external-idp/com.pingidentity.idp.journey/IdpCallback

IdpCallback

class IdpCallback : AbstractCallback, JourneyAware, RequestInterceptor

Callback that handles authentication via external Identity Providers (IdPs).

This callback is responsible for processing authentication through third-party identity providers such as Google, Facebook, and Apple. It receives configuration parameters from the authentication server and uses the appropriate IdpHandler to complete the authentication flow.

The callback implements:

Constructors

Link copied to clipboard
constructor()

Properties

Link copied to clipboard
var acrValues: <Error class: unknown class>

Authentication Context Class References values. These can be used to request specific authentication methods or levels of assurance.

Link copied to clipboard
var clientId: String

The client ID to use when authenticating with the external identity provider. This is typically provided by the authentication server based on configured integrations with external providers.

Link copied to clipboard
open override var intercept: FlowContext.(HttpRequest) -> HttpRequest

Intercepts and modifies the request that will be sent to the authentication server. Adds any additional parameters received from the external identity provider.

Link copied to clipboard
open lateinit override var journey: <Error class: unknown class>

Reference to the parent journey. Required by the JourneyAware interface.

Link copied to clipboard
var nonce: String

A random string used to mitigate CSRF attacks in OAuth flows. This value is validated when processing the authentication response.

Link copied to clipboard
var provider: String

The external identity provider identifier (e.g., "google", "facebook", "apple"). This value is received from the server and determines which IdpHandler to use.

Link copied to clipboard
var redirectUri: String

The URI where the IdP should redirect after authentication. Used when configuring the external identity provider authentication flow.

Link copied to clipboard
var request: String

The JWT request object to be passed to the authorization server. Used in some OAuth/OIDC advanced flows.

Link copied to clipboard
var requestUri: String

A URI that points to a JWT request object. Used as an alternative to the request parameter in some OAuth/OIDC flows.

Link copied to clipboard
var scopes: <Error class: unknown class>

The OAuth scopes to request from the external identity provider. These determine what information and permissions are requested from the user.

Functions

Link copied to clipboard
suspend fun authorize(redirectUri: Uri = "".toUri(), idpHandler: IdpHandler? = getIdpHandler(redirectUri)): Result<IdpResult>

Initiates the authentication flow with the external identity provider.

Link copied to clipboard
protected open override fun init(name: String, value: JsonElement)

Initializes the callback with data from the authentication server.

Link copied to clipboard
open override fun payload(): JsonObject

Generates a JSON object payload to be sent back to the authentication server. This payload includes the token received from the external identity provider.