Package com.cedarpolicy.model

Class AuthorizationRequest

java.lang.Object

com.cedarpolicy.model.AuthorizationRequest

public class AuthorizationRequest
extends Object

An authorization request consists of a principal, action, and resource as well as a context mapping strings to Cedar values. When evaluating the request against a slice, the authorization engine determines if the policies allow for the given principal to perform the given action against the given resource.

An optional schema can be provided, but will not be used for validation unless you call validate(). The schema is provided to allow parsing Entities from JSON without escape sequences (in general, you don't need to worry about this if you construct your entities via the EntityUID class).

Field Summary

Fields

Modifier and Type	Field	Description
final String	actionEUID	EUID of the action in the request.
final Optional<Map<String,Value>>	context	Key/Value map representing the context of the request.
final Optional<String>	principalEUID	EUID of the principal in the request.
final Optional<String>	resourceEUID	EUID of the resource in the request.
final Optional<Schema>	schema	JSON object representing the Schema.

Constructor Summary

Constructors

Constructor	Description
AuthorizationRequest(String principalEUID, String actionEUID, String resourceEUID, Map<String,Value> context)	Create a request in the empty context.
AuthorizationRequest(Optional<String> principalEUID, String actionEUID, Optional<String> resourceEUID, Optional<Map<String,Value>> context, Optional<Schema> schema)	Create an authorization request from the EUIDs and Context.

Method Summary

Modifier and Type	Method	Description
String	toString()	Readable string representation.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Details

principalEUID

public final Optional<String> principalEUID

EUID of the principal in the request.

actionEUID

public final String actionEUID

EUID of the action in the request.

resourceEUID

public final Optional<String> resourceEUID

EUID of the resource in the request.

context

public final Optional<Map<String,Value>> context

Key/Value map representing the context of the request.

schema

public final Optional<Schema> schema

JSON object representing the Schema.

Constructor Details

AuthorizationRequest

public AuthorizationRequest(Optional<String> principalEUID,
 String actionEUID,
 Optional<String> resourceEUID,
 Optional<Map<String,Value>> context,
 Optional<Schema> schema)

Create an authorization request from the EUIDs and Context.

Parameters:

principalEUID - Principal's EUID.

actionEUID - Action's EUID.

resourceEUID - Resource's EUID.

context - Key/Value context.

schema - Schema (optional).

AuthorizationRequest

public AuthorizationRequest(String principalEUID,
 String actionEUID,
 String resourceEUID,
 Map<String,Value> context)

Create a request in the empty context.

Parameters:

principalEUID - Principal's EUID.

actionEUID - Action's EUID.

resourceEUID - Resource's EUID.

context - Key/Value context.

Method Details

toString

public String toString()

Readable string representation.

Overrides:

toString in class Object