Module org.eclipse.jetty.security.openid
Package org.eclipse.jetty.security.openid

Class OpenIdAuthenticator

java.lang.Object
org.eclipse.jetty.security.authentication.LoginAuthenticator
org.eclipse.jetty.security.openid.OpenIdAuthenticator
All Implemented Interfaces:
org.eclipse.jetty.security.Authenticator
public class OpenIdAuthenticator extends org.eclipse.jetty.security.authentication.LoginAuthenticator

Implements authentication using OpenId Connect on top of OAuth 2.0.

The OpenIdAuthenticator redirects unauthenticated requests to the OpenID Connect Provider. The End-User is eventually redirected back with an Authorization Code to the path set by setRedirectPath(String) within the context. The Authorization Code is then used to authenticate the user through the OpenIdCredentials and OpenIdLoginService.

Once a user is authenticated the OpenID Claims can be retrieved through an attribute on the session with the key CLAIMS. The full response containing the OAuth 2.0 Access Token can be obtained with the session attribute RESPONSE.

SessionAuthentication is then used to wrap Authentication results so that they are associated with the session.

  • Field Details

  • Constructor Details

  • Method Details

    • setConfiguration

      public void setConfiguration(org.eclipse.jetty.security.Authenticator.Configuration authConfig)
      Specified by:
      setConfiguration in interface org.eclipse.jetty.security.Authenticator
      Overrides:
      setConfiguration in class org.eclipse.jetty.security.authentication.LoginAuthenticator

    • getAuthenticationType

      public String getAuthenticationType()

    • setAlwaysSaveUri

      @Deprecated public void setAlwaysSaveUri(boolean alwaysSave)
      Deprecated.

    • isAlwaysSaveUri

      @Deprecated public boolean isAlwaysSaveUri()
      Deprecated.

    • setRedirectPath

      public void setRedirectPath(String redirectPath)

    • setLogoutRedirectPath

      public void setLogoutRedirectPath(String logoutRedirectPath)

    • setErrorPage

      public void setErrorPage(String path)

    • login

      public org.eclipse.jetty.security.UserIdentity login(String username, Object credentials, org.eclipse.jetty.server.Request request, org.eclipse.jetty.server.Response response)
      Overrides:
      login in class org.eclipse.jetty.security.authentication.LoginAuthenticator

    • logout

      public void logout(org.eclipse.jetty.server.Request request, org.eclipse.jetty.server.Response response)
      Overrides:
      logout in class org.eclipse.jetty.security.authentication.LoginAuthenticator

    • prepareRequest

      public org.eclipse.jetty.server.Request prepareRequest(org.eclipse.jetty.server.Request request, org.eclipse.jetty.security.AuthenticationState authenticationState)

    • getParameters

      protected org.eclipse.jetty.util.Fields getParameters(org.eclipse.jetty.server.Request request)

    • getConstraintAuthentication

      public org.eclipse.jetty.security.Constraint.Authorization getConstraintAuthentication(String pathInContext, org.eclipse.jetty.security.Constraint.Authorization existing, Function<Boolean,org.eclipse.jetty.server.Session> getSession)

    • validateRequest

      public org.eclipse.jetty.security.AuthenticationState validateRequest(org.eclipse.jetty.server.Request request, org.eclipse.jetty.server.Response response, org.eclipse.jetty.util.Callback cb) throws org.eclipse.jetty.security.ServerAuthException
      Throws:
      org.eclipse.jetty.security.ServerAuthException

    • isJSecurityCheck

      public boolean isJSecurityCheck(String uri)

    • isErrorPage

      public boolean isErrorPage(String pathInContext)

    • getChallengeUri

      protected String getChallengeUri(org.eclipse.jetty.server.Request request)