PingFederate Server

Extracting models from requests

The next step extracts the model from the request. This step varies depending on whether the request is from the API endpoint. For an API request, call the AuthnApiSupport.deserializeAsModel() method. For a non-API request, you must build the model from the parameters in the request.

private SubmitUserAttributes getSubmittedAttributes(HttpServletRequest req) throws AuthnErrorException, AuthnAdapterException
{
	if (apiSupport.isApiRequest(req))
	{
		try
		{
			return apiSupport.deserializeAsModel(req, SubmitUserAttributes.class);
		}
		catch (IOException e)
		{
			throw new AuthnAdapterException(e);
		}
	}
	else
	{
		SubmitUserAttributes result = new SubmitUserAttributes();
		result.setUsername(req.getParameter("username"));

		for (String key : extendedAttr)
		{
			result.getUserAttributes().put(key, req.getParameter(key));
		}
		return result;
	}
}

The deserializeAsModel() method also does some validation on the incoming JSON. This includes checking for fields flagged as required in the model, using the @Schema annotation. If a validation error occurs during this step, the method throws an AuthnErrorException, which the adapter can convert to an API error response. For more information, see Handling authentication error exceptions.