Class LoginStateHandler


  • @ApplicationScoped
    public class LoginStateHandler
    extends Object
    Keeps in session the available login provider configurations linked to a random UUID. In the case of OAuth 2.0, this UUID is used for preventing cross-site request forgery attacks by comparing that UUID with the value received in the state parameter of the authorization requests.
    • Constructor Detail

      • LoginStateHandler

        public LoginStateHandler()
    • Method Detail

      • addNewConfiguration

        public String addNewConfiguration​(String configId)
        Saves the given configuration ID in the session, linked to a random generated UUID.
        Parameters:
        configId - The ID of the record where the configuration is kept
        Returns:
        the generated UUID
      • isValidKey

        public boolean isValidKey​(String key)
        Validates if the given key is valid in the current session.
        Parameters:
        key - The key to be validated
        Returns:
        true if the key is valid or false in any other case.
      • getConfiguration

        public <T extends BaseOBObject> T getConfiguration​(Class<T> clz,
                                                           String key)
        Gets the configuration linked to the given key.
        Parameters:
        clz - The BaseOBObject class of the record where the configuration is kept
        key - The key linked to the configuration
        Returns:
        true if the key is valid or false in any other case.