained in the backchannel authentication request.

        Specified by:
        isValidBindingMessage in interface BackchannelAuthenticationRequestHandlerSpi
        Parameters:
        bindingMessage - The value of the binding_message request parameter contained in the backchannel authentication request.
        Returns:
        true if the binding message is valid. Otherwise, false.