Interface SsoApi


  • @Path("/_matrix/client/r0/login/sso")
    public interface SsoApi
    Single Sign-On (SSO) is a generic term which refers to protocols which allow users to log into applications via a single web-based authentication portal. Examples include "Central Authentication Service" (CAS) and SAML.
    An overview of the process, as used in Matrix, is as follows:
    • The Matrix client instructs the user's browser to navigate to the /login/sso/redirect endpoint on the user's homeserver.
    • The homeserver responds with an HTTP redirect to the CAS user interface, which the browser follows.
    • The SSO system authenticates the user.
    • The SSO server responds to the user's browser with a redirect back to the /login/cas/ticket endpoint on the homeserver, which the browser follows. A 'ticket' identifier is passed as a query parameter in the redirect.
    • The homeserver receives the ticket ID from the user's browser, and makes a request to the SSO server to validate the ticket.
    • Having validated the ticket, the homeserver responds to the browser with a third HTTP redirect, back to the Matrix client application. A login token is passed as a query parameter in the redirect.
    • The Matrix client receives the login token and passes it to the /login API.
    • Method Summary

      Modifier and Type Method Description
      void redirect​(String redirectUrl, javax.ws.rs.core.UriInfo uriInfo, javax.ws.rs.core.HttpHeaders httpHeaders, javax.ws.rs.container.AsyncResponse asyncResponse)
      A web-based Matrix client should instruct the user's browser to navigate to this endpoint in order to log in via CAS.
    • Method Detail

      • redirect

        @GET
        @Path("/redirect")
        void redirect​(@QueryParam("redirectUrl")
                      String redirectUrl,
                      @Context
                      javax.ws.rs.core.UriInfo uriInfo,
                      @Context
                      javax.ws.rs.core.HttpHeaders httpHeaders,
                      @Suspended
                      javax.ws.rs.container.AsyncResponse asyncResponse)
        A web-based Matrix client should instruct the user's browser to navigate to this endpoint in order to log in via CAS.
        The server MUST respond with an HTTP redirect to the SSO interface.
        Return: EmptyResponse. A redirect to the SSO interface.
        Parameters:
        redirectUrl - Required. URI to which the user will be redirected after the homeserver has authenticated the user with CAS.
        uriInfo - Request Information.
        httpHeaders - Http headers.
        asyncResponse - Asynchronous response.