AbstractAuthenticationHandler (SSO for Atlassian Data Center 4.3.7 API)

java.lang.Object
- com.atlassian.plugins.authentication.sso.web.AbstractAuthenticationHandler<T>

All Implemented Interfaces:: AuthenticationHandler<T>

Direct Known Subclasses:: OidcAuthenticationHandler, SamlAuthenticationHandler

public abstract class AbstractAuthenticationHandler<T extends IdpConfig>
extends Object
implements AuthenticationHandler<T>

Field Summary

Fields
Modifier and Type	Field and Description
`protected com.atlassian.sal.api.ApplicationProperties`	`applicationProperties`
`protected ApplicationStateValidator`	`applicationStateValidator`
`protected SessionDataService`	`sessionDataService`
`protected com.atlassian.soy.renderer.SoyTemplateRenderer`	`soyTemplateRenderer`
`protected TargetUrlNormalizer`	`targetUrlNormalizer`
`protected com.atlassian.plugin.webresource.WebResourceUrlProvider`	`webResourceUrlProvider`

Constructor Summary

Constructors
Modifier	Constructor and Description
`protected`	`AbstractAuthenticationHandler(com.atlassian.sal.api.ApplicationProperties applicationProperties, ApplicationStateValidator applicationStateValidator, SessionDataService sessionDataService, TargetUrlNormalizer targetUrlNormalizer, com.atlassian.plugin.webresource.WebResourceUrlProvider webResourceUrlProvider, com.atlassian.soy.renderer.SoyTemplateRenderer soyTemplateRenderer)`

Method Summary

All Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method and Description
`String`	`getIssuerUrl()`
`boolean`	`isCorrectlyConfigured(IdpConfig idpConfig)`
`protected boolean`	`isPermissionViolation(javax.servlet.http.HttpServletRequest request)`
`protected abstract AuthenticationRequest`	`prepareAuthenticationRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, T idpConfig)`
`void`	`processAuthenticationRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String destinationUrl, T idpConfig)` Do provider-specific authentication.
`void`	`processAuthenticationRequestForRelativeDestinationUrl(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, URI relativeDestinationUri, T idpConfig)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.atlassian.plugins.authentication.sso.web.AuthenticationHandler
getConsumerServletUrl

Field Detail

applicationProperties

protected final com.atlassian.sal.api.ApplicationProperties applicationProperties

applicationStateValidator

protected final ApplicationStateValidator applicationStateValidator

sessionDataService

protected final SessionDataService sessionDataService

targetUrlNormalizer

protected final TargetUrlNormalizer targetUrlNormalizer

webResourceUrlProvider

protected final com.atlassian.plugin.webresource.WebResourceUrlProvider webResourceUrlProvider

soyTemplateRenderer

protected final com.atlassian.soy.renderer.SoyTemplateRenderer soyTemplateRenderer

Constructor Detail

AbstractAuthenticationHandler

protected AbstractAuthenticationHandler(com.atlassian.sal.api.ApplicationProperties applicationProperties,
                                        ApplicationStateValidator applicationStateValidator,
                                        SessionDataService sessionDataService,
                                        TargetUrlNormalizer targetUrlNormalizer,
                                        com.atlassian.plugin.webresource.WebResourceUrlProvider webResourceUrlProvider,
                                        com.atlassian.soy.renderer.SoyTemplateRenderer soyTemplateRenderer)

Method Detail

getIssuerUrl
```
@Nonnull
public String getIssuerUrl()
```
Specified by:

getIssuerUrl in interface AuthenticationHandler<T extends IdpConfig>

Returns:

the URL to be used as issuer of SSO requests

processAuthenticationRequest

public void processAuthenticationRequest(@Nonnull
                                         javax.servlet.http.HttpServletRequest request,
                                         @Nonnull
                                         javax.servlet.http.HttpServletResponse response,
                                         @Nullable
                                         String destinationUrl,
                                         T idpConfig)
                                  throws IOException

Description copied from interface: AuthenticationHandler

Do provider-specific authentication. Called as a part of the authentication filter. Should render a response, or redirect to the appropriate url

Specified by:: processAuthenticationRequest in interface AuthenticationHandler<T extends IdpConfig>
Throws:: IOException

processAuthenticationRequestForRelativeDestinationUrl

public void processAuthenticationRequestForRelativeDestinationUrl(@Nonnull
                                                                  javax.servlet.http.HttpServletRequest request,
                                                                  @Nonnull
                                                                  javax.servlet.http.HttpServletResponse response,
                                                                  @Nullable
                                                                  URI relativeDestinationUri,
                                                                  T idpConfig)
                                                           throws IOException

Throws:: IOException

isCorrectlyConfigured
```
public boolean isCorrectlyConfigured(IdpConfig idpConfig)
```
Specified by:

isCorrectlyConfigured in interface AuthenticationHandler<T extends IdpConfig>

Returns:

false if the handler is not fully configured and shouldn't be used

prepareAuthenticationRequest

protected abstract AuthenticationRequest prepareAuthenticationRequest(@Nonnull
                                                                      javax.servlet.http.HttpServletRequest request,
                                                                      @Nonnull
                                                                      javax.servlet.http.HttpServletResponse response,
                                                                      T idpConfig)

isPermissionViolation

protected boolean isPermissionViolation(javax.servlet.http.HttpServletRequest request)

Class AbstractAuthenticationHandler<T extends IdpConfig>