Class ExtractActiveAuthenticationResults

All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action

public class ExtractActiveAuthenticationResults
extends AbstractAuthenticationAction
An authentication action that populates a AuthenticationContext with the active AuthenticationResult objects found in a SessionContext that is a direct child of the ProfileRequestContext.

Only results from flows in the "potentialFlows" collection in the AuthenticationContext are extracted, which prevents cross-contamination between SPs that have differing rules established for which flows are to be active, because the potentialFlows collection is filtered by that criterion.

If AuthenticationContext.getHintedName() is null, then it is populated with the principal name from the session.

Event:
EventIds.PROCEED_EVENT_ID
Precondition:
ProfileRequestContext.getSubcontext(AuthenticationContext.class, false) != null
Postcondition:
AuthenticationContext is modified as above.
  • Field Details

    • log

      @Nonnull private final org.slf4j.Logger log
      Class logger.
    • sessionContextLookupStrategy

      @Nonnull private Function<ProfileRequestContext,​SessionContext> sessionContextLookupStrategy
      Lookup function for SessionContext.
    • session

      @Nullable private IdPSession session
      Session to copy results from.
  • Constructor Details

    • ExtractActiveAuthenticationResults

      public ExtractActiveAuthenticationResults()
      Constructor.
  • Method Details

    • setSessionContextLookupStrategy

      public void setSessionContextLookupStrategy​(@Nonnull Function<ProfileRequestContext,​SessionContext> strategy)
      Set the lookup strategy for the SessionContext to access.
      Parameters:
      strategy - lookup strategy
    • doPreExecute

      protected boolean doPreExecute​(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext)
      Performs this authentication action's pre-execute step. Default implementation just returns true.
      Overrides:
      doPreExecute in class AbstractAuthenticationAction
      Parameters:
      profileRequestContext - the current IdP profile request context
      authenticationContext - the current authentication context
      Returns:
      true iff execution should continue
    • doExecute

      protected void doExecute​(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext)
      Performs this authentication action. Default implementation throws an exception.
      Overrides:
      doExecute in class AbstractAuthenticationAction
      Parameters:
      profileRequestContext - the current IdP profile request context
      authenticationContext - the current authentication context