All Classes and Interfaces
Class
Description
Generic
AttributeValueSyntax
factory simplifying its creation.Common code for all
CredentialRetrieval
implementations.Common boilerplate for
CredentialRetrievalFactory
implementations.Helper to easily create credential factories.
Typical boilerplate for all endpoints.
Boilerplate code for the input profile's
InputTranslationActionFactory
implementations.Helper to easily create credential factories.
Abstract
LocalCredentialVerificator
with a common boilerplate code.Boilerplate code for the output profile's
OutputTranslationActionFactory
implementations.Minor helper for remote verificators to properly call
RemoteAuthnResultTranslator
Abstract
CredentialVerificator
with a common boilerplate code.Typical boilerplate for all
WebAppEndpointInstance
s.Describes parameter of a translation action.
Signals that additional authentication is required prior to invoking the operation but it is not
configured properly so the operation can't succeed.
Signals that additional authentication is required prior to invoking the operation
Comment made by a system entity, i.e.
Defines an agreement to be shown.
Generates Asciidoc table with properties info
Represents an attribute instance.
Helper for handling
AttributesClass
es of an entity.Attribute class management API.
Defines how a mapped attribute should be handled.
Extends the basic
Attribute
with metadata which is set by the server when returning
attributes.Implementation defines an
AttributeType
metadata.Attribute registration option.
Represents attribute class, i.e.
Provides servlet with public access to user's content stored in attributes,
of those syntaxes that provides
AttributeValueSyntax.publicExposureSpec()
implementation.Attributes management API.
Attribute statement allows for generating dynamic attributes.
This interface collect engine's operations related to attributes.
Maintains a simple registry of available
AttributeValueSyntaxFactory
ies.Attribute type defines rules for handling attributes.
Attribute types management API.
API helping to manipulate attributes, used internally
Performs conversion of
Attribute
values in a convenient to use way.Base interface defining attribute value syntax.
Implementations allow to instantiate
AttributeValueSyntax
instances.Holds information entity that initiate event or was subject of event.
Holds information about single event that occur in the system.
AuditEvent management API.
Enum containing Tag values - provided to organize possible values.
Stores information about authenticated entity during the authentication.
Thrown on authentication problem.
Stores information about a authentication flow, as configured by administrator and selectable by
a user or client.
Configuration of a authentication flow.
API for authentication flow management.
Represents an authentication option, which is a pair of authenticator id and one of its authentication option ids.
Creates and parses string representation containing authenticator key and its authN option key.
Represents selection of authentication options: either a single concrete one or all options
under a common authenticator.
Utility methods processing results of authenticators.
Authentication realm definition.
Base contract of authentication result - have remote and local authn variants.
Describes context of authentication: in which realm it happens (or happened), what flow is used, which option
was used and which factor it was which can be 1 or 2 (at least until we start support 3rd factor authn).
DTO containing information about a user being authenticated.
Describes authenticator configuration.
Describes authenticator configuration.
Representation of an authenticator instance, which is a composition of
CredentialRetrieval
and
CredentialVerificator
, configured.Describes a configured authenticator instance in implementation agnostic way.
API for authenticators management.
Describes authenticator context of authentication: in which realm it happens (or happened), what flow is used,
which factor it was which can be 1 or 2 (at least until we start support 3rd factor authn).
Provides access to authenticators.
Describes an available authenticator type.
Thrown when there is authorization problem
Thrown when there is authorization problem, this is a runtime variant.
API for authorization management.
Holds the information relevant for automatic invitation processing.
Contains common informations used during confirmation
Base class with shared state for
RegistrationForm
and EnquiryForm
.Builder of
BaseForm
Configuration of notifications related to all kinds of forms.
Base of enquiry and registration requests.
BaseRegistrationInputBuilder<T extends BaseRegistrationInput,GeneratorT extends BaseRegistrationInputBuilder<?,?>>
Builder of
BaseRegistrationInput
.BaseRegistrationInputBuilder.CredentialParamValueBuilderBase<GeneratorT extends BaseRegistrationInputBuilder.CredentialParamValueBuilderBase<GeneratorT>>
BaseRegistrationInputBuilder.IdentityParamBuilderBase<GeneratorT extends BaseRegistrationInputBuilder.IdentityParamBuilderBase<GeneratorT>>
BaseRegistrationInputBuilder.SelectionBuilderBase<GeneratorT extends BaseRegistrationInputBuilder.SelectionBuilderBase<GeneratorT>>
Used in
FormLayout
to represent a form element being placed - for
positioning of simple elements which has only one instance (e.g.Interface defining binding specific API (e.g.
