Google Git
Sign in
eclipse / www.eclipse.org / jetty / 0691ed4645700e2e07b7266349674e533c045a24 / . / javadoc / jetty-10 / org / eclipse / jetty / security / openid / OpenIdAuthenticator.html
blob: 596b839cd0c150dad644e766e39fb25e98c414db [file] [log] [blame]
<!DOCTYPE HTML>
<!-- NewPage -->
<html lang="en">
<head>
<!-- Generated by javadoc (11.0.14.1) on Mon Apr 04 09:09:38 CDT 2022 -->
<title>OpenIdAuthenticator (Eclipse Jetty API Doc - v10.0.9)</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="dc.created" content="2022-04-04">
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style">
<link rel="stylesheet" type="text/css" href="../../../../../jquery/jquery-ui.css" title="Style">
<script type="text/javascript" src="../../../../../script.js"></script>
<script type="text/javascript" src="../../../../../jquery/jszip/dist/jszip.min.js"></script>
<script type="text/javascript" src="../../../../../jquery/jszip-utils/dist/jszip-utils.min.js"></script>
<!--[if IE]>
<script type="text/javascript" src="../../../../../jquery/jszip-utils/dist/jszip-utils-ie.min.js"></script>
<![endif]-->
<script type="text/javascript" src="../../../../../jquery/jquery-3.5.1.js"></script>
<script type="text/javascript" src="../../../../../jquery/jquery-ui.js"></script>
</head>
<body>
<script type="text/javascript"><!--
try {
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="OpenIdAuthenticator (Eclipse Jetty API Doc - v10.0.9)";
}
}
catch(err) {
}
//-->
var data = {"i0":10,"i1":10,"i2":42,"i3":10,"i4":10,"i5":10,"i6":10,"i7":10,"i8":10,"i9":42,"i10":10,"i11":10,"i12":10,"i13":10};
var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],8:["t4","Concrete Methods"],32:["t6","Deprecated Methods"]};
var altColor = "altColor";
var rowColor = "rowColor";
var tableTab = "tableTab";
var activeTableTab = "activeTableTab";
var pathtoroot = "../../../../../";
var useModuleDirectories = true;
loadScripts(document, 'script');</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<header role="banner">
<nav role="navigation">
<div class="fixedNav">
<!-- ========= START OF TOP NAVBAR ======= -->
<div class="topNav"><a id="navbar.top">
<!-- -->
</a>
<div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.top.firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/OpenIdAuthenticator.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<ul class="navListSearch">
<li><label for="search">SEARCH:</label>
<input type="text" id="search" value="search" disabled="disabled">
<input type="reset" id="reset" value="reset" disabled="disabled">
</li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_top");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li><a href="#nested.class.summary">Nested</a>&nbsp;|&nbsp;</li>
<li><a href="#field.summary">Field</a>&nbsp;|&nbsp;</li>
<li><a href="#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li><a href="#field.detail">Field</a>&nbsp;|&nbsp;</li>
<li><a href="#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.top">
<!-- -->
</a></div>
<!-- ========= END OF TOP NAVBAR ========= -->
</div>
<div class="navPadding">&nbsp;</div>
<script type="text/javascript"><!--
$('.navPadding').css('padding-top', $('.fixedNav').css("height"));
//-->
</script>
</nav>
</header>
<!-- ======== START OF CLASS DATA ======== -->
<main role="main">
<div class="header">
<div class="subTitle"><span class="packageLabelInType">Package</span>&nbsp;<a href="package-summary.html">org.eclipse.jetty.security.openid</a></div>
<h2 title="Class OpenIdAuthenticator" class="title">Class OpenIdAuthenticator</h2>
</div>
<div class="contentContainer">
<ul class="inheritance">
<li>java.lang.Object</li>
<li>
<ul class="inheritance">
<li><a href="../authentication/LoginAuthenticator.html" title="class in org.eclipse.jetty.security.authentication">org.eclipse.jetty.security.authentication.LoginAuthenticator</a></li>
<li>
<ul class="inheritance">
<li>org.eclipse.jetty.security.openid.OpenIdAuthenticator</li>
</ul>
</li>
</ul>
</li>
</ul>
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Implemented Interfaces:</dt>
<dd><code><a href="../Authenticator.html" title="interface in org.eclipse.jetty.security">Authenticator</a></code></dd>
</dl>
<hr>
<pre>public class <span class="typeNameLabel">OpenIdAuthenticator</span>
extends <a href="../authentication/LoginAuthenticator.html" title="class in org.eclipse.jetty.security.authentication">LoginAuthenticator</a></pre>
<div class="block"><p>Implements authentication using OpenId Connect on top of OAuth 2.0.
