View Javadoc
1   package com.atlassian.sal.api.auth;
2   
3   import javax.servlet.http.HttpServletRequest;
4   import javax.servlet.http.HttpServletResponse;
5   
6   /**
7    * Allows the underlying framework to take some actions on authentication events.
8    *
9    * @since 2.0
10   */
11  public interface AuthenticationListener {
12      /**
13       * Called when the signature is validated and the user is resolved and permissions are verified.  Responsible
14       * for preparing the HTTP request or session such that the application sees the user as logged in for the rest of
15       * this request.
16       * <p>
17       * Will also be called in the event of a "verified" request - where the request has been verified to come from a
18       * remote system that is trusted due to 2LO but where an impersonating user is not configured.
19       *
20       * @param result   Authentication result containing the user
21       * @param request  Current HTTP request being processed
22       * @param response HTTP response for the current request, provided so the application can set any headers it might
23       *                 need set
24       */
25      void authenticationSuccess(Authenticator.Result result, HttpServletRequest request, HttpServletResponse response);
26  
27      /**
28       * Called when the signature cannot be validated or the user cannot be resolved or does not have permission
29       * to access the resource.
30       *
31       * @param result   Authentication result containing the details of the failure
32       * @param request  Current HTTP request being processed
33       * @param response HTTP response for the current request, provided so the application can set any headers it might
34       *                 need set
35       */
36      void authenticationFailure(Authenticator.Result result, HttpServletRequest request, HttpServletResponse response);
37  
38      /**
39       * Called when there is a failure in trying to process the request, such as an IO failure.
40       *
41       * @param result   Authentication result containing the details of the error
42       * @param request  Current HTTP request being processed
43       * @param response HTTP response for the current request, provided so the application can set any headers it might
44       *                 need set
45       */
46      void authenticationError(Authenticator.Result result, HttpServletRequest request, HttpServletResponse response);
47  
48      /**
49       * Called if it was determined that authentication should not be attempted, usually because the
50       * {@link AuthenticationController#shouldAttemptAuthentication(HttpServletRequest)} returned {@code false}.
51       *
52       * @param request  Current HTTP request being processed
53       * @param response HTTP response for the current request, provided so the application can set any headers it might
54       *                 need set
55       */
56      void authenticationNotAttempted(HttpServletRequest request, HttpServletResponse response);
57  }