/**
* Authenticates the incoming request message by calling each {@code AsyncServerAuthModule} in
* order until an auth module returns an {@code AuthStatus} value other than {@code SEND_FAILURE},
* or returns an {@code AuthenticationException} or the end of the module list is reached.
*
* <p>If the end of the module list is reached then an {@code AuthStatus} value of {@code
* SEND_FAILURE} is returned.
*
* @param context {@inheritDoc}
* @param clientSubject {@inheritDoc}
* @param serviceSubject {@inheritDoc}
* @return {@inheritDoc}
*/
@Override
public Promise<AuthStatus, AuthenticationException> validateRequest(
MessageContext context, Subject clientSubject, Subject serviceSubject) {
FallbackAuthContextState state = context.getState(this);
return new FallbackChain(logger, authModules, 0, state)
.validateRequest(context, clientSubject, serviceSubject);
}
/**
* Secures the response message using the same {@code AsyncServerAuthModule} that authenticated
* the incoming request message.
*
* <p>If no {@code AsyncServerAuthModule} authenticated the incoming request message, then this
* method should not have been called and a failed promise will be return with an {@code
* AuthenticationException}.
*
* @param context {@inheritDoc}
* @param serviceSubject {@inheritDoc}
* @return {@inheritDoc}
*/
@Override
public Promise<AuthStatus, AuthenticationException> secureResponse(
MessageContext context, Subject serviceSubject) {
FallbackAuthContextState state = context.getState(this);
if (state.getAuthenticatedAuthModuleIndex() < 0) {
return Promises.newExceptionPromise(
new AuthenticationException(
"No auth module authenticated the incoming request message. "
+ "Cannot secure response message."));
}
AsyncServerAuthModule authModule = authModules.get(state.getAuthenticatedAuthModuleIndex());
logger.debug(
"Using authenticating auth module from private context map, {}, to secure the response",
authModule.getModuleId());
return authModule.secureResponse(context, serviceSubject);
}