All Superinterfaces:: SecurityProvider

All Known Implementing Classes:: IdcsMtRoleMapperProvider, IdcsRoleMapperProvider, IdcsRoleMapperProviderBase

Functional Interface:: This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.

@FunctionalInterface public interface SubjectMappingProvider extends SecurityProvider

A provider that maps subject(s) authenticated by an authentication provider to a new subject. This may be replacing the subject, adding roles to the subject etc. Subjects may be a user subject or a service subject.

Method Summary

Modifier and Type

Method

Description

AuthenticationResponse

map(ProviderRequest providerRequest, AuthenticationResponse previousResponse)

Map grants from authenticated request (e.g.

Methods inherited from interface io.helidon.security.spi.SecurityProvider
supportedAnnotations, supportedAttributes, supportedConfigKeys, supportedCustomObjects

Method Details
- map
  
  AuthenticationResponse map(ProviderRequest providerRequest, AuthenticationResponse previousResponse)
  
  Map grants from authenticated request (e.g. one or both of ProviderRequest.subject() or ProviderRequest.service() returns a non-empty value) to a new authentication response. The provider can change/add/remove grants (such as groups, scopes, permissions) or change the subject to a different one. This method is only invoked after a successful authentication.
  
  Parameters:
  
  providerRequest - request to get user and service subjects from
  
  previousResponse - response from previous authentication or subject mapping provider
  
  Returns:
  
  a new authentication response with updated user and/or service subjects

Interface SubjectMappingProvider

Method Summary

Methods inherited from interface io.helidon.security.spi.SecurityProvider

Method Details

map