Class ExtractDuoAuthenticationFromHeaders

All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action

public class ExtractDuoAuthenticationFromHeaders
extends AbstractAuthenticationAction
An action that extracts the Duo factor and device or passcode from HTTP request headers into a DuoAuthenticationContext, and attaches it to the AuthenticationContext.
Event:
EventIds.PROCEED_EVENT_ID, AuthnEventIds.NO_CREDENTIALS
Precondition:
      ProfileRequestContext.getSubcontext(AuthenticationContext.class) != null
      
Postcondition:
If getHttpServletRequest() != null, the content of the headers are checked. The information found will be attached via a DuoAuthenticationContext.
  • Field Details

    • log

      @Nonnull private final org.slf4j.Logger log
      Class logger.
    • autoAuthenticationSupported

      private boolean autoAuthenticationSupported
      Whether "auto" should be the default for factor and device.
    • clientAddressTrusted

      private boolean clientAddressTrusted
      Whether to trust, and extract, the client address.
    • factorHeaderName

      @Nonnull @NotEmpty private String factorHeaderName
      Header name for factor.
    • deviceHeaderName

      @Nonnull @NotEmpty private String deviceHeaderName
      Header name for device.
    • passcodeHeaderName

      @Nonnull @NotEmpty private String passcodeHeaderName
      Header name for passcode.
    • pushInfoLookupStrategy

      @Nullable private Function<ProfileRequestContext,​Map<String,​String>> pushInfoLookupStrategy
      Strategy function for populating pushinfo AuthAPI parameter.
  • Constructor Details

    • ExtractDuoAuthenticationFromHeaders

      ExtractDuoAuthenticationFromHeaders()
      Constructor.
  • Method Details

    • setFactorHeader

      public void setFactorHeader​(@Nonnull @NotEmpty String headerName)
      Set the factor header name.
      Parameters:
      headerName - the factor header name
    • setDeviceHeader

      public void setDeviceHeader​(@Nonnull @NotEmpty String headerName)
      Set the device header name.
      Parameters:
      headerName - the factor header name
    • setPasscodeHeader

      public void setPasscodeHeader​(@Nonnull @NotEmpty String headerName)
      Set the passcode header name.
      Parameters:
      headerName - the factor header name
    • isClientAddressTrusted

      public boolean isClientAddressTrusted()
      Get whether the client address should be trusted for use in API calls.
      Returns:
      whether client address should be trusted
    • setClientAdddressTrusted

      public void setClientAdddressTrusted​(boolean flag)
      Set whether the client address should be trusted for use in API calls.
      Parameters:
      flag - flag to set
    • isAutoAuthenticationSupported

      public boolean isAutoAuthenticationSupported()
      Get whether "auto" is the default setting.
      Returns:
      whether "auto" is the default setting
    • setAutoAuthenticationSupported

      public void setAutoAuthenticationSupported​(boolean flag)
      Set whether "auto" is the default setting.
      Parameters:
      flag - flag to set
    • setPushInfoLookupStrategy

      public void setPushInfoLookupStrategy​(@Nullable Function<ProfileRequestContext,​Map<String,​String>> strategy)
      Set lookup strategy for AuthAPI pushinfo parameter.
      Parameters:
      strategy - lookup strategy
    • doExecute

      protected void doExecute​(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext)
      Performs this authentication action. Default implementation throws an exception.
      Overrides:
      doExecute in class AbstractAuthenticationAction
      Parameters:
      profileRequestContext - the current IdP profile request context
      authenticationContext - the current authentication context
    • extractHeaders

      protected void extractHeaders​(@Nonnull DuoAuthenticationContext context)
      Extracts the Duo API arguments passed in via the request headers.
      Parameters:
      context - the DuoApiAuthContext to store the parameters in