Interface Authorization
-
- All Known Implementing Classes:
DefaultAuthorization
public interface Authorizationauthor Pascal Knueppel
created at: 27.11.2019 - 17:05
this interface may be used by the developer to pass authorization information about the user into this framework it will also be delivered into the handler implementations so that a developer is also able to pass arbitrary information's to the own implementation
-
-
Field Summary
Fields Modifier and Type Field Description static org.slf4j.Loggerlog
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description default booleanauthenticate(Map<String,String> httpHeaders, Map<String,String> queryParams)this method can be used to authenticate a user.default StringgetClientId()this is just a marker for error messages that will be printed into the log for debug purposes to be able to identify the client that tried to do a forbidden actionSet<String>getClientRoles()default StringgetRealm()the current realm for which the authentication should be executed.default voidisAuthorized(ResourceType resourceType, EndpointType endpointType, Set<String> roles, Set<String> defaultRoles)checks if the current client is authorized to access the given endpointdefault voidisClientAuthorized(ResourceType resourceType, EndpointType endpointType)verifies if the client is authorized to access the given endpoint and will throw a forbidden except
-
-
-
Method Detail
-
getClientId
default String getClientId()
this is just a marker for error messages that will be printed into the log for debug purposes to be able to identify the client that tried to do a forbidden action
-
getClientRoles
Set<String> getClientRoles()
- Returns:
- the roles that an authenticated client possesses
-
isClientAuthorized
default void isClientAuthorized(ResourceType resourceType, EndpointType endpointType)
verifies if the client is authorized to access the given endpoint and will throw a forbidden except- Parameters:
resourceType- the resource type that might hold information's about the needed authorization on the given endpointsendpointType- the endpoint type the client tries to access
-
isAuthorized
default void isAuthorized(ResourceType resourceType, EndpointType endpointType, Set<String> roles, Set<String> defaultRoles)
checks if the current client is authorized to access the given endpoint- Parameters:
resourceType- the resource type on which the endpoint is accessedendpointType- the method that was called by the clientroles- the required roles to access the given endpoint
-
authenticate
default boolean authenticate(Map<String,String> httpHeaders, Map<String,String> queryParams)
this method can be used to authenticate a user. This method is called on a request-base which means that the authentication method is executed once for each request that requires authentication- Parameters:
httpHeaders- in case that the authentication details are sent in the http headersqueryParams- in case that authentication identifier are used in the query- Returns:
- true if the user / client was successfully be authenticated, false else
- See Also:
- https://github.com/Captain-P-Goldfish/SCIM-SDK/wiki/Authentication-and-Authorization#authentication
-
getRealm
default String getRealm()
the current realm for which the authentication should be executed. This value will be present in the WWW-Authenticate response header of theErrorResponseobject if the authentication has failed
-
-