java.lang.Object
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
- - net.shibboleth.idp.plugin.authn.duo.impl.DuoOIDCAuthnController

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent
```
@ThreadSafe
@Controller
@RequestMapping("%{idp.duo.oidc.externalAuthnPath:/Authn/Duo/2FA}")
public class DuoOIDCAuthnController
extends AbstractInitializableComponent
```
MVC controller for managing Duo 2FA exchanges implemented as an ExternalAuthentication mechanism.

The controller initiates the Duo OIDC authorization code grant flow and accepts the authorization code response.

Is effectively immutable once published by Spring. Is a thread-safe singleton.

Field Summary

Fields
Modifier and Type	Field	Description
`static String`	`CODE_PARAMETER`	The name of the Http parameter that stores the authorisation code.
`private Function<ProfileRequestContext,DuoOIDCAuthenticationContext>`	`duoContextLookupStrategy`	Lookup strategy to locate the Duo authentication context.
`private org.slf4j.Logger`	`log`	Class logger.
`static String`	`STATE_PARAMETER`	The name of the Http parameter that stores the state value.

Constructor Summary

Constructors
Constructor Description

DuoOIDCAuthnController()
Constructor.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`void`	`authorizationCallback(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)`	The redirect_uri endpoint for accepting an authorization code and resuming the flow execution.
`void`	`authorizationRequest(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)`	Start the Duo ODIC authorization code flow.
`private Function<ProfileRequestContext,DuoOIDCAuthenticationContext>`	`getDuoContextLookupStrategy()`	Internally synchronized method for accessing the Duo context lookup strategy.
`void`	`setDuoContextLookupStrategy(Function<ProfileRequestContext,DuoOIDCAuthenticationContext> strategy)`	Set Duo authentication context lookup strategy to use.

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- CODE_PARAMETER
```
@Nonnull
@NotEmpty
public static final String CODE_PARAMETER
```
  The name of the Http parameter that stores the authorisation code.
  
  See Also:
  
  Constant Field Values
- STATE_PARAMETER
```
@Nonnull
@NotEmpty
public static final String STATE_PARAMETER
```
  The name of the Http parameter that stores the state value.
  
  See Also:
  
  Constant Field Values
- log
```
@Nonnull
private final org.slf4j.Logger log
```
  Class logger.
- duoContextLookupStrategy
```
@Nonnull
private Function<ProfileRequestContext,DuoOIDCAuthenticationContext> duoContextLookupStrategy
```
  Lookup strategy to locate the Duo authentication context.

Constructor Detail
- DuoOIDCAuthnController
```
public DuoOIDCAuthnController()
```
  Constructor.

Method Detail

setDuoContextLookupStrategy

public void setDuoContextLookupStrategy(@Nonnull
                                        Function<ProfileRequestContext,DuoOIDCAuthenticationContext> strategy)

Set Duo authentication context lookup strategy to use.

Parameters:: strategy - lookup strategy

getDuoContextLookupStrategy
```
private Function<ProfileRequestContext,DuoOIDCAuthenticationContext> getDuoContextLookupStrategy()
```
Internally synchronized method for accessing the Duo context lookup strategy.

Returns:

the duo context lookup strategy.

authorizationRequest

@GetMapping("/authorize")
public void authorizationRequest(@Nonnull
                                 javax.servlet.http.HttpServletRequest httpRequest,
                                 @Nonnull
                                 javax.servlet.http.HttpServletResponse httpResponse)
                          throws net.shibboleth.idp.authn.ExternalAuthenticationException,
                                 IOException

Start the Duo ODIC authorization code flow. The SWF execution key is encoded in the state parameter so it can be extracted on return from Duo.

Parameters:: httpRequest - servlet request; httpResponse - servlet response
Throws:: net.shibboleth.idp.authn.ExternalAuthenticationException - if an error occurs; IOException - if an I/O error occurs

authorizationCallback

@GetMapping("/duo-callback")
public void authorizationCallback(@Nonnull
                                  javax.servlet.http.HttpServletRequest httpRequest,
                                  @Nonnull
                                  javax.servlet.http.HttpServletResponse httpResponse)
                           throws net.shibboleth.idp.authn.ExternalAuthenticationException,
                                  IOException

The redirect_uri endpoint for accepting an authorization code and resuming the flow execution.

Parameters:: httpRequest - servlet request; httpResponse - servlet response
Throws:: net.shibboleth.idp.authn.ExternalAuthenticationException - if an error occurs; IOException - if an I/O error occurs

Class DuoOIDCAuthnController

Field Summary

Constructor Summary

Method Summary

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

Methods inherited from class java.lang.Object

Field Detail

CODE_PARAMETER

STATE_PARAMETER

log

duoContextLookupStrategy

Constructor Detail

DuoOIDCAuthnController

Method Detail

setDuoContextLookupStrategy

getDuoContextLookupStrategy

authorizationRequest

authorizationCallback