Class Identity
The identity is the result of an authentication process. Although the most common authentication method (password authentication) only returns a user name, other methods (such as OAuth, client SSL certificates, or an authentication reverse proxy server) may return more information.
At the very least, the user is identified using a unique ID, and it optionally also contains name and email address information.
-
Field Summary
-
Constructor Summary
-
Method Summary
-
Field Details
-
Invalid
An invalid identity constant.This is an identity that is not
isValid()
. -
LoginName
The login name identity.This is a provider name for the (usually user-controlled) identity, used for example for password-based authentication.
- See Also:
-
MultiFactor
The default multi-factor identity.This is the name used for the default implementation of JWt for MFA. While the actual implementation of any additional factor can be changed, the default implementation (using TOTP), will use this identity name.
It will dictate what the identity entry in the database will be called. Which stores the TOTP secret key in the database.
Note: This entry is not encrypted or obfuscated in any way.
- See Also:
-
-
Constructor Details
-
Identity
public Identity()Default constructor.Creates an invalid identity.
-
Identity
Constructor.
-
-
Method Details
-
isValid
public boolean isValid()Returns whether the identity is valid.An invalid identity is used to indicate for example that no identity information could be obtained.
-
getProvider
Returns the provider name.This is a unique id that names the source for this identity (e.g. "google-oauth", or "LDAP", or "user" (for a user-chosen identity).
-
getId
Returns the id.Returns a unique identifier for the user within the scope of this provider.
-
getName
Returns the name.Returns the user's name, or an empty string if not provided.
-
getEmail
Returns an email address.Returns the user's email address, or an empty string if not provided.
- See Also:
-
isEmailVerified
public boolean isEmailVerified()Returns whether the email address has been verified.The third party provider may be able to guarantee that the user indeed also control's the given email address (e.g. because the third party hosts that email account for the user).
- See Also:
-