All Classes and Interfaces
Class
Description
Generic
AttributeValueSyntax factory simplifying its creation.Common code for all
CredentialRetrieval implementations.Common boilerplate for
CredentialRetrievalFactory implementations.Helper to easily create credential factories.
Typical boilerplate for all endpoints.
Boilerplate code for the input profile's
InputTranslationActionFactory implementations.Helper to easily create credential factories.
Abstract
LocalCredentialVerificator with a common boilerplate code.Boilerplate code for the output profile's
OutputTranslationActionFactory implementations.Minor helper for remote verificators to properly call
RemoteAuthnResultTranslatorAbstract
CredentialVerificator with a common boilerplate code.Typical boilerplate for all
WebAppEndpointInstances.Signals that additional authentication is required prior to invoking the operation but it is not
configured properly so the operation can't succeed.
Signals that additional authentication is required prior to invoking the operation
Generates Asciidoc table with properties info
Helper for handling
AttributesClasses of an entity.Attribute class management API.
Defines how a mapped attribute should be handled.
Implementation defines an
AttributeType metadata.Provides servlet with public access to user's content stored in attributes,
of those syntaxes that provides
AttributeValueSyntax.publicExposureSpec()
implementation.Attributes management API.
This interface collect engine's operations related to attributes.
Maintains a simple registry of available
AttributeValueSyntaxFactoryies.Attribute types management API.
API helping to manipulate attributes, used internally
Performs conversion of
Attribute values in a convenient to use way.Base interface defining attribute value syntax.
Implementations allow to instantiate
AttributeValueSyntax instances.AuditEvent management API.
Stores information about authenticated entity during the authentication.
Thrown on authentication problem.
Stores information about a authentication flow, as configured by administrator and selectable by
a user or client.
API for authentication flow management.
Utility methods processing results of authenticators.
Base contract of authentication result - have remote and local authn variants.
Describes context of authentication: in which realm it happens (or happened), what flow is used, which option
was used and which factor it was which can be 1 or 2 (at least until we start support 3rd factor authn).
DTO containing information about a user being authenticated.
Describes authenticator configuration.
Describes authenticator configuration.
Representation of an authenticator instance, which is a composition of
CredentialRetrieval and
CredentialVerificator, configured.Describes a configured authenticator instance in implementation agnostic way.
API for authenticators management.
Describes authenticator context of authentication: in which realm it happens (or happened), what flow is used,
which factor it was which can be 1 or 2 (at least until we start support 3rd factor authn).
Provides access to authenticators.
Describes an available authenticator type.
Thrown when there is authorization problem
Thrown when there is authorization problem, this is a runtime variant.
API for authorization management.
Holds the information relevant for automatic invitation processing.
Contains common informations used during confirmation
Interface defining binding specific API (e.g.
Action used instead of a real action when it is misconfigured.
Action used instead of a real action when it is misconfigured.
Supports fast resolving of data about a group contents in bulk.
Defines API allowing for bulk processing of entities - both manually and basing on a repeatable schedule.
Thrown when capacity limit is reached.
Simply string code generator
Contains settings which are common for all IdP endpoints
Loads configuration properties.
Interface implemented by a bean providing a programatically set configuration.
Cookie finder
Marker interface.
Allows for performing various credential related operations which needs to be handled internally,
not via the public API.
Credential management API
Thrown when credential being set was recently used
API for
CredentialRequirements management.Implementations provide a credential reset functionality.
Retrieves credential, using a some binding specific method.
Implementations allows for creating
CredentialRetrievals of a particular type.Implementations allow for verification of the provided credential.
Produces
CredentialVerificators of a particular type.Returns the configuration file: use a reselected one with property or the default one if not set.
Counts unsuccessful authentication attempts per client's IP address.
Holds information about delegated group.
Holds information about delegated group and subgroup.
Internal engine API for delegated groups management
Holds information about delegated group member.
Wrapper for
Attribute.Contains necessary informations used during the confirmation a attribute
Confirmation manager for email attribute or identity
Creates redirect URL which shall be used in certain situations after confirmation of email.
Provides servlet used as a email confirmation endpoint
Contains necessary informations used during the confirmation a identity
Implemented by a class which allows to create an endpoint instance ready for hot deployment.
Generic endpoint instance.
Management of endpoints
Helper for validation endpoint path
Enquires support: forms, submissions of requests and their processing.
Implementation performs an action on a given entity.
Marker of
EntityAction factoriesMaintains a simple registry of available
EntityActionFactoryies.Describes entity status change prescribed by the profile.
API for management of entities' credentials.
EntityParam with group context information
Almost all information about a single entity in general plus attributes in a particular group and in root group
Engine API for (closely related) entities and identities management.