<p>The OpenIdAuthenticator redirects unauthenticated requests to the OpenID Connect Provider. The End-User is
eventually redirected back with an Authorization Code to the path set by <a href="#setRedirectPath(java.lang.String)"><code>setRedirectPath(String)</code></a> within the context.
The Authorization Code is then used to authenticate the user through the <a href="OpenIdCredentials.html" title="class in org.eclipse.jetty.security.openid"><code>OpenIdCredentials</code></a> and <a href="OpenIdLoginService.html" title="class in org.eclipse.jetty.security.openid"><code>OpenIdLoginService</code></a>.
</p>
<p>
Once a user is authenticated the OpenID Claims can be retrieved through an attribute on the session with the key <a href="#CLAIMS"><code>CLAIMS</code></a>.
The full response containing the OAuth 2.0 Access Token can be obtained with the session attribute <a href="#RESPONSE"><code>RESPONSE</code></a>.
</p>
<p><a href="../authentication/SessionAuthentication.html" title="class in org.eclipse.jetty.security.authentication"><code>SessionAuthentication</code></a> is then used to wrap Authentication results so that they are associated with the session.</p></div>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- ======== NESTED CLASS SUMMARY ======== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="nested.class.summary">
<!-- -->
</a>
<h3>Nested Class Summary</h3>
<table class="memberSummary">
<caption><span>Nested Classes</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Class</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static class&nbsp;</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="OpenIdAuthenticator.OpenIdAuthentication.html" title="class in org.eclipse.jetty.security.openid">OpenIdAuthenticator.OpenIdAuthentication</a></span></code></th>
<td class="colLast">
<div class="block">This Authentication represents a just completed OpenId Connect authentication.</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a id="nested.classes.inherited.from.class.org.eclipse.jetty.security.Authenticator">
<!-- -->
</a>
<h3>Nested classes/interfaces inherited from interface&nbsp;org.eclipse.jetty.security.<a href="../Authenticator.html" title="interface in org.eclipse.jetty.security">Authenticator</a></h3>
<code><a href="../Authenticator.AuthConfiguration.html" title="interface in org.eclipse.jetty.security">Authenticator.AuthConfiguration</a>, <a href="../Authenticator.Factory.html" title="interface in org.eclipse.jetty.security">Authenticator.Factory</a></code></li>
</ul>
</li>
</ul>
</section>
<!-- =========== FIELD SUMMARY =========== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="field.summary">
<!-- -->
</a>
<h3>Field Summary</h3>
<table class="memberSummary">
<caption><span>Fields</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Field</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#CLAIMS">CLAIMS</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#CSRF_TOKEN">CSRF_TOKEN</a></span></code></th>
<td class="colLast">
<div class="block"><span class="deprecatedLabel">Deprecated.</span></div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#ERROR_PAGE">ERROR_PAGE</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#ERROR_PARAMETER">ERROR_PARAMETER</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#ISSUER">ISSUER</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#J_METHOD">J_METHOD</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#J_POST">J_POST</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#J_SECURITY_CHECK">J_SECURITY_CHECK</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#J_URI">J_URI</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#REDIRECT_PATH">REDIRECT_PATH</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#RESPONSE">RESPONSE</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a id="fields.inherited.from.class.org.eclipse.jetty.security.authentication.LoginAuthenticator">
<!-- -->
</a>
<h3>Fields inherited from class&nbsp;org.eclipse.jetty.security.authentication.<a href="../authentication/LoginAuthenticator.html" title="class in org.eclipse.jetty.security.authentication">LoginAuthenticator</a></h3>
<code><a href="../authentication/LoginAuthenticator.html#_identityService">_identityService</a>, <a href="../authentication/LoginAuthenticator.html#_loginService">_loginService</a></code></li>
</ul>
</li>
</ul>
</section>
<!-- ======== CONSTRUCTOR SUMMARY ======== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.summary">
<!-- -->
</a>
<h3>Constructor Summary</h3>
<table class="memberSummary">