Action used instead of a real action when it is misconfigured.
Action used instead of a real action when it is misconfigured.
Supports fast resolving of data about a group contents in bulk.
Defines API allowing for bulk processing of entities - both manually and basing on a repeatable schedule.
Thrown when capacity limit is reached.
Simply string code generator
Wraps comment with its date.
Contains settings which are common for all IdP endpoints
Loads configuration properties.
Interface implemented by a bean providing a programatically set configuration.
Stores information about confirmation.
Defines possible options for registration element confirmation
Various useful application wide constants
Cookie finder
Configured instance of
CredentialType
.Marker interface.
Allows for performing various credential related operations which needs to be handled internally,
not via the public API.
Stores information about entity authentication: the id of
CredentialRequirements
and the state.Credential management API
Credential registration parameter
Stores information about credential: its status and credential-type dependent data,
e.g.
Thrown when credential being set was recently used
Credential registration option.
API for
CredentialRequirements
management.Set of credentials.
Implementations provide a credential reset functionality.
Retrieves credential, using a some binding specific method.
Implementations allows for creating
CredentialRetrieval
s of a particular type.Describes credential type as username and password or one-time password.
Implementations allow for verification of the provided credential.
Produces
CredentialVerificator
s of a particular type.Contains information about db dump content.
Returns the configuration file: use a reselected one with property or the default one if not set.
Counts unsuccessful authentication attempts per client's IP address.
Holds information about delegated group.
Holds information about delegated group and subgroup.
Internal engine API for delegated groups management
Holds information about delegated group member.
General purpose interface, useful for extending.
Bean implementation of
DescribedObject
interface.Read only implementation of
DescribedObject
interface.Wrapper for
Attribute
.Contains necessary informations used during the confirmation a attribute
Email confirmation subsystem configuration entry
Confirmation manager for email attribute or identity
Creates redirect URL which shall be used in certain situations after confirmation of email.
Provides servlet used as a email confirmation endpoint
Contains necessary informations used during the confirmation a identity
Complete information allowing to create an endpoint
Base endpoint configuration.
Implemented by a class which allows to create an endpoint instance ready for hot deployment.
Generic endpoint instance.
Management of endpoints
Helper for validation endpoint path
Defines a static description of an endpoint.
Super class of all API exceptions.
Configuration of an enquiry form.
Builder of
EnquiryForm
.Configuration of notifications related to enquiry forms.
Enquires support: forms, submissions of requests and their processing.
Enquiry response, tied to an
EnquiryForm
.Builder of
EnquiryResponse
Specialization of
UserRequestState
for EnquiryResponse
s.Represents an entity with complete information - as retrieved from the system.
Implementation performs an action on a given entity.
Marker of
EntityAction
factoriesMaintains a simple registry of available
EntityActionFactory
ies.Describes entity status change prescribed by the profile.
API for management of entities' credentials.
Stores information about entity, besides its identities, credentials and basic information as id.
EntityParam with group context information
Almost all information about a single entity in general plus attributes in a particular group and in root group
Engine API for (closely related) entities and identities management.
Allows for flexible addressing of a subject of a method operating on a particular entity:
either using entityId or using
IdentityValue
(belonging to the entity).Various helper operations allowing for converting and checking identity and entity related parameters.
Describes an operation to be scheduled on an entity.
Overall entity status.
Entity and a value of (one of) its credential attribute
Marker interface for EventProcessor execution abstraction.
Defines the well known phases of events.
Event listeners are
Event
consumers.Management of event listeners
Allows for sending platform events.
Allows for sending platform events.
Throw to signal that further execution of the translation profile should be stopped and that the whole
process should be finished with error.
Provides server-wide thread pool.
Describes expected identity
Parses external data into types usable in Unity API.
Configures which remote signUp methods should be shown in grid.
