/*
* Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
* cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
* Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
* compliance with the Licence. You may obtain a copy of the Licence at:
* https://joinup.ec.europa.eu/news/understanding-eupl-v12
*
* Unless required by applicable law or agreed to in writing, software distributed under the Licence
* is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
* or implied. See the Licence for the specific language governing permissions and limitations under
* the Licence.
*
* This product combines work with different licenses. See the "NOTICE" text file for details on the
* various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
* works that you distribute must include a readable copy of the "NOTICE" text file.
*/
package at.gv.egiz.eaaf.core.api.idp.auth;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface;
import at.gv.egiz.eaaf.core.exceptions.EaafSsoException;
public interface ISsoManager {
// TODO
int EVENT_SSO_SESSION_INVALID = -1;
int EVENT_SSO_SESSION_VALID = -1;
String PROCESS_ENGINE_SSO_CONSENTS_EVALUATION = "ssoconsentsevaluation";
String AUTH_DATA_SSO_SESSIONID = "eaaf_authdata_sso_sessionId";
/**
* Check if there is an active and valid SSO session for the current pending
* request.
* If there is an active SSO session, the pending request will be populated with
* eID information from SSO session
*
* @param pendingReq Current incoming pending request
* @param httpReq http Servlet request
* @param httpResp http Servlet response
* @return true if there is a valid SSO session, otherwise false
* @throws EaafSsoException In case of an internal error
*/
boolean checkAndValidateSsoSession(IRequest pendingReq, HttpServletRequest httpReq, HttpServletResponse httpResp)
throws EaafSsoException;
/**
* Populate service provider specific SSO settings.
*
*
* Check if Single Sign-On is allowed for the current pending request and the * requested service provider Set IRequest.needSingleSignOnFunctionality() to * true if SSO is allowed *
* * @param pendingReq Current incoming pending request * @param httpReq http Servlet request */ void isSsoAllowedForSp(IRequest pendingReq, HttpServletRequest httpReq); /** * Populate the current pending request with eID information from an existing * SSO session. * * @param pendingReq pending request that should be populated by SSO session * @throws EaafSsoException if pending request contains no SSO information or * population failed */ void populatePendingRequestWithSsoInformation(IRequest pendingReq) throws EaafSsoException; /** * Destroy an active SSO session on IDP site only. * * @param httpReq http servlet request * @param httpResp http servlet response * @param pendingReq current pending request * @return true if a SSO session was closed successfully, otherwise false * @throws EaafSsoException in case of an internal processing error */ boolean destroySsoSessionOnIdpOnly(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) throws EaafSsoException; /** * Create a new SSO session-cookie for a specific pendingRequest and add it into * http response. * * @param req http Request * @param resp http Response * @param pendingReq Current open PendingRequest * @return new created SSO identifier * @throws EaafSsoException In case of an internal error */ String createNewSsoSessionCookie(HttpServletRequest req, HttpServletResponse resp, IRequest pendingReq) throws EaafSsoException; /** * Create a new SSO session in database. * * @param pendingReq current pending request * @param newSsoSessionId new SSO sessionId * @throws EaafSsoException In case of an internal error */ void createNewSsoSession(IRequest pendingReq, String newSsoSessionId) throws EaafSsoException; /** * Updateing an existing SSO session in database. * * @param pendingReq current pending request * @param newSsoSessionId new SSO session Id * @param sloInformation SLO information container * @throws EaafSsoException In case of an internal error */ void updateSsoSession(IRequest pendingReq, String newSsoSessionId, SloInformationInterface sloInformation) throws EaafSsoException; }