Skip to content

Mfa in steps #17702

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 12 commits into from
Closed

Mfa in steps #17702

wants to merge 12 commits into from
+1,292 −44

Conversation

jzheaux
Copy link
Contributor

@jzheaux jzheaux commented Aug 13, 2025

No description provided.

jzheaux added 12 commits August 12, 2025 17:10
@jzheaux
Support AuthenticationManager Post-Processing
179f7f8 
Oftentimes, a filter has its own authentication manager or it
has something specific that it needs to do regarding authentication
that is independent of a shared authentication manager.

Allowing the authentication manager to be post-processed allows
an application to apply authentication-mechanism-specific
post-processing to the authentication request and result.
@jzheaux
Support Updating Authorities
b235c45 
There are a number of scenarios where it's desireable to update the
authorities in an authentication after identity has already been established.

For example, if a second factor is required or if temporary
authorization is needed for a given page, these likely won't
update the principal; they simply need to add more authorities
to the existing authentication.
@jzheaux
Add PostAuthenticationEntryPoint
8273772 
This is a handy implementation that allows an entry point to
operate differently when there is already a known user in
context. In some cases, it is not desireable to show the
end user another form and ask them for their username when
we already know it, for example.
@jzheaux
Add Authorization-Requesting AccessDeniedHandler
dab32cb 
When access is denied, if we have a way to obtain the missing
authorities, this class allows that way to be specified.
@jzheaux
Support Requiring All Authorities
574318b 
This update allows AuthoritiesAuthorizationManager to operate
in either and or or mode, given a list of authorities.
@jzheaux
Add MfaConfigurer
9027409 
A configurer that extends the ability of any authentication configurer
to participate as an additional authentication factor
@jzheaux
Add MFA to Existing Authentication Mechanisms
5c2a977
@jzheaux
Add Expirable Authorities
cdcb38f 
Allowing individual authorities to expire offers enormous flexibility
as far as granting authorities that need to be renewed independently
from logging in.
@jzheaux
Support expiring authorities in DSL
1ef141e
@jzheaux
Add Simple Tests
293553c
@jzheaux
Add Sample Doc
e641403
@jzheaux
Polish AuthoritiesGranter
c33acc0
@jzheaux jzheaux closed this Aug 13, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jzheaux