Configures the external sign up process during registration.
Provides access to local or remote file.
Various internally useful operations, related to forms automation.
represents a fixed section caption
Used in
FormLayout
to represent a form element being placed.Describes a layout of a
BaseForm
: ordering of its elements and additional
metadata needed only for rendering (as section titles).Types of form layout elements.
Provides visual configuration that can be applied on a
BaseForm
.Utility class to deal with most common operations like form validation or
generating default layout.
represents a fixed button with custom caption
Represents one of the variable form elements, which can have multiple
occurrences: attributes, identities, groups and credentials.
Represents a visual separator between sections.
Used for cases where plain web page should be presented to the user, based on freemarker template.
Helper with shared routings for bootstraping template engine.
Group holds set of other elements: other groups and identities.
Group authorization role with description
Holds information about group contents.
Generates and validates registration and enquiry forms
Contains configuration of group delegation
Breaks group membership change request into three groups: unchanged groups,
added groups and removed groups
Defines how a mapped group should be handled.
Stores information about entity's membership in a group.
Marker interface for data structure used for bulk queries on group members and their attributes.
Information about a group membership to be added for an entity being registered.
Matcher of group to ant-style pattern.
Group registration option.
Information about selected group or groups, corresponding to a single form choice.
Internal engine API for groups management.
Marker interface for data structure used for bulk queries on group structural contents (subgroups, their metadata).
Servlet filter blocking access to all configured resources.
Various useful project management related constants
Stores in thread local state related to the HTTP request being served by the thread.
Defines displayed name and description, both with a possibility to be translated
Objects are used to store message templates with localized strings.
String in several languages.
Helper to (de)serialize
I18nString
.Stores message key and arguments, to be resolved from message bundle.
Represents an identity with full information as returned from the engine.
Defines how a mapped
IdentityParam
should be handled.Throws to indicate that user already exists in the system.
This class is useful when creating a new Identity.
Identity registration option.
Allows for resolving an identity into entity, returning also its credential.
Represents an identity type and value.
Type of identity.
Implementation defined identity type.
Internal engine API for entities and identities management.
Maintains a simple registry of available
IdentityTypeDefinition
s.Internally useful support API for handling identity types.
This component allows the generic Unity part (not IdP endpoint specific) to obtain information
on the IdP login being performed and forcefully cleaning it.
Implemented by an IdP endpoint and registered with
IdPLoginController
to inform it
about authentications against the IdP.Maps
PolicyAgreementConfiguration
to properties and vice versaThrown when attribtue type is invalid.
Thrown when attribtue value is invalid.
Thrown when credential definition is invalid.
Thrown when there is problem with submitted form (enquiry, registration etc).
Thrown when type is invalid.
Thrown when group value is invalid.
Thrown when identity value is invalid.
Thrown when type is invalid.
Enumeration representing support image types.
Factory for @{IncludeInputProfileAction}
Factory for @{IncludeInputProfileAction}
Several classes in the API must have default constructors.
Instance of this interface is configured with parameters and performs a translation
of a remotely obtained information about a client.
Marker interface of factories producing
InputTranslationAction
, besides marking narrows down
returned types.Maintains a simple registry of available
InputTranslationActionFactory
ies.Holds information about integration event
Integration event definition.
Responsible for processing integration events
Maintains a
IntegrationEventDefinition
s.Represent single integration event variable
Handles authentication results for interactive authentications (typically over some web binding).
Used to prevent from session fixation attack.
Thrown when a low level problem occurs, which in principle shouldn't happen.
Invitations to fill registration form management
Base data of invitation parameter.
Complete invitation as stored in the system.
Stores thread-local information about the current request metadata in thread local variable.
Provides serialization of Exception to JSON format.
Simplifies JSON parsing a little bit
This class object is returned by local authenticator with information about authentication result.
Registry of components which are used to create
LocalCredentialVerificator
s.State of the local credential initialization for an entity.
Verificator of local credentials.
Produces
LocalCredentialVerificator
s of a particular type.Represents login session.
Maintains an association of Unity's
LoginSession
s with HttpSession
s.Performs a logout, including logout of additional session participants, in case of logout initiated directly
in Unity.
