Package org.codelibs.fess.sso.aad
Class AzureAdAuthenticator
java.lang.Object
org.codelibs.fess.sso.aad.AzureAdAuthenticator
- All Implemented Interfaces:
SsoAuthenticator
-
Nested Class Summary
Nested Classes -
Field Summary
FieldsModifier and TypeFieldDescriptionprotected longprotected static final Stringprotected static final Stringprotected static final Stringprotected static final Stringprotected static final Stringprotected static final Stringprotected static final Stringprotected static final Stringprotected static final Stringprotected static final Stringprotected longprotected static final Stringprotected static final Stringprotected static final String -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected booleancontainsAuthenticationData(javax.servlet.http.HttpServletRequest request) protected com.microsoft.aad.adal4j.AuthenticationResultgetAccessToken(com.nimbusds.oauth2.sdk.AuthorizationCode authorizationCode, String currentUri) com.microsoft.aad.adal4j.AuthenticationResultgetAccessToken(String refreshToken) protected Stringprotected StringgetAuthUrl(javax.servlet.http.HttpServletRequest request) protected Stringprotected Stringorg.lastaflute.web.login.credential.LoginCredentialprotected StringgetReplyUrl(javax.servlet.http.HttpServletRequest request) org.lastaflute.web.response.ActionResponsegetResponse(SsoResponseType responseType) protected longprotected Stringvoidinit()logout(FessUserBean user) protected com.nimbusds.openid.connect.sdk.AuthenticationResponseprotected org.lastaflute.web.login.credential.LoginCredentialprocessAuthenticationData(javax.servlet.http.HttpServletRequest request) protected voidprocessGroup(AzureAdCredential.AzureAdUser user, List<String> groupList, List<String> roleList, String id) protected voidprocessMemberOf(AzureAdCredential.AzureAdUser user, List<String> groupList, List<String> roleList, String url) protected voidprocessParentGroup(AzureAdCredential.AzureAdUser user, List<String> groupList, List<String> roleList, String id) protected AzureAdAuthenticator.StateDataremoveStateFromSession(javax.servlet.http.HttpSession session, String state) voidvoidsetAcquisitionTimeout(long acquisitionTimeout) voidsetGroupCacheExpiry(long groupCacheExpiry) protected voidstoreStateInSession(javax.servlet.http.HttpSession session, String state, String nonce) voidprotected voidvalidateAuthRespMatchesCodeFlow(com.nimbusds.openid.connect.sdk.AuthenticationSuccessResponse oidcResponse) protected voidvalidateNonce(AzureAdAuthenticator.StateData stateData, com.microsoft.aad.adal4j.AuthenticationResult authData) protected AzureAdAuthenticator.StateDatavalidateState(javax.servlet.http.HttpSession session, String state)
-
Field Details
-
AZUREAD_STATE_TTL
- See Also:
-
AZUREAD_AUTHORITY
- See Also:
-
AZUREAD_TENANT
- See Also:
-
AZUREAD_CLIENT_SECRET
- See Also:
-
AZUREAD_CLIENT_ID
- See Also:
-
AZUREAD_REPLY_URL
- See Also:
-
STATES
- See Also:
-
STATE
- See Also:
-
ERROR
- See Also:
-
ERROR_DESCRIPTION
- See Also:
-
ERROR_URI
- See Also:
-
ID_TOKEN
- See Also:
-
CODE
- See Also:
-
acquisitionTimeout
protected long acquisitionTimeout -
groupCache
-
groupCacheExpiry
protected long groupCacheExpiry
-
-
Constructor Details
-
AzureAdAuthenticator
public AzureAdAuthenticator()
-
-
Method Details
-
init
@PostConstruct public void init() -
getLoginCredential
public org.lastaflute.web.login.credential.LoginCredential getLoginCredential()- Specified by:
getLoginCredentialin interfaceSsoAuthenticator
-
getAuthUrl
-
storeStateInSession
-
processAuthenticationData
protected org.lastaflute.web.login.credential.LoginCredential processAuthenticationData(javax.servlet.http.HttpServletRequest request) -
parseAuthenticationResponse
-
validateNonce
protected void validateNonce(AzureAdAuthenticator.StateData stateData, com.microsoft.aad.adal4j.AuthenticationResult authData) -
getAccessToken
-
getAccessToken
protected com.microsoft.aad.adal4j.AuthenticationResult getAccessToken(com.nimbusds.oauth2.sdk.AuthorizationCode authorizationCode, String currentUri) -
validateAuthRespMatchesCodeFlow
protected void validateAuthRespMatchesCodeFlow(com.nimbusds.openid.connect.sdk.AuthenticationSuccessResponse oidcResponse) -
validateState
protected AzureAdAuthenticator.StateData validateState(javax.servlet.http.HttpSession session, String state) -
removeStateFromSession
protected AzureAdAuthenticator.StateData removeStateFromSession(javax.servlet.http.HttpSession session, String state) -
containsAuthenticationData
protected boolean containsAuthenticationData(javax.servlet.http.HttpServletRequest request) -
updateMemberOf
-
processMemberOf
-
processParentGroup
-
getParentGroup
protected org.codelibs.core.misc.Pair<String[],String[]> getParentGroup(AzureAdCredential.AzureAdUser user, String id) -
processGroup
-
getDefaultGroupList
-
getDefaultRoleList
-
getClientId
-
getClientSecret
-
getTenant
-
getAuthority
-
getStateTtl
protected long getStateTtl() -
getReplyUrl
-
resolveCredential
- Specified by:
resolveCredentialin interfaceSsoAuthenticator
-
setAcquisitionTimeout
public void setAcquisitionTimeout(long acquisitionTimeout) -
setGroupCacheExpiry
public void setGroupCacheExpiry(long groupCacheExpiry) -
getResponse
- Specified by:
getResponsein interfaceSsoAuthenticator
-
logout
- Specified by:
logoutin interfaceSsoAuthenticator
-