Various helper operations allowing for converting and checking identity and entity related parameters.
Entity and a value of (one of) its credential attribute
Defines the well known phases of events.
Event listeners are
Event consumers.Management of event listeners
Allows for sending platform events.
Allows for sending platform events.
Throw to signal that further execution of the translation profile should be stopped and that the whole
process should be finished with error.
Provides server-wide thread pool.
Parses external data into types usable in Unity API.
Provides access to local or remote file.
Various internally useful operations, related to forms automation.
Used for cases where plain web page should be presented to the user, based on freemarker template.
Helper with shared routings for bootstraping template engine.
Group authorization role with description
Generates and validates registration and enquiry forms
Breaks group membership change request into three groups: unchanged groups,
added groups and removed groups
Defines how a mapped group should be handled.
Marker interface for data structure used for bulk queries on group members and their attributes.
Information about a group membership to be added for an entity being registered.
Matcher of group to ant-style pattern.
Internal engine API for groups management.
Marker interface for data structure used for bulk queries on group structural contents (subgroups, their metadata).
Various useful project management related constants
Stores in thread local state related to the HTTP request being served by the thread.
Defines how a mapped
IdentityParam should be handled.Allows for resolving an identity into entity, returning also its credential.
Implementation defined identity type.
Internal engine API for entities and identities management.
Maintains a simple registry of available
IdentityTypeDefinitions.Internally useful support API for handling identity types.
This component allows the generic Unity part (not IdP endpoint specific) to obtain information
on the IdP login being performed and forcefully cleaning it.
Implemented by an IdP endpoint and registered with
IdPLoginController to inform it
about authentications against the IdP.Maps
PolicyAgreementConfiguration to properties and vice versaThrown when credential definition is invalid.
Thrown when group value is invalid.
Thrown when type is invalid.
Factory for @{IncludeInputProfileAction}
Factory for @{IncludeInputProfileAction}
Instance of this interface is configured with parameters and performs a translation
of a remotely obtained information about a client.
Marker interface of factories producing
InputTranslationAction, besides marking narrows down
returned types.Maintains a simple registry of available
InputTranslationActionFactoryies.Holds information about integration event
Integration event definition.
Responsible for processing integration events
Maintains a
IntegrationEventDefinitions.Represent single integration event variable
Handles authentication results for interactive authentications (typically over some web binding).
Used to prevent from session fixation attack.
Invitations to fill registration form management
Stores thread-local information about the current request metadata in thread local variable.
This class object is returned by local authenticator with information about authentication result.
Registry of components which are used to create
LocalCredentialVerificators.Verificator of local credentials.
Produces
LocalCredentialVerificators of a particular type.Represents login session.
Maintains an association of Unity's
LoginSessions with HttpSessions.Performs a logout, including logout of additional session participants, in case of logout initiated directly
in Unity.
Factory of
LogoutProcessors.Mapped
Attribute with AttributeEffectMode.Mapped group: name and flag stating whether it should be created if missing.
IdentityParam with IdentityEffectMode.Stores a set of mapping results, produced by one or more translation actions.
Thrown when there is merge conflict which shall be reported
Message type integration event configuration
Management of messages
Maintains a
MessageTemplateDefinitions.This interface allows clients to manipulate message templates.
Helper: checks if given message or text has only variables supported by a template consumer.
Messages related utilities
Confirmation manager for mobile number
Represents an certificate with name
Provides access to the information of the network server.
Notification sending facility.
Management and usage of notifications subsystem (email, sms, ...)
Notification status.
Thrown when attribtue value is null.
Base class of all output profile action instances.
Marker interface of factories producing
OutputTranslationActions, also narrow down returned types.Maintains a simple registry of available
OutputTranslationActionFactoryies.Provides information about partial state of authentication.
Provides access to PKI related stores: credentials, certificates and truststores (validators).
Policy agreements management API
Policy documents management API
Controller making decisions on what to do/show after completed registration.
Preferences management API - allows for storing and retrieving user's preferences,
useful for example for the web endpoints.
Holds information about project invitation.
Base data of project invitation parameter
Internal engine API for project invitations management
Various useful project management related constants
Holds information about project request
Engine API for project update request management
Holds base information about project request
Retrieve translation profile from properties
Defines a Spring Component of prototype scope.
Used in conjunction with attribute syntax
AttributeValueSyntax.publicExposureSpec() implementation.Defines constants and helper methods used to create public form access URI.
Provides servlet which gives access to public well known-links handler.
Authentication realm is a group of endpoints which share the same authentication context:
in the first place login session.
Base class for storing some context information related to external login using a redirect.
