private final String supporterTicketId;
- public AuthorizationContext(CertificateOwner target, User actor) {
+ private final boolean isStronglyAuthenticated;
+
+ public AuthorizationContext(CertificateOwner target, User actor, boolean isStronglyAuthenticated) {
if (actor == null) {
throw new Error("Internal Error: The actor of an AuthorizationContext must not be null!");
}
this.target = target;
this.actor = actor;
this.supporterTicketId = null;
+ this.isStronglyAuthenticated = isStronglyAuthenticated;
}
public AuthorizationContext(User actor, String supporterTicket) throws GigiApiException {
throw new GigiApiException("requires a supporter");
}
this.supporterTicketId = supporterTicket;
+ this.isStronglyAuthenticated = true;
}
public CertificateOwner getTarget() {
}
public boolean canSupport() {
- return getSupporterTicketId() != null && isInGroup(Group.SUPPORTER);
+ return getSupporterTicketId() != null && isInGroup(Group.SUPPORTER) && isStronglyAuthenticated();
}
private static final SprintfCommand sp = new SprintfCommand("Logged in as {0} via {1}.", Arrays.asList("${username", "${loginMethod"));
}
public boolean canVerify() {
- return target instanceof User && ((User) target).canVerify();
+ return target instanceof User && ((User) target).canVerify() && isStronglyAuthenticated();
+ }
+
+ public boolean isStronglyAuthenticated() {
+ return isStronglyAuthenticated;
}
}