mfaCtx.setTransitionMap(transitionMap); mfaCtx.setNextFlowId(null); mfaCtx.getActiveResults().clear(); if (results != null) { for (final AuthenticationResult result : results) { mfaCtx.getActiveResults().put(result.getAuthenticationFlowId(), result);
/** {@inheritDoc} */ @Nullable public AuthenticationResult apply(@Nullable final ProfileRequestContext input) { if (input != null) { final AuthenticationContext authnContext = input.getSubcontext(AuthenticationContext.class); if (authnContext != null) { final MultiFactorAuthenticationContext mfaContext = authnContext.getSubcontext(MultiFactorAuthenticationContext.class); if (mfaContext != null) { final Collection<AuthenticationResult> results = mfaContext.getActiveResults().values(); if (!results.isEmpty()) { final Subject subject = new Subject(); for (final AuthenticationResult result : results) { subject.getPrincipals().add(new AuthenticationResultPrincipal(result)); subject.getPrincipals().addAll(result.getSubject().getPrincipals()); subject.getPublicCredentials().addAll(result.getSubject().getPublicCredentials()); subject.getPrivateCredentials().addAll(result.getSubject().getPrivateCredentials()); } final AuthenticationResult merged = new AuthenticationResult( mfaContext.getAuthenticationFlowDescriptor().getId(), subject); return merged; } } } } return null; }
log.debug("{} Preserving authentication result from '{}' flow", getLogPrefix(), result.getAuthenticationFlowId()); mfaContext.getActiveResults().put(result.getAuthenticationFlowId(), result); } else { log.debug("{} Discarding incomplete authentication result from '{}' flow", getLogPrefix(),
final AuthenticationResult activeResult = mfaContext.getActiveResults().get(flowId); if (activeResult != null) { if (flow.getReuseCondition().apply(profileRequestContext)) { } else { log.debug("{} Condition blocked reuse of active result for '{}' flow", getLogPrefix(), flowId); mfaContext.getActiveResults().remove(flowId);