The next step extracts the model from the request. This step varies depending on whether
the request is from the API endpoint. For an API request, call the
AuthnApiSupport.deserializeAsModel()
method. For a non-API request, you
must build the model from the parameters in the request.
private SubmitUserAttributes getSubmittedAttributes(HttpServletRequest req) throws AuthnErrorException, AuthnAdapterException
{
if (apiSupport.isApiRequest(req))
{
try
{
return apiSupport.deserializeAsModel(req, SubmitUserAttributes.class);
}
catch (IOException e)
{
throw new AuthnAdapterException(e);
}
}
else
{
SubmitUserAttributes result = new SubmitUserAttributes();
result.setUsername(req.getParameter("username"));
for (String key : extendedAttr)
{
result.getUserAttributes().put(key, req.getParameter(key));
}
return result;
}
}
The deserializeAsModel()
method also does some validation on the incoming
JSON. This includes checking for fields flagged as required
in the
model, using the @Schema annotation. If a validation error occurs during this step, the
method throws an AuthnErrorException
, which the adapter can convert to
an API error response. For more information, see Handling authentication error exceptions.