Class AuthenticationResult

  • All Implemented Interfaces:
    PrincipalSupportingComponent

    public class AuthenticationResult
    extends Object
    implements PrincipalSupportingComponent
    Describes an act of authentication.

    Any authentication flow that succeeds must produce a single instance of this object. It may be composite, in the sense that it may represent a combination of separate exchanges that make up a single overall result, but the IdP always acts on a single result as the product of a given request for a login.

    • Field Detail

      • subject

        @Nonnull
        private final Subject subject
        The Subject established by the authentication result.
      • authenticationFlowId

        @Nonnull
        @NotEmpty
        private final String authenticationFlowId
        The identifier of the flow used to produce this result.
      • authenticationInstant

        @Nonnull
        private Instant authenticationInstant
        The time that the authentication completed.
      • lastActivityInstant

        @Nonnull
        private Instant lastActivityInstant
        The last time this result was used to bypass authentication.
      • previousResult

        private boolean previousResult
        Tracks whether a result was loaded from a previous session or created as part of the current request.
    • Constructor Detail

      • AuthenticationResult

        public AuthenticationResult​(@Nonnull @NotEmpty
                                    String flowId,
                                    @Nonnull
                                    Subject newSubject)
        Constructor.

        Sets the authentication instant to the current time.

        Parameters:
        flowId - the workflow used to authenticate the subject
        newSubject - a Subject identifying the authenticated entity
      • AuthenticationResult

        public AuthenticationResult​(@Nonnull @NotEmpty
                                    String flowId,
                                    @Nonnull
                                    Principal principal)
        Constructor.

        Sets the authentication instant to the current time.

        Parameters:
        flowId - the workflow used to authenticate the subject
        principal - a Principal identifying the authenticated entity
    • Method Detail

      • getReuseCondition

        @Nonnull
        public Predicate<ProfileRequestContext> getReuseCondition()
        Get condition controlling whether this result should be reused for SSO.
        Returns:
        condition controlling whether result should be reused for SSO
        Since:
        4.0.0
      • setReuseCondition

        public void setReuseCondition​(@Nonnull
                                      Predicate<ProfileRequestContext> condition)
        Set condition controlling whether this result should be reused for SSO.
        Parameters:
        condition - condition to set
        Since:
        4.0.0
      • getSubject

        @Nonnull
        public Subject getSubject()
        Get the Subject identifying the authenticated entity.
        Returns:
        a Subject identifying the authenticated entity
      • getAuthenticationFlowId

        @Nonnull
        @NotEmpty
        public String getAuthenticationFlowId()
        Get the flow used to authenticate the principal.
        Returns:
        flow used to authenticate the principal
      • getAuthenticationInstant

        @Nonnull
        public Instant getAuthenticationInstant()
        Get the time that the authentication completed.
        Returns:
        time that the authentication completed
      • setAuthenticationInstant

        public void setAuthenticationInstant​(@Nonnull
                                             Instant instant)
        Set the time that the authentication completed.
        Parameters:
        instant - time that the authentication completed, never non-positive
      • getLastActivityInstant

        @Nonnull
        public Instant getLastActivityInstant()
        Get the last time this result was used for authentication.
        Returns:
        last time this result was used for authentication
      • setLastActivityInstant

        public void setLastActivityInstant​(@Nonnull
                                           Instant instant)
        Set the last time result was used for authentication.
        Parameters:
        instant - last time result was used to bypass authentication
      • setLastActivityInstantToNow

        public void setLastActivityInstantToNow()
        Set the last activity instant for this result to the current time.
      • isPreviousResult

        public boolean isPreviousResult()
        Get whether this result was loaded from a session as the product of a previous request.
        Returns:
        true iff this result was produced as part of an earlier request
        Since:
        3.3.0
      • setPreviousResult

        public void setPreviousResult​(boolean flag)
        Set whether this result was loaded from a session as the product of a previous request.
        Parameters:
        flag - flag to set
        Since:
        3.3.0
      • getAdditionalData

        @Nonnull
        @NonnullElements
        @Live
        public Map<String,​String> getAdditionalData()
        Gets a mutable map of additional name/value string properties to associate with and store with the result.

        Note that the implementation may or may not explicitly break on null keys or values but using them is not intended to work and the behavior in such cases is unspecified.

        Returns:
        a mutable map
        Since:
        4.0.0
      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object
      • getSubjectName

        @Nullable
        private String getSubjectName()
        Get a suitable principal name for logging/debugging use.
        Returns:
        a principal name for logging/debugging