Maintains a simple registry of available
RegistrationTranslationActionFactoryies.Base class for states of confirmation process which are bound to a registration request (as opposite
to confirmations associated with an existing user).
Generator for registration translation action
Creates redirect URL which shall be used in certain situations after registration request submission
or confirmation of request's email.
Contains necessary informations used during the confirmation a attribute in
registration request
Contains necessary informations used during the confirmation a identity in
registration request
Registrations support: forms, submissions of requests and their processing.
Base of all actions operating on a contents of a registration request submitted by a prospective user.
Marker interface of the factories producing registration actions.
Base class for storing some context information related to external login using relay state.
Contains information used by remember me functionality
Generic representation of a remotely obtained attribute.
Maintains a map of remote authentication contexts matched by some string key.
Thrown on authentication problem.
This class object is returned by authenticator with information about authentication result.
Process remotely obtained authentication data
(
RedirectedAuthnState), to obtain the final decision.Processes
RemotelyAuthenticatedInput by applying a translation profile to it and
returns RemotelyAuthenticatedPrincipal or AuthenticationResult depending whether
caller wants to have a possibility to postprocess the translation profile output or not.Represents a remote group membership
Represents a remote identity
Generic representation of a remotely obtained information, used for subclassing.
Holds a raw information obtained from an upstream IdP.
Holds information about a user which was obtained and verified by a remote upstream IdP.
Stores full information on the remote sandboxed authentication.
Group membership change request sliced into three groups: unchanged groups, added groups and removed groups
Rest group authorization role with description
Unchecked engine exception, used mainly in scenarios where spring cannot
handle checked exceptions e.g.
Event that provides details of a finished sandbox authentication.
Extended by
SandboxAuthnRouter - contains the code which is interested with results of sandbox authenticationMain sandbox authentication router interface.
Thrown when operation would cause database schema consistency violation.
Holds parsed scripts configuration
UnityServerConfiguration.SCRIPTS.Type of script.
Secured tokens API allows for manipulating generic tokens.
Interface implemented by modules providing server initialization logic, e.g.
Provides access to general maintenance operations.
Internal login sessions management
Callback interface.
Holds information about login session participant (remote IdP or relaying party).
Holds multiple
SessionParticipants.Session attribute updater adding a new SessionParticipant to the session.
Defines an implementation of
SessionParticipant, with factory method.Maintains a simple registry of available
SessionParticipantTypes.Management of the single, shared, internal Unity endpoint, which is not under administrator's control.
Contains code with validity time and mobileNumber related with this code.
This interface is enforced for some types of objects which are instantiated otherwise
and later on configured with some text configuration.
Implementations (must be Spring components) provide additional system attribute types, defined by extensions.
Time related utilities.
Represent facility used for map contents of
Token objects (which is basically an opaque
byte array for the engine) to some meaningful JSON representation, useful especially
when presenting tokens to outside world, e.g.Tokens API allows for manipulating generic tokens.
Receives notifications about expired tokens.
Base for all tokens where contents is storing byte[] serialized JSON.
Signals an error of too many attempts, e.g.
Output of
RegistrationRequest or EnquiryResponse translation with a
corresponding translation profile.Creates
TranslationActionInstances.Minimal base for translation action instance, configured to be executed.
MVEL condition of translation rule.
Internal interface allowing to get included profile parameter from input or output translation action.
Translation input: a complete information about an entity.
Helpers methods for generating translation profiles
This interface allows clients to manipulate translation profiles.
Result of output translation.
Maintains a simple registry of some implementations.
Extends
FilePropertiesHelper with Unity specific methods.Configuration of the Jetty server, baseline for all HTTP based endpoints
Configures disk based truststores and credentials, which are named and can be referenced.
Extends
PropertiesHelper with Unity specific methods: returning localized strings
and caching of UnityPropertiesHelper.getSortedStringKeys(String, boolean) method results.Principal options are defined here: ids and corresponding default values.
Thrown when email value is unknown
Thrown when identity value is invalid.
Thrown on authentication problem, when the user is properly authenticated remotely
but is unknown in the local DB (after a complete translation profile execution).
Counts unsuccessful authentication attempts per client's IP address.
Counts unsuccessful access attempts per client's IP address.
Thrown when a low level problem with read uri occurs.
A helper class for parsing uri from string and validating it against used
schemes
Base class for states of confirmation process which are bound to a user existing in the database (as opposite
to confirmations associated with a registration request).
Allows for manual triggering of user import.
Internal API for triggering user import.
Defines user import to be performed
User import implementation must implement this interface.
Factory of
UserImportSPI.Servlet endpoint instance
Webhook type integration event configuration
Complete information on what to show on the final screen after completed workflow.