主权项 |
1. A method for managing authentication flows within an access manager that protects access a resource, the method comprising:
receiving, at one or more computer systems, information indicative of an occurrence of a predetermined event in an authentication flow that generates a valid session when an entity has access to the resource; determining, with one or more processors associated with the one or more computer systems, which authentication plugin to a master authentication flow controller of the access manager is to handle the predetermined event in the authentication flow; generating, with one or more processors associated with the one or more computer systems, an authentication context at the master flow controller in response to an instruction from the determined authentication plugin, the authentication context of the master flow controller having first authentication information that forms part of the valid session; initiating, with the one or more processors associated with the one or more computer systems, a branch an authentication context at the master flow controller in response to an instruction from the determined authentication plugin, the authentication context of the master flow controller having first authentication information that forms part of the valid session; generating, with the one or more processors associated with the one or more computer systems, an authentication context at the determined authentication plugin, the authentication context having second authentication information that forms part of the valid session; merging, with the one or more processors associated with the one or more computer systems, the second authentication information into the authentication context at the master authentication flow controller; and resuming, with the one or more processors associated with the one or more computer systems, the authentication flow using the second authentication information merged into the authentication context at the master authentication flow controller with the first authentication information. |