Source code

001/*
002 * SonarQube
003 * Copyright (C) 2009-2017 SonarSource SA
004 * mailto:info AT sonarsource DOT com
005 *
006 * This program is free software; you can redistribute it and/or
007 * modify it under the terms of the GNU Lesser General Public
008 * License as published by the Free Software Foundation; either
009 * version 3 of the License, or (at your option) any later version.
010 *
011 * This program is distributed in the hope that it will be useful,
012 * but WITHOUT ANY WARRANTY; without even the implied warranty of
013 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014 * Lesser General Public License for more details.
015 *
016 * You should have received a copy of the GNU Lesser General Public License
017 * along with this program; if not, write to the Free Software Foundation,
018 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
019 */
020package org.sonar.api.server.authentication;
021
022import javax.servlet.http.HttpServletRequest;
023import javax.servlet.http.HttpServletResponse;
024
025/**
026 * @since 5.4
027 */
028public interface BaseIdentityProvider extends IdentityProvider {
029
030  /**
031   * Entry-point of authentication workflow. Executed by core when user
032   * clicks on the related button in login form (GET /sessions/init/{provider key}).
033   */
034  void init(Context context);
035
036  interface Context {
037
038    /**
039     * Get the received HTTP request.
040     * Note - {@code getRequest().getSession()} must not be used in order to support
041     * future clustering of web servers without stateful server sessions.
042     */
043    HttpServletRequest getRequest();
044
045    /**
046     * Get the HTTP response to send
047     */
048    HttpServletResponse getResponse();
049
050    /**
051     * Return the server base URL
052     * @see org.sonar.api.platform.Server#getPublicRootUrl()
053     */
054    String getServerBaseURL();
055
056    /**
057     * Authenticate and register the user into the platform.
058     *
059     * The first time a user is authenticated (and if {@link #allowsUsersToSignUp()} is true), a new user will be registered.
060     * Then, only user's name and email are updated.
061     *
062     * If @link #allowsUsersToSignUp()} is set to false and a new user try to authenticate,
063     * then the user is not authenticated and he's redirected to a dedicated page.
064     *
065     * If the email of the user is already used by an existing user of the platform,
066     * then the user is not authenticated and he's redirected to a dedicated page.
067     */
068    void authenticate(UserIdentity userIdentity);
069
070  }
071}