How to implement custom authentication provider for IDP in CUBA 6.9.5

We just upgraded to CUBA 6.9.5 and notice the class IdpAuthProvider has been deprecated and some methods and constants were removed.
we have a custom external AuthenticationProviderClass which extends IdpAuthProvider .
i have followed the document to add sevlet/mapping/filter in the web.xml.
and add cuba.web.idp.enabled = true in web-app.properties.
How should we implement the custom AuthenticationProvider?

our codes snippet:

public class CipIdpAuthProvider extends IdpAuthProvider {
    private final Logger log = LoggerFactory.getLogger(CipIdpAuthProvider.class);

    /**
     * 默认token超时时间
     */
    private final static Integer SCREEN_LINK_OPEN_DEFAULT_MAX_AGE = 60;

    private final static String SCREEN_LINK_OPEN_FORM_KEY = "screenLinkOpen";

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
 .....
        String idpBaseURL = webAuthConfig.getIdpBaseURL();  //this method is not there
...................
       
        String screenLinkOpenAttr = "screenLinkOpen";
        if (httpRequest.getParameter(screenLinkOpenAttr)!=null) {
            Cookie cookie = new Cookie(screenLinkOpenAttr , httpRequest.getParameter(screenLinkOpenAttr));
            if (AppContext.getProperty("cip.screenLinkOpen.maxAge") != null) {
                cookie.setMaxAge(Integer.valueOf(AppContext.getProperty("cip.screenLinkOpen.maxAge")));
            } else {
                cookie.setMaxAge(Integer.valueOf(SCREEN_LINK_OPEN_DEFAULT_MAX_AGE));
            }
            cookie.setPath("/");
            httpResponse.addCookie(cookie);
        }

        HttpSession session = httpRequest.getSession(true);

        if (httpRequest.getParameter("idp_ticket")==null) {
        
//            String queryString = httpRequest.getRequestURL()+"?"+httpRequest.getQueryString();
            StringBuilder queryURL = new StringBuilder(httpRequest.getRequestURL());
            Optional.ofNullable(httpRequest.getQueryString()).map(str -> queryURL.append("?").append(str));
            session.setAttribute("requestURL", queryURL.toString());
        } else if (session.getAttribute("requestURL")==null){
            String queryString = httpRequest.getRequestURL() + "?"+ httpRequest.getQueryString().replaceAll("&*idp_ticket=[^&]*", "");
            session.setAttribute("requestURL",queryString);
        }
////IDP_SESSION_LOCK_ATTRIBUTE is not there
        Lock sessionLock = (Lock) session.getAttribute(IDP_SESSION_LOCK_ATTRIBUTE);
        if (sessionLock == null) {
            sessionCheckLock.lock();
            try {
                sessionLock = (Lock) session.getAttribute(IDP_SESSION_LOCK_ATTRIBUTE);
1 Like

Hi, could you please format your post with code blocks ?

Hi Yuriy,

Thanks for the reply. but the code blocks format itself.
i am uploading the whole file.
the question here is how to implement a custom authentication provider in CUBA 6.9.5.
previously we can extend IdpAuthProvider but that class is deprecated and some methods and constants in it have been removed.

CipIdpAuthProvider.java (7.4 KB)

Please, look closer, your code is not formatted. Use triple back quot and format them or use additional 4 spaces from the left for each code line.

i have uploaded the whole java file in my reply. could you please check the file directly?

IdpAuthProvider still works, but you should extend IdpLoginLifecycleManager or IdpLoginHttpRequestFilter.

IdpLoginHttpRequestFilter works as HTTP filter, while IdpLoginLifecycleManager performs login in the context of web UI using application events.

Much appreciated.
IdpLoginHttpRequestFilter fits perfectly