|
IRISLIB database
|
|
|
IRISLIB database
|
|
The OAuth2.Server.Validate class is the default ValidateUserClass which is included with the server. More...
Static Public Member Functions | |
| _.Library.List | SupportedClaims () |
| The OAuth2.Server.Validate class is the default ValidateUserClass which is included with the server. More... | |
| _.Library.Boolean | Validate2FA (_.Library.String username, _.Library.String token) |
| If two factor authentication is enabled for this user, Validate2FA will be called to validate. More... | |
| _.Library.Boolean | ValidateClient (_.Library.String clientId, _.Library.String clientSecret, _.Library.ArrayOfDataTypes scope, _.OAuth2.Server.Properties properties, _.Library.Status sc) |
| The ValidateClient method returns true (1), if the client_id and client_secret refer to a. More... | |
| _.Library.Boolean | ValidateDelegatedAuthentication (_.OAuth2.Server.Properties properties, _.Library.String username, _.Library.Status sc) |
| Your custom ValidateDelegatedAuthentication method must return true only if. More... | |
| _.Library.Boolean | ValidateUser (_.Library.String username, _.Library.String password, _.Library.ArrayOfDataTypes scope, _.OAuth2.Server.Properties properties, _.Library.Status sc, _.Library.Boolean use2fa) |
| Your custom ValidateUser method must return true (1) only if the username and password refer to a valid user. More... | |
Additional Inherited Members | |
 Public Member Functions inherited from RegisteredObject | |
| _.Library.Status | OnAddToSaveSet (_.Library.Integer depth, _.Library.Integer insert, _.Library.Integer callcount) |
| This callback method is invoked when the current object is added to the SaveSet,. More... | |
| _.Library.Status | OnClose () |
| This callback method is invoked by the <METHOD>Close</METHOD> method to. More... | |
| _.Library.Status | OnConstructClone (_.Library.RegisteredObject object, _.Library.Boolean deep, _.Library.String cloned) |
| This callback method is invoked by the <METHOD>ConstructClone</METHOD> method to. More... | |
| _.Library.Status | OnNew () |
| This callback method is invoked by the <METHOD>New</METHOD> method to. More... | |
| _.Library.Status | OnValidateObject () |
| This callback method is invoked by the <METHOD>ValidateObject</METHOD> method to. More... | |
| Static Public Attributes inherited from RegisteredObject | |
| CAPTION = None | |
| Optional name used by the Form Wizard for a class when generating forms. More... | |
| JAVATYPE = None | |
| The Java type to be used when exported. | |
| PROPERTYVALIDATION = None | |
| This parameter controls the default validation behavior for the object. More... | |
The OAuth2.Server.Validate class is the default ValidateUserClass which is included with the server.
The default class will use the user database of the InterSystems IRIS instance where the authorization server is located to validate the user. The supported properties will be issuer (Issuer), roles and sub (Username).
The ValidateUserClass is specified in the Authorization Server Configuration. It must contain a ValidateUser method which will validate a username/password combination and return a set of properties associated with this user.
|
static |
The OAuth2.Server.Validate class is the default ValidateUserClass which is included with the server.
The default class will use the user database of the InterSystems IRIS instance where the authorization server is located to validate the user. The supported properties will be issuer (Issuer), roles and sub (Username).
The ValidateUserClass is specified in the Authorization Server Configuration. It must contain a ValidateUser method which will validate a username/password combination and return a set of properties associated with this user.
The SupportedClaims method returns a $list of claims that are supported
by this authorization server based on customizations. The SupportedClaims method is in the ValidateUserClass since this is where additional claims are usually added. The returned list is added to the list of claims defined by OpenID Connect Core and should include JWT, IDToken, userinfo endpoint and introspection endpoint claims.
|
static |
If two factor authentication is enabled for this user, Validate2FA will be called to validate.
the security code entered by the user to complete their authentication.
|
static |
The ValidateClient method returns true (1), if the client_id and client_secret refer to a.
client computer which may use the client credentials grant type based on whatever criteria the method chooses to implement. This client will already have been verified to be registered to this authorization server and thus will usually be accepted. ValidateClient populates the properties array argument with any properties needed to generate the access token. This correspond to the Properties arguments of OAuth2.Server.Token. The authorization server will always add the "iss" (URL of authorization server), "sub" (client_id), and "exp" (expiration time in seconds since December 31st, 1840) to ClaimValues and "client_id" (client_id of the requesting client) to CusotmProperties after return from ValidateUser if they have not already been added.
If not valid then false is returned.
This default ValidateClient accepts all clients and adds no properties.
|
static |
Your custom ValidateDelegatedAuthentication method must return true only if.
the delegated authentication event initiated by the DelegatedAuthentication method in the Authenticate class is valid. It must return false in other cases.
The properties.CustomProperties array may be used to pass values between the DelegatedAuthentication method and this one.
|
static |
Your custom ValidateUser method must return true (1) only if the username and password refer to a valid user.
based on whatever criteria you choose to implement. It must return false in other cases.
If password="", then the user is already logged into an existing session and the password does not need to be validated.
In addition, this method receives the properties array and can further modify it; this correspond to the Properties property of OAuth2.Server.Token. The authorization server will always add the "iss" (URL of authorization server), "sub" (client_id), and "exp" (expiration time in seconds since December 31st, 1840) to ClaimValues and "client_id" (client_id of the requesting client) to CusotmProperties after return from ValidateUser if they have not already been added.
This sample ValidateUser method validates the user based on the users for this instance. Set the use2fa output parameter to 1 (true) to indicate two factor authentication should be used. In this case the authenticate page will ask the user to enter a security code, which will be validated by <Method>Validate2FA</Method>.
1.9.1