/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext, @Nonnull final AuthenticationContext authenticationContext) { final Map<String, AuthenticationFlowDescriptor> potentialFlows = authenticationContext.getPotentialFlows(); final Iterator<Entry<String, AuthenticationFlowDescriptor>> descriptorItr = potentialFlows.entrySet().iterator(); while (descriptorItr.hasNext()) { final AuthenticationFlowDescriptor descriptor = descriptorItr.next().getValue(); if (descriptor.isForcedAuthenticationSupported()) { log.debug("{} Retaining flow {}, it supports forced authentication", getLogPrefix(), descriptor.getId()); } else { log.debug("{} Removing flow {}, it does not support forced authentication", getLogPrefix(), descriptor.getId()); descriptorItr.remove(); } } if (potentialFlows.size() == 0) { log.info("{} No potential authentication flows remain after filtering", getLogPrefix()); } else { log.debug("{} Potential authentication flows left after filtering: {}", getLogPrefix(), potentialFlows); } }
return; } else if ((authenticationContext.isForceAuthn() || authenticationContext.getMaxAge() > 0) && !flow.isForcedAuthenticationSupported()) { log.error("{} Targeted login flow '{}' does not support forced re-authentication", getLogPrefix(), flowId);