<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Constructor</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<th class="colConstructorName" scope="row"><code><span class="memberNameLink"><a href="#%3Cinit%3E()">OpenIdAuthenticator</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="rowColor">
<th class="colConstructorName" scope="row"><code><span class="memberNameLink"><a href="#%3Cinit%3E(org.eclipse.jetty.security.openid.OpenIdConfiguration)">OpenIdAuthenticator</a></span>&#8203;(<a href="OpenIdConfiguration.html" title="class in org.eclipse.jetty.security.openid">OpenIdConfiguration</a>&nbsp;configuration)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="altColor">
<th class="colConstructorName" scope="row"><code><span class="memberNameLink"><a href="#%3Cinit%3E(org.eclipse.jetty.security.openid.OpenIdConfiguration,java.lang.String)">OpenIdAuthenticator</a></span>&#8203;(<a href="OpenIdConfiguration.html" title="class in org.eclipse.jetty.security.openid">OpenIdConfiguration</a>&nbsp;configuration,
java.lang.String&nbsp;errorPage)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="rowColor">
<th class="colConstructorName" scope="row"><code><span class="memberNameLink"><a href="#%3Cinit%3E(org.eclipse.jetty.security.openid.OpenIdConfiguration,java.lang.String,java.lang.String)">OpenIdAuthenticator</a></span>&#8203;(<a href="OpenIdConfiguration.html" title="class in org.eclipse.jetty.security.openid">OpenIdConfiguration</a>&nbsp;configuration,
java.lang.String&nbsp;redirectPath,
java.lang.String&nbsp;errorPage)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
</table>
</li>
</ul>
</section>
<!-- ========== METHOD SUMMARY =========== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.summary">
<!-- -->
</a>
<h3>Method Summary</h3>
<table class="memberSummary">
<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t6" class="tableTab"><span><a href="javascript:show(32);">Deprecated Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Method</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr id="i0" class="altColor">
<td class="colFirst"><code>java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#getAuthMethod()">getAuthMethod</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i1" class="rowColor">
<td class="colFirst"><code>protected java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#getChallengeUri(org.eclipse.jetty.server.Request)">getChallengeUri</a></span>&#8203;(<a href="../../server/Request.html" title="class in org.eclipse.jetty.server">Request</a>&nbsp;request)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i2" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isAlwaysSaveUri()">isAlwaysSaveUri</a></span>()</code></th>
<td class="colLast">
<div class="block"><span class="deprecatedLabel">Deprecated.</span></div>
</td>
</tr>
<tr id="i3" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isErrorPage(java.lang.String)">isErrorPage</a></span>&#8203;(java.lang.String&nbsp;pathInContext)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i4" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isJSecurityCheck(java.lang.String)">isJSecurityCheck</a></span>&#8203;(java.lang.String&nbsp;uri)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i5" class="rowColor">
<td class="colFirst"><code><a href="../../server/UserIdentity.html" title="interface in org.eclipse.jetty.server">UserIdentity</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#login(java.lang.String,java.lang.Object,javax.servlet.ServletRequest)">login</a></span>&#8203;(java.lang.String&nbsp;username,
java.lang.Object&nbsp;credentials,
javax.servlet.ServletRequest&nbsp;request)</code></th>
<td class="colLast">
<div class="block">If the UserIdentity is not null after this method calls <a href="../LoginService.html#login(java.lang.String,java.lang.Object,javax.servlet.ServletRequest)"><code>LoginService.login(String, Object, ServletRequest)</code></a>, it
is assumed that the user is fully authenticated and we need to change the session id to prevent
session fixation vulnerability.</div>
</td>
</tr>
<tr id="i6" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#logout(javax.servlet.ServletRequest)">logout</a></span>&#8203;(javax.servlet.ServletRequest&nbsp;request)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i7" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#prepareRequest(javax.servlet.ServletRequest)">prepareRequest</a></span>&#8203;(javax.servlet.ServletRequest&nbsp;request)</code></th>
<td class="colLast">
<div class="block">Called prior to validateRequest.</div>
</td>
</tr>
