• Home
• io.quarkus
• quarkus-oidc
• 3.12.0.CR1
• source code
• JavaScriptRequestChecker.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.quarkus.oidc.JavaScriptRequestChecker Maven / Gradle / Ivy

package io.quarkus.oidc;

import io.vertx.ext.web.RoutingContext;

/**
 * JavaScriptRequestChecker can be used to check if the current request was made
 * by JavaScript running inside Single-page application (SPA).
 * 

 * Some OpenId Connect providers may not support CORS in their authorization endpoints.
 * In such cases, SPA needs to avoid using JavaScript for running authorization code flow redirects
 * and instead delegate it to the browser.
 * 

 * If this checker confirms it is a JavaScript request and if authentication challenge redirects are also disabled with
 * 'quarkus.oidc.authentication.java-script-auto-redirect=false' then an HTTP error status `499` will be reported allowing
 * SPA to intercept this error and repeat the last request causing the challenge with the browser API.
 */
public interface JavaScriptRequestChecker {
    /**
     * Check if the current request was made by JavaScript
     *
     * @param context {@link RoutingContext}
     * @return true if the current request was made by JavaScript
     */
    boolean isJavaScriptRequest(RoutingContext context);
}