Factory of
LogoutProcessor
s.Mapped
Attribute
with AttributeEffectMode
.Mapped group: name and flag stating whether it should be created if missing.
Stores a set of mapping results, produced by one or more translation actions.
Thrown when there is merge conflict which shall be reported
Message type integration event configuration
Holds information about single message
Management of messages
Wraps notification message template.
Objects are used to interchange resolved messages, with substituted parameters and
fixed locale.
Maintains a
MessageTemplateDefinition
s.This interface allows clients to manipulate message templates.
Helper: checks if given message or text has only variables supported by a template consumer.
Defines the message content type, used in
MessageTemplate
, to
properly format the information send through notification facilities.Messages related utilities
Mobile number confirmation subsystem configuration entry
Confirmation manager for mobile number
Represents an certificate with name
Defines method to get object's name.
Provides access to the information of the network server.
Notification channel stores configuration used by a facility to create channel instances.
Information returned about an installed notification channel
Notification sending facility.
Management and usage of notifications subsystem (email, sms, ...)
Notification status.
Injects
ObjectMapper
to Spring containerBase class of registration parameters which can be set as optional.
Base class of all output profile action instances.
Marker interface of factories producing
OutputTranslationAction
s, also narrow down returned types.Maintains a simple registry of available
OutputTranslationActionFactory
ies.Defines in what mode the parameter should be collected
Provides information about partial state of authentication.
Provides access to PKI related stores: credentials, certificates and truststores (validators).
Policy agreements management API
Policy documents management API
Controller making decisions on what to do/show after completed registration.
Preferences management API - allows for storing and retrieving user's preferences,
useful for example for the web endpoints.
Enhanced information about prefilled entry
Controls how the pre filled entries are treated
Holds information about project invitation.
Base data of project invitation parameter
Internal engine API for project invitations management
Various useful project management related constants
Holds information about project request
Engine API for project update request management
Holds base information about project request
Retrieve translation profile from properties
Defines a Spring Component of prototype scope.
Used in conjunction with attribute syntax
AttributeValueSyntax.publicExposureSpec()
implementation.Defines constants and helper methods used to create public form access URI.
Provides servlet which gives access to public well known-links handler.
Authentication realm is a group of endpoints which share the same authentication context:
in the first place login session.
Base class for storing some context information related to external login using a redirect.
Maintains a simple registry of available
RegistrationTranslationActionFactory
ies.Describes registration context, i.e.
Describes how the registration form was triggered.
Base class for states of confirmation process which are bound to a registration request (as opposite
to confirmations associated with an existing user).
Configuration of a registration form.
Builder of
RegistrationForm
Holds the information about primary and secondary layouts used in
registration form.
Configuration of the notifications which should be sent when form's requests are submitted or processed.
Generator for registration translation action
Base class of registration parameters
Creates redirect URL which shall be used in certain situations after registration request submission
or confirmation of request's email.
Contains necessary informations used during the confirmation a attribute in
registration request
Contains necessary informations used during the confirmation a identity in
registration request
Registration request, tied to a registration form contains data collected
during registration process.
Action related to a registration request.
Builder of
RegistrationRequest
Specialization of
UserRequestState
for RegistrationRequest
s.Status of registration request
Registrations support: forms, submissions of requests and their processing.
Base of all actions operating on a contents of a registration request submitted by a prospective user.
Marker interface of the factories producing registration actions.
Configuration of behavior that can happen in various cases of registration finish.
Base class for storing some context information related to external login using relay state.
Defines how to remeberinging the user's login
Contains information used by remember me functionality
Generic representation of a remotely obtained attribute.
Maintains a map of remote authentication contexts matched by some string key.
Thrown on authentication problem.
This class object is returned by authenticator with information about authentication result.
Process remotely obtained authentication data
(
RedirectedAuthnState
), to obtain the final decision.Processes
RemotelyAuthenticatedInput
by applying a translation profile to it and
returns RemotelyAuthenticatedPrincipal
or AuthenticationResult
depending whether
caller wants to have a possibility to postprocess the translation profile output or not.Represents a remote group membership
Represents a remote identity
Generic representation of a remotely obtained information, used for subclassing.
Holds a raw information obtained from an upstream IdP.
