/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext, @Nonnull final AuthenticationContext authenticationContext) { final Map<String, AuthenticationFlowDescriptor> potentialFlows = authenticationContext.getPotentialFlows(); final Iterator<Entry<String, AuthenticationFlowDescriptor>> descriptorItr = potentialFlows.entrySet().iterator(); while (descriptorItr.hasNext()) { final AuthenticationFlowDescriptor descriptor = descriptorItr.next().getValue(); if (descriptor.isNonBrowserSupported()) { log.debug("{} Retaining flow {}, it supports non-browser authentication", getLogPrefix(), descriptor.getId()); } else { log.debug("{} Removing flow {}, it does not support non-browser authentication", getLogPrefix(), descriptor.getId()); descriptorItr.remove(); } } if (potentialFlows.size() == 0) { log.info("{} No potential authentication flows remain after filtering", getLogPrefix()); } else { log.debug("{} Potential authentication flows left after filtering: {}", getLogPrefix(), potentialFlows); } }
/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext, @Nonnull final AuthenticationContext authenticationContext) { final Map<String, AuthenticationFlowDescriptor> potentialFlows = authenticationContext.getPotentialFlows(); final Iterator<Entry<String, AuthenticationFlowDescriptor>> descriptorItr = potentialFlows.entrySet().iterator(); while (descriptorItr.hasNext()) { final AuthenticationFlowDescriptor descriptor = descriptorItr.next().getValue(); if (descriptor.isForcedAuthenticationSupported()) { log.debug("{} Retaining flow {}, it supports forced authentication", getLogPrefix(), descriptor.getId()); } else { log.debug("{} Removing flow {}, it does not support forced authentication", getLogPrefix(), descriptor.getId()); descriptorItr.remove(); } } if (potentialFlows.size() == 0) { log.info("{} No potential authentication flows remain after filtering", getLogPrefix()); } else { log.debug("{} Potential authentication flows left after filtering: {}", getLogPrefix(), potentialFlows); } }
/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext, @Nonnull final AuthenticationContext authenticationContext) { final Map<String, AuthenticationFlowDescriptor> potentialFlows = authenticationContext.getPotentialFlows(); final Iterator<Entry<String, AuthenticationFlowDescriptor>> descriptorItr = potentialFlows.entrySet().iterator(); while (descriptorItr.hasNext()) { final AuthenticationFlowDescriptor descriptor = descriptorItr.next().getValue(); if (descriptor.isPassiveAuthenticationSupported()) { log.debug("{} Retaining flow {}, it supports passive authentication", getLogPrefix(), descriptor.getId()); } else { log.debug("{} Removing flow {}, it does not support passive authentication", getLogPrefix(), descriptor.getId()); descriptorItr.remove(); } } if (potentialFlows.size() == 0) { log.info("{} No potential authentication flows remain after filtering", getLogPrefix()); } else { log.debug("{} Potential authentication flows left after filtering: {}", getLogPrefix(), potentialFlows); } } }
/** * Return the first inactive potential flow not found in the intermediate flows collection that applies * to the request. * * @param profileRequestContext the current profile request context * @param authenticationContext the current authentication context * @return an eligible flow, or null */ @Nullable private AuthenticationFlowDescriptor getUnattemptedInactiveFlow( @Nonnull final ProfileRequestContext profileRequestContext, @Nonnull final AuthenticationContext authenticationContext) { AuthenticationFlowDescriptor selectedFlow = null; for (final AuthenticationFlowDescriptor flow : authenticationContext.getPotentialFlows().values()) { if (!authenticationContext.getIntermediateFlows().containsKey(flow.getId())) { if (!authenticationContext.isPassive() || flow.isPassiveAuthenticationSupported()) { if (flow.apply(profileRequestContext)) { selectedFlow = flow; if (preferredPrincipalCtx == null || preferredPrincipalCtx.isAcceptable(flow)) { break; } } } } } return selectedFlow; }
final Map<String,AuthenticationFlowDescriptor> potentialFlows = authenticationContext.getPotentialFlows();
if (authenticationContext.getAvailableFlows().containsKey(desc.getId()) && desc.apply(profileRequestContext)) { authenticationContext.getPotentialFlows().put(desc.getId(), desc); } else { log.debug("{} Filtered out authentication flow {}", getLogPrefix(), desc.getId()); if (authenticationContext.getAvailableFlows().containsKey(desc.getId()) && desc.apply(profileRequestContext)) { authenticationContext.getPotentialFlows().put(desc.getId(), desc); } else { log.debug("{} Filtered out authentication flow {}", getLogPrefix(), desc.getId()); if (authenticationContext.getPotentialFlows().isEmpty()) { log.warn("{} No authentication flows are active for this request", getLogPrefix()); } else { log.debug("{} Installed {} potential authentication flows into AuthenticationContext", getLogPrefix(), authenticationContext.getPotentialFlows().size());
for (final AuthenticationResult result : session.getAuthenticationResults()) { final AuthenticationFlowDescriptor descriptor = authenticationContext.getPotentialFlows().get(result.getAuthenticationFlowId()); if (descriptor == null) { log.debug("{} Authentication result {} has no corresponding flow descriptor, considering inactive",
@Nonnull final AuthenticationContext authenticationContext) { final Map<String,AuthenticationFlowDescriptor> potentialFlows = authenticationContext.getPotentialFlows();
&& authenticationContext.getPotentialFlows().containsKey( authenticationContext.getInitialAuthenticationResult().getAuthenticationFlowId())) {
&& authenticationContext.getPotentialFlows().containsKey( authenticationContext.getInitialAuthenticationResult().getAuthenticationFlowId())) { selectActiveResult(profileRequestContext, authenticationContext, final AuthenticationFlowDescriptor flow = authenticationContext.getPotentialFlows().get( activeResult.getAuthenticationFlowId()); if (flow != null && flow.getReuseCondition().apply(profileRequestContext)) {
final Map<String,AuthenticationFlowDescriptor> potentialFlows = authenticationContext.getPotentialFlows();
final AuthenticationFlowDescriptor flow = authenticationContext.getPotentialFlows().get( authenticationContext.getSignaledFlowId()); if (flow == null) {