Package com.sap.cloud.security.servlet

Class AbstractTokenAuthenticator

    • Field Detail

      • httpClient

        protected org.apache.http.impl.client.CloseableHttpClient httpClient

    • Constructor Detail

      • AbstractTokenAuthenticator

        public AbstractTokenAuthenticator()

    • Method Detail

      • withCacheConfiguration

        public AbstractTokenAuthenticator withCacheConfiguration​(CacheConfiguration cacheConfiguration)
        Use to configure the token key cache.
        Parameters:
        cacheConfiguration - the cache configuration
        Returns:
        this authenticator

      • withHttpClient

        public AbstractTokenAuthenticator withHttpClient​(org.apache.http.impl.client.CloseableHttpClient httpClient)
        Use to configure the HttpClient that is used to retrieve token keys or to perform a token-exchange.
        Parameters:
        httpClient - the HttpClient
        Returns:
        this authenticator

      • withServiceConfiguration

        public AbstractTokenAuthenticator withServiceConfiguration​(OAuth2ServiceConfiguration serviceConfiguration)
        Use to override the service configuration used.
        Parameters:
        serviceConfiguration - the service configuration to use
        Returns:
        this authenticator

      • withValidationListener

        public AbstractTokenAuthenticator withValidationListener​(ValidationListener validationListener)
        Adds the validation listener to the jwt validator that is being used by the authenticator to validate the tokens.
        Parameters:
        validationListener - the listener to be added.
        Returns:
        the authenticator instance

      • getServiceConfiguration

        protected abstract OAuth2ServiceConfiguration getServiceConfiguration()
        Return configured service configuration or Environments.getCurrent() if not configured.
        Returns:
        the actual service configuration
        Throws:
        IllegalStateException - in case service configuration is null

      • getOtherServiceConfiguration

        @Nullable
protected abstract OAuth2ServiceConfiguration getOtherServiceConfiguration()
        Return other configured service configurations or null if not configured.
        Returns:
        the other service configuration or null

      • extractFromHeader

        protected abstract Token extractFromHeader​(String authorizationHeader)
        Extracts the Token from the authorization header.
        Parameters:
        authorizationHeader - the value of the 'Authorization' request header
        Returns:
        the Token instance.