001/* 002 * Copyright 2016 Anyware Services 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016package org.ametys.core.authentication; 017 018import org.apache.cocoon.environment.Redirector; 019 020import org.ametys.core.user.UserIdentity; 021 022/** 023 * Defines a {@link CredentialProvider} that can be non-blocking. 024 */ 025public interface NonBlockingCredentialProvider extends CredentialProvider 026{ 027 /** 028 * Method called by AuthenticateAction before asking for credentials. This 029 * method is used to bypass authentication. If this method returns true, no 030 * authentication will be require. Use it with care, as it may lead to 031 * obvious security issues. 032 * 033 * @return true if the Request is not authenticated 034 */ 035 public abstract boolean nonBlockingGrantAnonymousRequest(); 036 037 /** 038 * Validates that the user specify is still connected 039 * @param userIdentity the user previously correctly identified with this credential provider 040 * @param redirector The cocoon redirector 041 * @return true if this CredentialProvider was in a valid state, false to restart authentication process 042 * @throws Exception If an error occurred 043 */ 044 public abstract boolean nonBlockingIsStillConnected(UserIdentity userIdentity, Redirector redirector) throws Exception; 045 046 /** 047 * Method called by AuthenticateAction each time a request need 048 * authentication. 049 * 050 * @param redirector the cocoon redirector. 051 * @return the <code>UserIdentity</code> corresponding to the user (with or without population specified), or null if user could not get authenticated. 052 * @throws Exception if something wrong occurs 053 */ 054 public abstract UserIdentity nonBlockingGetUserIdentity(Redirector redirector) throws Exception; 055 056 /** 057 * Method called by AuthenticateAction each a user could not get 058 * authenticated. This method implementation is responsible of redirecting 059 * response to appropriate url. 060 * 061 * @param redirector the cocoon Redirector that can be used for redirecting response. 062 * @throws Exception if something wrong occurs 063 */ 064 public abstract void nonBlockingUserNotAllowed(Redirector redirector) throws Exception; 065 066 /** 067 * Method called by AuthenticateAction after authentication process succeeded 068 * @param userIdentity The user correctly connected 069 */ 070 public abstract void nonBlockingUserAllowed(UserIdentity userIdentity); 071}