<tr id="i8" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#secureResponse(javax.servlet.ServletRequest,javax.servlet.ServletResponse,boolean,org.eclipse.jetty.server.Authentication.User)">secureResponse</a></span>&#8203;(javax.servlet.ServletRequest&nbsp;req,
javax.servlet.ServletResponse&nbsp;res,
boolean&nbsp;mandatory,
<a href="../../server/Authentication.User.html" title="interface in org.eclipse.jetty.server">Authentication.User</a>&nbsp;validatedUser)</code></th>
<td class="colLast">
<div class="block">is response secure</div>
</td>
</tr>
<tr id="i9" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#setAlwaysSaveUri(boolean)">setAlwaysSaveUri</a></span>&#8203;(boolean&nbsp;alwaysSave)</code></th>
<td class="colLast">
<div class="block"><span class="deprecatedLabel">Deprecated.</span></div>
</td>
</tr>
<tr id="i10" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration)">setConfiguration</a></span>&#8203;(<a href="../Authenticator.AuthConfiguration.html" title="interface in org.eclipse.jetty.security">Authenticator.AuthConfiguration</a>&nbsp;authConfig)</code></th>
<td class="colLast">
<div class="block">Configure the Authenticator</div>
</td>
</tr>
<tr id="i11" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#setErrorPage(java.lang.String)">setErrorPage</a></span>&#8203;(java.lang.String&nbsp;path)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i12" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#setRedirectPath(java.lang.String)">setRedirectPath</a></span>&#8203;(java.lang.String&nbsp;redirectPath)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i13" class="rowColor">
<td class="colFirst"><code><a href="../../server/Authentication.html" title="interface in org.eclipse.jetty.server">Authentication</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#validateRequest(javax.servlet.ServletRequest,javax.servlet.ServletResponse,boolean)">validateRequest</a></span>&#8203;(javax.servlet.ServletRequest&nbsp;req,
javax.servlet.ServletResponse&nbsp;res,
boolean&nbsp;mandatory)</code></th>
<td class="colLast">
<div class="block">Validate a request</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.org.eclipse.jetty.security.authentication.LoginAuthenticator">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;org.eclipse.jetty.security.authentication.<a href="../authentication/LoginAuthenticator.html" title="class in org.eclipse.jetty.security.authentication">LoginAuthenticator</a></h3>
<code><a href="../authentication/LoginAuthenticator.html#getLoginService()">getLoginService</a>, <a href="../authentication/LoginAuthenticator.html#renewSession(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)">renewSession</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.java.lang.Object">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
<code>clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ============ FIELD DETAIL =========== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="field.detail">
<!-- -->
</a>
<h3>Field Detail</h3>
<a id="CLAIMS">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>CLAIMS</h4>
<pre>public static final&nbsp;java.lang.String CLAIMS</pre>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.eclipse.jetty.security.openid.OpenIdAuthenticator.CLAIMS">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a id="RESPONSE">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>RESPONSE</h4>
<pre>public static final&nbsp;java.lang.String RESPONSE</pre>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.eclipse.jetty.security.openid.OpenIdAuthenticator.RESPONSE">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a id="ISSUER">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>ISSUER</h4>
<pre>public static final&nbsp;java.lang.String ISSUER</pre>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.eclipse.jetty.security.openid.OpenIdAuthenticator.ISSUER">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a id="REDIRECT_PATH">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>REDIRECT_PATH</h4>
<pre>public static final&nbsp;java.lang.String REDIRECT_PATH</pre>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.eclipse.jetty.security.openid.OpenIdAuthenticator.REDIRECT_PATH">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a id="ERROR_PAGE">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>ERROR_PAGE</h4>
<pre>public static final&nbsp;java.lang.String ERROR_PAGE</pre>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.eclipse.jetty.security.openid.OpenIdAuthenticator.ERROR_PAGE">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a id="J_URI">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>J_URI</h4>
