001/*
002 *  Copyright 2016 Anyware Services
003 *
004 *  Licensed under the Apache License, Version 2.0 (the "License");
005 *  you may not use this file except in compliance with the License.
006 *  You may obtain a copy of the License at
007 *
008 *      http://www.apache.org/licenses/LICENSE-2.0
009 *
010 *  Unless required by applicable law or agreed to in writing, software
011 *  distributed under the License is distributed on an "AS IS" BASIS,
012 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 *  See the License for the specific language governing permissions and
014 *  limitations under the License.
015 */
016package org.ametys.core.authentication;
017
018import org.apache.cocoon.environment.Redirector;
019
020import org.ametys.core.user.UserIdentity;
021
022/**
023 * Defines a {@link CredentialProvider} that can be non-blocking.
024 */
025public interface NonBlockingCredentialProvider extends CredentialProvider
026{
027    /**
028     * Method called by AuthenticateAction before asking for credentials. This
029     * method is used to bypass authentication. If this method returns true, no
030     * authentication will be require. Use it with care, as it may lead to
031     * obvious security issues.
032     * 
033     * @return true if the Request is not authenticated
034     */
035    public abstract boolean nonBlockingGrantAnonymousRequest();
036
037    /**
038     * Validates that the user specify is still connected
039     * @param userIdentity the user previously correctly identified with this credential provider
040     * @param redirector The cocoon redirector
041     * @return true if this CredentialProvider was in a valid state, false to restart authentication process
042     * @throws Exception If an error occurred
043     */
044    public abstract boolean nonBlockingIsStillConnected(UserIdentity userIdentity, Redirector redirector) throws Exception;
045
046    /**
047     * Method called by AuthenticateAction each time a request need
048     * authentication.
049     * 
050     * @param redirector the cocoon redirector.
051     * @return the <code>UserIdentity</code> corresponding to the user (with or without population specified), or null if user could not get authenticated.
052     * @throws Exception if something wrong occurs
053     */
054    public abstract UserIdentity nonBlockingGetUserIdentity(Redirector redirector) throws Exception;
055
056    /**
057     * Method called by AuthenticateAction each a user could not get
058     * authenticated. This method implementation is responsible of redirecting
059     * response to appropriate url.
060     * 
061     * @param redirector the cocoon Redirector that can be used for redirecting response.
062     * @throws Exception if something wrong occurs
063     */
064    public abstract void nonBlockingUserNotAllowed(Redirector redirector) throws Exception;
065
066    /**
067     * Method called by AuthenticateAction after authentication process succeeded
068     * @param userIdentity The user correctly connected
069     */
070    public abstract void nonBlockingUserAllowed(UserIdentity userIdentity);
071}