Package org.alfresco.repo.security.authentication.identityservice

Class IdentityServiceJITProvisioningHandler

java.lang.Object

org.alfresco.repo.security.authentication.identityservice.IdentityServiceJITProvisioningHandler

public class IdentityServiceJITProvisioningHandler
extends Object

This class handles Just in Time user provisioning. It extracts OIDCUserInfo from the given bearer token and creates a new user if it does not exist in the repository.

Constructor Summary

Constructors

Constructor	Description
IdentityServiceJITProvisioningHandler(IdentityServiceFacade identityServiceFacade, PersonService personService, TransactionService transactionService, IdentityServiceConfig identityServiceConfig)

Method Summary

Modifier and Type	Method	Description
Optional<OIDCUserInfo>	extractUserInfoAndCreateUserIfNeeded(String bearerToken)	Extracts OIDCUserInfo from the given bearer token and creates a new user if it does not exist in the repository.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

IdentityServiceJITProvisioningHandler

public IdentityServiceJITProvisioningHandler(IdentityServiceFacade identityServiceFacade,
 PersonService personService,
 TransactionService transactionService,
 IdentityServiceConfig identityServiceConfig)

Method Details

extractUserInfoAndCreateUserIfNeeded

public Optional<OIDCUserInfo> extractUserInfoAndCreateUserIfNeeded(String bearerToken)

Extracts OIDCUserInfo from the given bearer token and creates a new user if it does not exist in the repository. Call to the UserInfo endpoint is made only if the token does not contain a username claim or if user needs to be created and some of the OIDCUserInfo fields are empty.