Package com.atlassian.crowd.integration.http.util

Interface CrowdHttpTokenHelper

All Known Implementing Classes:

CrowdHttpTokenHelperImpl

public interface CrowdHttpTokenHelper

Helper class for Crowd SSO token operations.

Method Summary

Modifier and Type	Method	Description
String	getCrowdToken(javax.servlet.http.HttpServletRequest request, String tokenName)	Retrieves the Crowd authentication token from the request either via: a request attribute (not request parameter), OR a cookie on the request
UserAuthenticationContext	getUserAuthenticationContext(javax.servlet.http.HttpServletRequest request, String username, String password, ClientProperties clientProperties)	Returns the user authentication context from a request.
CrowdHttpValidationFactorExtractor	getValidationFactorExtractor()	Returns the ValidationFactor extractor.
void	removeCrowdToken(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, ClientProperties clientProperties, CookieConfiguration cookieConfig)	Removes the Crowd SSO token.
void	setCrowdToken(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String token, ClientProperties clientProperties, CookieConfiguration cookieConfig)	Sets the Crowd SSO token in: the request: as an attribute, so the user is authenticated for the span of the request. the response: as a cookie, so the user is authenticated for subsequent requests. Also sets the last session validation date/time.

Method Details

getCrowdToken

String getCrowdToken(javax.servlet.http.HttpServletRequest request,
 String tokenName)

Retrieves the Crowd authentication token from the request either via:

1. a request attribute (not request parameter), OR
2. a cookie on the request

Parameters:

request - request to look for the Crowd SSO token.

tokenName - name of the request attribute and cookie for the Crowd SSO token.

Returns:

value of the token if found, otherwise null.

Throws:

IllegalArgumentException - if the request or tokenName is null

removeCrowdToken

void removeCrowdToken(javax.servlet.http.HttpServletRequest request,
 javax.servlet.http.HttpServletResponse response,
 ClientProperties clientProperties,
 CookieConfiguration cookieConfig)

Removes the Crowd SSO token. Deletes the token cookie by session the cookie in the response to max age of 0; and removes the token attributes from the request.

Parameters:

request - request to invalidate the client for.

response - response to invalidate the cookie for. Can be null.

clientProperties - properties of the client

cookieConfig - cookie configuration. Can be null if response is null since no cookie will be set.

setCrowdToken

void setCrowdToken(javax.servlet.http.HttpServletRequest request,
 javax.servlet.http.HttpServletResponse response,
 String token,
 ClientProperties clientProperties,
 CookieConfiguration cookieConfig)

Sets the Crowd SSO token in:

1. the request: as an attribute, so the user is authenticated for the span of the request.
2. the response: as a cookie, so the user is authenticated for subsequent requests.

Also sets the last session validation date/time.

Parameters:

request - request to set the attribute and session attribute for.

response - response to set the cookie for. Can be null.

token - token value to use.

clientProperties - properties of the client

cookieConfig - Cookie configuration

getUserAuthenticationContext

UserAuthenticationContext getUserAuthenticationContext(javax.servlet.http.HttpServletRequest request,
 String username,
 String password,
 ClientProperties clientProperties)

Returns the user authentication context from a request.

Parameters:

request - HttpRequest object

username - user's name

password - user's password

clientProperties - properties of the client

Returns:

UserAuthenticationContext.

getValidationFactorExtractor

CrowdHttpValidationFactorExtractor getValidationFactorExtractor()

Returns the ValidationFactor extractor.

Returns:

validation factor extractor