i5.las2peer.connectors.webConnector.util.AuthenticationManager

public class AuthenticationManager extends Object

Field Details
- ACCESS_TOKEN_KEY
  
  public static final String ACCESS_TOKEN_KEY
  See Also:
  
  Constant Field Values
- OIDC_PROVIDER_KEY
  
  public static final String OIDC_PROVIDER_KEY
  See Also:
  
  Constant Field Values
Constructor Details
- AuthenticationManager
  
  public AuthenticationManager(WebConnector connector)
Method Details
- authenticateAgent
  
  public i5.las2peer.security.AgentImpl authenticateAgent(javax.ws.rs.core.MultivaluedMap<String,String> requestHeaders, String accessTokenQueryParam)
  
  Returns agent for various authentication methods, including OIDC with auto-registration. For "regular" login, a prefixed identifier (containing agent ID, login, email, or OIDC sub) and a password are provided via the basic authorization header. This only attempts a login, no registration. However, whenever an access token is passed via any means, we use a different flow: OIDC "auto-registration". This means that we access the user profile from the OIDC server, verifying the access token. Then we use the (also required!) password from the basic authorization header (the username is ignored) and attempt to register the agent. If it exists, we try to unlock the existing agent.

Class AuthenticationManager

Field Summary