<pre>public static final&nbsp;java.lang.String J_URI</pre>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.eclipse.jetty.security.openid.OpenIdAuthenticator.J_URI">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a id="J_POST">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>J_POST</h4>
<pre>public static final&nbsp;java.lang.String J_POST</pre>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.eclipse.jetty.security.openid.OpenIdAuthenticator.J_POST">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a id="J_METHOD">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>J_METHOD</h4>
<pre>public static final&nbsp;java.lang.String J_METHOD</pre>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.eclipse.jetty.security.openid.OpenIdAuthenticator.J_METHOD">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a id="J_SECURITY_CHECK">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>J_SECURITY_CHECK</h4>
<pre>public static final&nbsp;java.lang.String J_SECURITY_CHECK</pre>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.eclipse.jetty.security.openid.OpenIdAuthenticator.J_SECURITY_CHECK">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a id="ERROR_PARAMETER">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>ERROR_PARAMETER</h4>
<pre>public static final&nbsp;java.lang.String ERROR_PARAMETER</pre>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.eclipse.jetty.security.openid.OpenIdAuthenticator.ERROR_PARAMETER">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a id="CSRF_TOKEN">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>CSRF_TOKEN</h4>
<pre>@Deprecated
public static final&nbsp;java.lang.String CSRF_TOKEN</pre>
<div class="deprecationBlock"><span class="deprecatedLabel">Deprecated.</span></div>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.eclipse.jetty.security.openid.OpenIdAuthenticator.CSRF_TOKEN">Constant Field Values</a></dd>
</dl>
</li>
</ul>
</li>
</ul>
</section>
<!-- ========= CONSTRUCTOR DETAIL ======== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.detail">
<!-- -->
</a>
<h3>Constructor Detail</h3>
<a id="&lt;init&gt;()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>OpenIdAuthenticator</h4>
<pre>public&nbsp;OpenIdAuthenticator()</pre>
</li>
</ul>
<a id="&lt;init&gt;(org.eclipse.jetty.security.openid.OpenIdConfiguration)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>OpenIdAuthenticator</h4>
<pre>public&nbsp;OpenIdAuthenticator&#8203;(<a href="OpenIdConfiguration.html" title="class in org.eclipse.jetty.security.openid">OpenIdConfiguration</a>&nbsp;configuration)</pre>
</li>
</ul>
<a id="&lt;init&gt;(org.eclipse.jetty.security.openid.OpenIdConfiguration,java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>OpenIdAuthenticator</h4>
<pre>public&nbsp;OpenIdAuthenticator&#8203;(<a href="OpenIdConfiguration.html" title="class in org.eclipse.jetty.security.openid">OpenIdConfiguration</a>&nbsp;configuration,
java.lang.String&nbsp;errorPage)</pre>
</li>
</ul>
<a id="&lt;init&gt;(org.eclipse.jetty.security.openid.OpenIdConfiguration,java.lang.String,java.lang.String)">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>OpenIdAuthenticator</h4>
<pre>public&nbsp;OpenIdAuthenticator&#8203;(<a href="OpenIdConfiguration.html" title="class in org.eclipse.jetty.security.openid">OpenIdConfiguration</a>&nbsp;configuration,
java.lang.String&nbsp;redirectPath,
java.lang.String&nbsp;errorPage)</pre>
</li>
</ul>
</li>
</ul>
</section>
<!-- ============ METHOD DETAIL ========== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.detail">
<!-- -->
</a>
<h3>Method Detail</h3>
<a id="setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>setConfiguration</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setConfiguration&#8203;(<a href="../Authenticator.AuthConfiguration.html" title="interface in org.eclipse.jetty.security">Authenticator.AuthConfiguration</a>&nbsp;authConfig)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../Authenticator.html#setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration)">Authenticator</a></code></span></div>
<div class="block">Configure the Authenticator</div>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a href="../Authenticator.html#setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration)">setConfiguration</a></code>&nbsp;in interface&nbsp;<code><a href="../Authenticator.html" title="interface in org.eclipse.jetty.security">Authenticator</a></code></dd>
<dt><span class="overrideSpecifyLabel">Overrides:</span></dt>
