Package de.captaingoldfish.scim.sdk.server.endpoints.authorize

Interface Authorization

All Known Implementing Classes:
DefaultAuthorization
public interface Authorization
author Pascal Knueppel
created at: 27.11.2019 - 17:05

this interface may be used by the developer to pass authorization information about the user into this framework it will also be delivered into the handler implementations so that a developer is also able to pass arbitrary information's to the own implementation

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final org.slf4j.Logger
    log
     

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    authenticate(Map<String,String> httpHeaders, Map<String,String> queryParams)
    this method can be used to authenticate a user.
    default String
    getClientId()
    this is just a marker for error messages that will be printed into the log for debug purposes to be able to identify the client that tried to do a forbidden action
    Set<String>
    getClientRoles()
     
    default String
    getRealm()
    the current realm for which the authentication should be executed.
    default void
    isAuthorized(ResourceType resourceType, EndpointType endpointType, boolean useOrOnRoles, Set<String> roles, Set<String> defaultRoles)
    checks if the current client is authorized to access the given endpoint
    default void
    isClientAuthorized(ResourceType resourceType, EndpointType endpointType)
    verifies if the client is authorized to access the given endpoint and will throw a forbidden exception

  • Field Details

    • log

      static final org.slf4j.Logger log

  • Method Details

    • getClientId

      default String getClientId()
      this is just a marker for error messages that will be printed into the log for debug purposes to be able to identify the client that tried to do a forbidden action

    • getClientRoles

      Set<String> getClientRoles()
      Returns:
      the roles that an authenticated client possesses

    • isClientAuthorized

      default void isClientAuthorized(ResourceType resourceType, EndpointType endpointType)
      verifies if the client is authorized to access the given endpoint and will throw a forbidden exception
      Parameters:
      resourceType - the resource type that might hold information's about the needed authorization on the given endpoints
      endpointType - the endpoint type the client tries to access

    • isAuthorized

      default void isAuthorized(ResourceType resourceType, EndpointType endpointType, boolean useOrOnRoles, Set<String> roles, Set<String> defaultRoles)
      checks if the current client is authorized to access the given endpoint
      Parameters:
      resourceType - the resource type on which the endpoint is accessed
      endpointType - the method that was called by the client
      roles - the required roles to access the given endpoint

    • authenticate

      boolean authenticate(Map<String,String> httpHeaders, Map<String,String> queryParams)
      this method can be used to authenticate a user. This method is called on a request-base which means that the authentication method is executed once for each request that requires authentication
      Parameters:
      httpHeaders - in case that the authentication details are sent in the http headers
      queryParams - in case that authentication identifier are used in the query
      Returns:
      true if the user / client was successfully be authenticated, false else
      See Also:

    • getRealm

      default String getRealm()
      the current realm for which the authentication should be executed. This value will be present in the WWW-Authenticate response header of the ErrorResponse object if the authentication has failed