Interface SubjectMappingProvider

  • All Superinterfaces:
    SecurityProvider
    Functional Interface:
    This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.

    @FunctionalInterface
    public interface SubjectMappingProvider
    extends SecurityProvider
    A provider that maps subject(s) authenticated by an authentication provider to a new subject. This may be replacing the subject, adding roles to the subject etc. Subjects may be a user subject or a service subject.
    • Method Detail

      • map

        CompletionStage<AuthenticationResponse> map​(ProviderRequest providerRequest,
                                                    AuthenticationResponse previousResponse)
        Map grants from authenticated request (e.g. one or both of ProviderRequest.subject() or ProviderRequest.service() returns a non-empty value) to a new authentication response. The provider can change/add/remove grants (such as groups, scopes, permissions) or change the subject to a different one. This method is only invoked after a successful authentication.
        Parameters:
        providerRequest - request to get user and service subjects from
        previousResponse - response from previous authentication or subject mapping provider
        Returns:
        a new authentication response with updated user and/or service subjects