Package io.vertx.ext.web

Interface UserContext

  • public interface UserContext
    A web user is extended user coupled to the context and is used to perform verifications and actions on behalf of the user. Actions can be:
    • refresh() - Require a re-authentication to confirm the user is present
    • impersonate() - Require a re-authentication to switch user identities
    • restore() - De-escalate a previous impersonate call
    • logout() - Logout the user from this application and redirect to a uri
    • clear() - Same as logout, without requirind a redirect

    • Method Detail

      • get

        User get()
        Get the authenticated user (if any). This will usually be injected by an auth handler if authentication if successful.
        Returns:
        the user, or null if the current user is not authenticated.

      • authenticated

        default boolean authenticated()

      • loginHint

        UserContext loginHint​(String loginHint)
        When performing a web identity operation, hint if possible to the identity provider to use the given login.
        Parameters:
        loginHint - the desired login name, for example: admin.
        Returns:
        fluent self

      • refresh

        Future<Void> refresh()
        Forces the current user to re-authenticate. The user will be redirected to the same origin where this call was made. It is important to notice that the redirect will only allow sources originating from a HTTP GET request.
        Returns:
        future result of the operation.

      • refresh

        Future<Void> refresh​(String redirectUri)
        Forces the current user to re-authenticate. The user will be redirected to the given uri. It is important to notice that the redirect will only allow targets using an HTTP GET request.
        Parameters:
        redirectUri - the uri to redirect the user to after the re-authentication.
        Returns:
        future result of the operation.

      • impersonate

        Future<Void> impersonate()
        Impersonates a second identity. The user will be redirected to the same origin where this call was made. It is important to notice that the redirect will only allow sources originating from a HTTP GET request.
        Returns:
        future result of the operation.

      • impersonate

        Future<Void> impersonate​(String redirectUri)
        Impersonates a second identity. The user will be redirected to the given uri. It is important to notice that the redirect will only allow targets using an HTTP GET request.
        Parameters:
        redirectUri - the uri to redirect the user to after the authentication.
        Returns:
        future result of the operation.

      • restore

        Future<Void> restore()
        Undo a previous call to a impersonation. The user will be redirected to the same origin where this call was made. It is important to notice that the redirect will only allow sources originating from a HTTP GET request.
        Returns:
        future result of the operation.

      • restore

        Future<Void> restore​(String redirectUri)
        Undo a previous call to an impersonation. The user will be redirected to the given uri. It is important to notice that the redirect will only allow targets using an HTTP GET request.
        Parameters:
        redirectUri - the uri to redirect the user to after the re-authentication.
        Returns:
        future result of the operation.

      • logout

        Future<Void> logout​(String redirectUri)
        Logout can be called from any route handler which needs to terminate a login session. Invoking logout will remove the User and clear the Session (if any) in the current context. Followed by a redirect to the given uri.
        Parameters:
        redirectUri - the uri to redirect the user to after the logout.
        Returns:
        future result of the operation.

      • logout

        Future<Void> logout()
        Logout can be called from any route handler which needs to terminate a login session. Invoking logout will remove the User and clear the Session (if any) in the current context. Followed by a redirect to /.
        Returns:
        future result of the operation.

      • clear

        void clear()
        Clear can be called from any route handler which needs to terminate a login session. Invoking logout will remove the User and clear the Session (if any) in the current context. Unlike logout() no redirect will be performed.