Package net.shibboleth.idp.authn.impl

Class PopulateAuthenticationContext

java.lang.Object
net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
org.opensaml.profile.action.AbstractProfileAction
org.opensaml.profile.action.AbstractConditionalProfileAction
net.shibboleth.idp.profile.AbstractProfileAction
net.shibboleth.idp.authn.AbstractAuthenticationAction
net.shibboleth.idp.authn.impl.PopulateAuthenticationContext
All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action
public class PopulateAuthenticationContext extends AbstractAuthenticationAction
An action that populates an AuthenticationContext with the AuthenticationFlowDescriptor objects configured into the IdP, potential flows filtered by flow IDs from a lookup function.

If a RequestedPrincipalContext child is found, then optionally a customized PrincipalEvalPredicateFactoryRegistry will be installed into it.

The flow IDs used for filtering must omit the AuthenticationFlowDescriptor.FLOW_ID_PREFIX prefix.

Event:
EventIds.PROCEED_EVENT_ID
Precondition:
ProfileRequestContext.getSubcontext(AuthenticationContext.class) != null
Postcondition:
The AuthenticationContext is modified as above.

  • Field Details

  • Constructor Details

    • PopulateAuthenticationContext

      public PopulateAuthenticationContext()
      Constructor.

  • Method Details

    • setAvailableFlows

      public void setAvailableFlows(@Nonnull @NonnullElements Collection<AuthenticationFlowDescriptor> flows)
      Set the flows known to the system.
      Parameters:
      flows - the flows known to the system

    • setPotentialFlowsLookupStrategy

      public void setPotentialFlowsLookupStrategy(@Nonnull Function<ProfileRequestContext,Collection<AuthenticationFlowDescriptor>> strategy)
      Set the lookup strategy for the flows to make available for use (a subset of the available ones).
      Parameters:
      strategy - lookup strategy
      Since:
      4.2.0

    • setActiveFlowsLookupStrategy

      public void setActiveFlowsLookupStrategy(@Nonnull Function<ProfileRequestContext,Collection<String>> strategy)
      Set the lookup strategy to use for the authentication flows to activate.
      Parameters:
      strategy - lookup strategy

    • getPrincipalPredicateFactoryEvalRegistry

      @Nonnull public PrincipalEvalPredicateFactoryRegistry getPrincipalPredicateFactoryEvalRegistry()
      Get the registry of predicate factories for custom principal evaluation.
      Returns:
      predicate factory registry

    • setPrincipalEvalPredicateFactoryRegistry

      public void setPrincipalEvalPredicateFactoryRegistry(@Nonnull PrincipalEvalPredicateFactoryRegistry registry)
      Set the registry of predicate factories for custom principal evaluation.
      Parameters:
      registry - predicate factory registry

    • setFixedEventLookupStrategy

      public void setFixedEventLookupStrategy(@Nullable Function<ProfileRequestContext,String> strategy)
      Set optional lookup strategy to return a fixed event to return from credential validation to exercise error and warning logic.
      Parameters:
      strategy - lookup strategy
      Since:
      3.4.0

    • doExecute

      protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext)
      Performs this authentication action. Default implementation throws an exception.
      Overrides:
      doExecute in class AbstractAuthenticationAction
      Parameters:
      profileRequestContext - the current IdP profile request context
      authenticationContext - the current authentication context