net.shibboleth.idp.authn

Class AuthenticationResult

java.lang.Object

net.shibboleth.idp.authn.AuthenticationResult

All Implemented Interfaces:

PrincipalSupportingComponent

@ThreadSafe
public class AuthenticationResult
extends Object
implements PrincipalSupportingComponent

Describes an act of authentication.

Any authentication flow that succeeds must produce a single instance of this object. It may be composite, in the sense that it may represent a combination of separate exchanges that make up a single overall result, but the IdP always acts on a single result as the product of a given request for a login.

Field Summary

Fields

Modifier and Type	Field and Description
private String	authenticationFlowId The identifier of the flow used to produce this result.
private long	authenticationInstant The time, in milliseconds since the epoch, that the authentication completed.
private long	lastActivityInstant The last time, in milliseconds since the epoch, this result was used to bypass authentication.
private boolean	previousResult Tracks whether a result was loaded from a previous session or created as part of the current request.
private Subject	subject The Subject established by the authentication result.

Constructor Summary

Constructors

Constructor and Description
AuthenticationResult(String flowId, Principal principal) Constructor.
AuthenticationResult(String flowId, Subject newSubject) Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
boolean	equals(Object obj)
String	getAuthenticationFlowId() Get the flow used to authenticate the principal.
long	getAuthenticationInstant() Get the time, in milliseconds since the epoch, that the authentication completed.
long	getLastActivityInstant() Get the last time, in milliseconds since the epoch, this result was used for authentication.
Subject	getSubject() Get the Subject identifying the authenticated entity.
private String	getSubjectName() Get a suitable principal name for logging/debugging use.
<T extends Principal> Set<T>	getSupportedPrincipals(Class<T> c) Get an immutable set of supported custom principals that the component produces, supports, contains, etc.
int	hashCode()
boolean	isPreviousResult() Get whether this result was loaded from a session as the product of a previous request.
void	setAuthenticationInstant(long instant) Set the time, in milliseconds since the epoch, that the authentication completed.
void	setLastActivityInstant(long instant) Set the last time, in milliseconds since the epoch, result was used for authentication.
void	setLastActivityInstantToNow() Set the last activity instant, in milliseconds since the epoch, for this result to the current time.
void	setPreviousResult(boolean flag) Set whether this result was loaded from a session as the product of a previous request.
String	toString()

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

subject

@Nonnull
private final Subject subject

The Subject established by the authentication result.

authenticationFlowId

@Nonnull
@NotEmpty
private final String authenticationFlowId

The identifier of the flow used to produce this result.

authenticationInstant

@Positive
private long authenticationInstant

The time, in milliseconds since the epoch, that the authentication completed.

lastActivityInstant

@Positive
private long lastActivityInstant

The last time, in milliseconds since the epoch, this result was used to bypass authentication.

previousResult

private boolean previousResult

Tracks whether a result was loaded from a previous session or created as part of the current request.

Constructor Detail

AuthenticationResult

public AuthenticationResult(@Nonnull@NotEmpty
                    String flowId,
                    @Nonnull
                    Subject newSubject)

Constructor.

Sets the authentication instant to the current time.

Parameters:

flowId - the workflow used to authenticate the subject

newSubject - a Subject identifying the authenticated entity

AuthenticationResult

public AuthenticationResult(@Nonnull@NotEmpty
                    String flowId,
                    @Nonnull
                    Principal principal)

Constructor.

Sets the authentication instant to the current time.

Parameters:

flowId - the workflow used to authenticate the subject

principal - a Principal identifying the authenticated entity

Method Detail

getSubject

@Nonnull
public Subject getSubject()

Get the Subject identifying the authenticated entity.

Returns:

a Subject identifying the authenticated entity

getSupportedPrincipals

@Nonnull
@NonnullElements
@Unmodifiable
public <T extends Principal> Set<T> getSupportedPrincipals(@Nonnull
                                                                                       Class<T> c)

Get an immutable set of supported custom principals that the component produces, supports, contains, etc.

Specified by:

getSupportedPrincipals in interface PrincipalSupportingComponent

Type Parameters:

T - type of Principal to inquire on

Parameters:

c - type of Principal to inquire on

Returns:

a set of matching principals

getAuthenticationFlowId

@Nonnull
@NotEmpty
public String getAuthenticationFlowId()

Get the flow used to authenticate the principal.

Returns:

flow used to authenticate the principal

getAuthenticationInstant

@Positive
public long getAuthenticationInstant()

Get the time, in milliseconds since the epoch, that the authentication completed.

Returns:

time, in milliseconds since the epoch, that the authentication completed, never non-positive

setAuthenticationInstant

public void setAuthenticationInstant(@Positive
                            long instant)

Set the time, in milliseconds since the epoch, that the authentication completed.

Parameters:

instant - time, in milliseconds since the epoch, that the authentication completed, never non-positive

getLastActivityInstant

@Positive
public long getLastActivityInstant()

Get the last time, in milliseconds since the epoch, this result was used for authentication.

Returns:

last time, in milliseconds since the epoch, this result was used for authentication

setLastActivityInstant

public void setLastActivityInstant(@Positive
                          long instant)

Set the last time, in milliseconds since the epoch, result was used for authentication.

Parameters:

instant - last time, in milliseconds since the epoch, result was used to bypass authentication

setLastActivityInstantToNow

public void setLastActivityInstantToNow()

Set the last activity instant, in milliseconds since the epoch, for this result to the current time.

isPreviousResult

public boolean isPreviousResult()

Get whether this result was loaded from a session as the product of a previous request.

Returns:

true iff this result was produced as part of an earlier request

Since:

3.3.0

setPreviousResult

public void setPreviousResult(boolean flag)

Set whether this result was loaded from a session as the product of a previous request.

Parameters:

flag - flag to set

Since:

3.3.0

hashCode

public int hashCode()

Overrides:

hashCode in class Object

equals

public boolean equals(Object obj)

Overrides:

equals in class Object

toString

public String toString()

Overrides:

toString in class Object

getSubjectName

@Nullable
private String getSubjectName()

Get a suitable principal name for logging/debugging use.

Returns:

a principal name for logging/debugging