/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * * Unless required by applicable law or agreed to in writing, software distributed under the Licence * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. */ package at.gv.egiz.eaaf.core.api.idp.auth; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.slo.ISloInformationContainer; import at.gv.egiz.eaaf.core.exceptions.EaafException; public interface IAuthenticationManager { int EVENT_AUTHENTICATION_PROCESS_FOR_SP = 4003; int EVENT_AUTHENTICATION_PROCESS_STARTED = 4000; int EVENT_AUTHENTICATION_PROCESS_FINISHED = 4001; int EVENT_AUTHENTICATION_PROCESS_ERROR = 4002; /** * Add a request parameter to whitelist. All parameters that are part of the * white list are added into {@link ExecutionContext} * * @param httpReqParam http parameter name, but never null */ void addParameterNameToWhiteList(String httpReqParam); /** * Add a request header to whitelist. All parameters that are part of the white * list are added into {@link ExecutionContext} * * @param httpReqParam http header name, but never null */ void addHeaderNameToWhiteList(String httpReqParam); /** * Starts an authentication process for a specific pending request. * * @param httpReq http servlet request * @param httpResp http servlet response * @param pendingReq Pending request for that an authentication is required * @return true if the pending request is already authenticated, otherwise false * @throws EaafException In case of an authentication error */ boolean doAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) throws EaafException; /** * Close an active authenticated session on IDP side. * * @param request http servlet request * @param response http servlet response * @param pendingReq ReqPending request for that an authentication session * should be closed */ void performOnlyIdpLogOut(HttpServletRequest request, HttpServletResponse response, IRequest pendingReq); /** * Close an active authenticated session on IDP side and get a list * authenticated service providers. * * @param httpReq http servlet request * @param httpResp http servlet response * @param pendingReq ReqPending request for that an authentication session * should be closed * @param internalSsoId internal SSO session identifier * @return A container that contains all active SP sessions * @throws EaafException In case of an internal SLO error */ ISloInformationContainer performSingleLogOut(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq, String internalSsoId) throws EaafException; }