Package com.sap.cloud.security.token
Class XsuaaToken
- java.lang.Object
-
- com.sap.cloud.security.token.AbstractToken
-
- com.sap.cloud.security.token.XsuaaToken
-
- All Implemented Interfaces:
AccessToken,Token,Serializable
public class XsuaaToken extends AbstractToken implements AccessToken
Decodes and parses encoded access token (JWT) for the Xsuaa identity service and provides access to token header parameters and claims.- See Also:
- Serialized Form
-
-
Field Summary
-
Fields inherited from class com.sap.cloud.security.token.AbstractToken
tokenBody, tokenHeader
-
Fields inherited from interface com.sap.cloud.security.token.Token
DEFAULT_TOKEN_FACTORY, services
-
-
Constructor Summary
Constructors Constructor Description XsuaaToken(DecodedJwt decodedJwt)Creates an instance.XsuaaToken(String accessToken)Creates an instance.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringgetAppTid()StringgetClientId()GrantTypegetGrantType()PrincipalgetPrincipal()Set<String>getScopes()ServicegetService()StringgetSubaccountId()StringgetSubdomain()Returns the value of the subdomain (zdn) from the external attribute ext_attr (ext_attr) claim.StringgetZoneId()booleanhasLocalScope(String scope)Check if a local scope is available in the authentication token.booleanhasScope(String scope)XsuaaTokenwithScopeConverter(ScopeConverter converter)Configures a scope converter, e.g.-
Methods inherited from class com.sap.cloud.security.token.AbstractToken
createPrincipalByName, equals, getClaimAsJsonObject, getClaimAsString, getClaimAsStringList, getClaims, getExpiration, getHeaderParameterAsString, getHeaders, getNotBefore, getTokenValue, hasClaim, hashCode, hasHeaderParameter, isExpired, isXsuaaToken, toString
-
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface com.sap.cloud.security.token.AccessToken
getAttributeFromClaimAsString
-
Methods inherited from interface com.sap.cloud.security.token.Token
getAttributeFromClaimAsStringList, getAudiences, getClaimAsJsonObject, getClaimAsString, getClaimAsStringList, getClaims, getExpiration, getHeaderParameterAsString, getHeaders, getIssuer, getNotBefore, getTokenValue, hasClaim, hasHeaderParameter, isExpired
-
-
-
-
Constructor Detail
-
XsuaaToken
public XsuaaToken(@Nonnull DecodedJwt decodedJwt)
Creates an instance.- Parameters:
decodedJwt- the decoded jwt
-
-
Method Detail
-
withScopeConverter
public XsuaaToken withScopeConverter(@Nullable ScopeConverter converter)
Configures a scope converter, e.g. required for thehasLocalScope(String)- Parameters:
converter- the scope converter, e.g.XsuaaScopeConverter- Returns:
- the token itself
-
getScopes
public Set<String> getScopes()
- Specified by:
getScopesin interfaceAccessToken
-
getPrincipal
public Principal getPrincipal()
- Specified by:
getPrincipalin interfaceToken
-
getService
public Service getService()
- Specified by:
getServicein interfaceToken
-
hasScope
public boolean hasScope(String scope)
- Specified by:
hasScopein interfaceAccessToken
-
hasLocalScope
public boolean hasLocalScope(@Nonnull String scope)
Check if a local scope is available in the authentication token.
Requires aScopeConverterto be configured withwithScopeConverter(ScopeConverter).- Specified by:
hasLocalScopein interfaceAccessToken- Parameters:
scope- name of local scope (without the appId)- Returns:
- true if local scope is available
-
getGrantType
public GrantType getGrantType()
- Specified by:
getGrantTypein interfaceToken
-
getSubdomain
@Nullable public String getSubdomain()
Returns the value of the subdomain (zdn) from the external attribute ext_attr (ext_attr) claim. If the external attribute or the subdomain is missing, it returnsnull.- Returns:
- the subdomain or
null
-
getSubaccountId
public String getSubaccountId()
- Specified by:
getSubaccountIdin interfaceAccessToken
-
getClientId
public String getClientId()
- Specified by:
getClientIdin interfaceToken
-
-