Holds information about a user which was obtained and verified by a remote upstream IdP.
Stores full information on the remote sandboxed authentication.
Group membership change request sliced into three groups: unchanged groups, added groups and removed groups
Enriches
Endpoint
with data which is derived from that object, but is handy to be stored
in a resolved way: full AuthenticationRealm
and EndpointTypeDescription
are added.Rest group authorization role with description
Simple routing (dispatching) servlet.
Unchecked engine exception, used mainly in scenarios where spring cannot
handle checked exceptions e.g.
Event that provides details of a finished sandbox authentication.
Extended by
SandboxAuthnRouter
- contains the code which is interested with results of sandbox authenticationMain sandbox authentication router interface.
Represents an installed scheduled processing rule.
Extends
TranslationRule
by introducing an execution schedule.Thrown when operation would cause database schema consistency violation.
Holds parsed scripts configuration
UnityServerConfiguration.SCRIPTS
.Type of script.
Secured tokens API allows for manipulating generic tokens.
Constants of the endpoint with well known links
Base class of option selection, actually binary.
Interface implemented by modules providing server initialization logic, e.g.
Provides access to general maintenance operations.
Internal login sessions management
Callback interface.
Holds information about login session participant (remote IdP or relaying party).
Holds multiple
SessionParticipant
s.Session attribute updater adding a new SessionParticipant to the session.
Defines an implementation of
SessionParticipant
, with factory method.Maintains a simple registry of available
SessionParticipantType
s.Management of the single, shared, internal Unity endpoint, which is not under administrator's control.
Contains code with validity time and mobileNumber related with this code.
This interface is enforced for some types of objects which are instantiated otherwise
and later on configured with some text configuration.
Implementations (must be Spring components) provide additional system attribute types, defined by extensions.
Time related utilities.
Represent facility used for map contents of
Token
objects (which is basically an opaque
byte array for the engine) to some meaningful JSON representation, useful especially
when presenting tokens to outside world, e.g.Tokens API allows for manipulating generic tokens.
Receives notifications about expired tokens.
Base for all tokens where contents is storing byte[] serialized JSON.
Signals an error of too many attempts, e.g.
Output of
RegistrationRequest
or EnquiryResponse
translation with a
corresponding translation profile.Describes a configured translation action.
Creates
TranslationActionInstance
s.Minimal base for translation action instance, configured to be executed.
Describes a translation action implementation.
MVEL condition of translation rule.
Internal interface allowing to get included profile parameter from input or output translation action.
Translation input: a complete information about an entity.
Definition of a translation profile.
Helpers methods for generating translation profiles
This interface allows clients to manipulate translation profiles.
Result of output translation.
Stores information about a pair: condition and
TranslationAction
.Maintains a simple registry of some implementations.
Extends
FilePropertiesHelper
with Unity specific methods.Configuration of the Jetty server, baseline for all HTTP based endpoints
Class providing Image related information and operations.
Configures disk based truststores and credentials, which are named and can be referenced.
Extends
PropertiesHelper
with Unity specific methods: returning localized strings
and caching of UnityPropertiesHelper.getSortedStringKeys(String, boolean)
method results.Principal options are defined here: ids and corresponding default values.
Thrown when email value is unknown
Thrown when identity value is invalid.
Thrown on authentication problem, when the user is properly authenticated remotely
but is unknown in the local DB (after a complete translation profile execution).
Counts unsuccessful authentication attempts per client's IP address.
Thrown when a low level problem with read uri occurs.
A helper class for parsing uri from string and validating it against used
schemes
Describes whether&how a parameter can be pre-filled with information obtained from a URL query string
Base class for states of confirmation process which are bound to a user existing in the database (as opposite
to confirmations associated with a registration request).
Allows for manual triggering of user import.
Internal API for triggering user import.
Defines user import to be performed
User import implementation must implement this interface.
Factory of
UserImportSPI
.Records an information about registration request or enquiry state.
Represent element which can be confirmed.
Base for all VerifiableElements.
Email which can be confirmed by user.
Mobile number which can be confirmed by user.
Servlet endpoint instance
Webhook type integration event configuration
Complete information on what to show on the final screen after completed workflow.
Thrown when there is problem with arguments, and when we want to have a checked exception.