<dd><code><a href="../authentication/LoginAuthenticator.html#setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration)">setConfiguration</a></code>&nbsp;in class&nbsp;<code><a href="../authentication/LoginAuthenticator.html" title="class in org.eclipse.jetty.security.authentication">LoginAuthenticator</a></code></dd>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>authConfig</code> - the configuration</dd>
</dl>
</li>
</ul>
<a id="getAuthMethod()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>getAuthMethod</h4>
<pre class="methodSignature">public&nbsp;java.lang.String&nbsp;getAuthMethod()</pre>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>The name of the authentication method</dd>
</dl>
</li>
</ul>
<a id="setAlwaysSaveUri(boolean)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>setAlwaysSaveUri</h4>
<pre class="methodSignature">@Deprecated
public&nbsp;void&nbsp;setAlwaysSaveUri&#8203;(boolean&nbsp;alwaysSave)</pre>
<div class="deprecationBlock"><span class="deprecatedLabel">Deprecated.</span></div>
</li>
</ul>
<a id="isAlwaysSaveUri()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isAlwaysSaveUri</h4>
<pre class="methodSignature">@Deprecated
public&nbsp;boolean&nbsp;isAlwaysSaveUri()</pre>
<div class="deprecationBlock"><span class="deprecatedLabel">Deprecated.</span></div>
</li>
</ul>
<a id="setRedirectPath(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>setRedirectPath</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setRedirectPath&#8203;(java.lang.String&nbsp;redirectPath)</pre>
</li>
</ul>
<a id="setErrorPage(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>setErrorPage</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setErrorPage&#8203;(java.lang.String&nbsp;path)</pre>
</li>
</ul>
<a id="login(java.lang.String,java.lang.Object,javax.servlet.ServletRequest)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>login</h4>
<pre class="methodSignature">public&nbsp;<a href="../../server/UserIdentity.html" title="interface in org.eclipse.jetty.server">UserIdentity</a>&nbsp;login&#8203;(java.lang.String&nbsp;username,
java.lang.Object&nbsp;credentials,
javax.servlet.ServletRequest&nbsp;request)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from class:&nbsp;<code><a href="../authentication/LoginAuthenticator.html#login(java.lang.String,java.lang.Object,javax.servlet.ServletRequest)">LoginAuthenticator</a></code></span></div>
<div class="block">If the UserIdentity is not null after this method calls <a href="../LoginService.html#login(java.lang.String,java.lang.Object,javax.servlet.ServletRequest)"><code>LoginService.login(String, Object, ServletRequest)</code></a>, it
is assumed that the user is fully authenticated and we need to change the session id to prevent
session fixation vulnerability. If the UserIdentity is not necessarily fully
authenticated, then subclasses must override this method and
determine when the UserIdentity IS fully authenticated and renew the session id.</div>
<dl>
<dt><span class="overrideSpecifyLabel">Overrides:</span></dt>
<dd><code><a href="../authentication/LoginAuthenticator.html#login(java.lang.String,java.lang.Object,javax.servlet.ServletRequest)">login</a></code>&nbsp;in class&nbsp;<code><a href="../authentication/LoginAuthenticator.html" title="class in org.eclipse.jetty.security.authentication">LoginAuthenticator</a></code></dd>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>username</code> - the username of the client to be authenticated</dd>
<dd><code>credentials</code> - the user's credential</dd>
<dd><code>request</code> - the inbound request that needs authentication</dd>
</dl>
</li>
</ul>
<a id="logout(javax.servlet.ServletRequest)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>logout</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;logout&#8203;(javax.servlet.ServletRequest&nbsp;request)</pre>
<dl>
<dt><span class="overrideSpecifyLabel">Overrides:</span></dt>
<dd><code><a href="../authentication/LoginAuthenticator.html#logout(javax.servlet.ServletRequest)">logout</a></code>&nbsp;in class&nbsp;<code><a href="../authentication/LoginAuthenticator.html" title="class in org.eclipse.jetty.security.authentication">LoginAuthenticator</a></code></dd>
</dl>
</li>
</ul>
<a id="prepareRequest(javax.servlet.ServletRequest)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>prepareRequest</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;prepareRequest&#8203;(javax.servlet.ServletRequest&nbsp;request)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../Authenticator.html#prepareRequest(javax.servlet.ServletRequest)">Authenticator</a></code></span></div>
<div class="block">Called prior to validateRequest. The authenticator can
manipulate the request to update it with information that
can be inspected prior to validateRequest being called.
The primary purpose of this method is to satisfy the Servlet
Spec 3.1 section 13.6.3 on handling Form authentication
where the http method of the original request causing authentication
is not the same as the http method resulting from the redirect
after authentication.</div>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a href="../Authenticator.html#prepareRequest(javax.servlet.ServletRequest)">prepareRequest</a></code>&nbsp;in interface&nbsp;<code><a href="../Authenticator.html" title="interface in org.eclipse.jetty.security">Authenticator</a></code></dd>
<dt><span class="overrideSpecifyLabel">Overrides:</span></dt>
<dd><code><a href="../authentication/LoginAuthenticator.html#prepareRequest(javax.servlet.ServletRequest)">prepareRequest</a></code>&nbsp;in class&nbsp;<code><a href="../authentication/LoginAuthenticator.html" title="class in org.eclipse.jetty.security.authentication">LoginAuthenticator</a></code></dd>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>request</code> - the request to manipulate</dd>
</dl>
</li>
</ul>
<a id="validateRequest(javax.servlet.ServletRequest,javax.servlet.ServletResponse,boolean)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>validateRequest</h4>
<pre class="methodSignature">public&nbsp;<a href="../../server/Authentication.html" title="interface in org.eclipse.jetty.server">Authentication</a>&nbsp;validateRequest&#8203;(javax.servlet.ServletRequest&nbsp;req,
javax.servlet.ServletResponse&nbsp;res,
boolean&nbsp;mandatory)
throws <a href="../ServerAuthException.html" title="class in org.eclipse.jetty.security">ServerAuthException</a></pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../Authenticator.html#validateRequest(javax.servlet.ServletRequest,javax.servlet.ServletResponse,boolean)">Authenticator</a></code></span></div>
<div class="block">Validate a request</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>req</code> - The request</dd>
<dd><code>res</code> - The response</dd>
<dd><code>mandatory</code> - True if authentication is mandatory.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>An Authentication. If Authentication is successful, this will be a <a href="../../server/Authentication.User.html" title="interface in org.eclipse.jetty.server"><code>Authentication.User</code></a>. If a response has
been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will
implement <a href="../../server/Authentication.ResponseSent.html" title="interface in org.eclipse.jetty.server"><code>Authentication.ResponseSent</code></a>. If Authentication is not mandatory, then a
<a href="../../server/Authentication.Deferred.html" title="interface in org.eclipse.jetty.server"><code>Authentication.Deferred</code></a> may be returned.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../ServerAuthException.html" title="class in org.eclipse.jetty.security">ServerAuthException</a></code> - if unable to validate request</dd>
</dl>
</li>
</ul>
<a id="isJSecurityCheck(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isJSecurityCheck</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;isJSecurityCheck&#8203;(java.lang.String&nbsp;uri)</pre>
</li>
</ul>
<a id="isErrorPage(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isErrorPage</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;isErrorPage&#8203;(java.lang.String&nbsp;pathInContext)</pre>
</li>
</ul>
<a id="getChallengeUri(org.eclipse.jetty.server.Request)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>getChallengeUri</h4>
<pre class="methodSignature">protected&nbsp;java.lang.String&nbsp;getChallengeUri&#8203;(<a href="../../server/Request.html" title="class in org.eclipse.jetty.server">Request</a>&nbsp;request)</pre>
</li>
</ul>
<a id="secureResponse(javax.servlet.ServletRequest,javax.servlet.ServletResponse,boolean,org.eclipse.jetty.server.Authentication.User)">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>secureResponse</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;secureResponse&#8203;(javax.servlet.ServletRequest&nbsp;req,
javax.servlet.ServletResponse&nbsp;res,
boolean&nbsp;mandatory,
<a href="../../server/Authentication.User.html" title="interface in org.eclipse.jetty.server">Authentication.User</a>&nbsp;validatedUser)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../Authenticator.html#secureResponse(javax.servlet.ServletRequest,javax.servlet.ServletResponse,boolean,org.eclipse.jetty.server.Authentication.User)">Authenticator</a></code></span></div>
<div class="block">is response secure</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>req</code> - the request</dd>
<dd><code>res</code> - the response</dd>
<dd><code>mandatory</code> - if security is mandator</dd>
<dd><code>validatedUser</code> - the user that was validated</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>true if response is secure</dd>
</dl>
</li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
</div>
</main>
<!-- ========= END OF CLASS DATA ========= -->
<footer role="contentinfo">
<nav role="navigation">
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<div class="bottomNav"><a id="navbar.bottom">
<!-- -->
</a>
<div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.bottom.firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/OpenIdAuthenticator.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_bottom");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li><a href="#nested.class.summary">Nested</a>&nbsp;|&nbsp;</li>
<li><a href="#field.summary">Field</a>&nbsp;|&nbsp;</li>
<li><a href="#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li><a href="#field.detail">Field</a>&nbsp;|&nbsp;</li>
<li><a href="#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.bottom">
<!-- -->
</a></div>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
</nav>
<p class="legalCopy"><small>Copyright &#169; 1995&#x2013;2022 <a href="https://webtide.com">Webtide</a>. All rights reserved.</small></p>
</footer>
</body>
</html>