com.sap.cloud.security.servlet

Class AbstractTokenAuthenticator

java.lang.Object

com.sap.cloud.security.servlet.AbstractTokenAuthenticator

All Implemented Interfaces:

TokenAuthenticator

Direct Known Subclasses:

XsuaaTokenAuthenticator

public abstract class AbstractTokenAuthenticator
extends Object
implements TokenAuthenticator

Field Summary

Fields

Modifier and Type	Field and Description
protected org.apache.http.impl.client.CloseableHttpClient	httpClient
protected OAuth2ServiceConfiguration	serviceConfiguration

Constructor Summary

Constructors

Constructor and Description
AbstractTokenAuthenticator()

Method Summary

Modifier and Type	Method and Description
protected TokenAuthenticationResult	authenticated(Token token)
protected abstract Token	extractFromHeader(String authorizationHeader) Extracts the Token from the authorization header.
protected abstract OAuth2ServiceConfiguration	getServiceConfiguration() Return configured service configuration or Environments.getCurrent() if not configured.
TokenAuthenticationResult	validateRequest(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
AbstractTokenAuthenticator	withHttpClient(org.apache.http.impl.client.CloseableHttpClient httpClient)
AbstractTokenAuthenticator	withServiceConfiguration(OAuth2ServiceConfiguration serviceConfiguration)
AbstractTokenAuthenticator	withValidationListener(ValidationListener validationListener) Adds the validation listener to the jwt validator that is being used by the authenticator to validate the tokens.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

httpClient

protected org.apache.http.impl.client.CloseableHttpClient httpClient

serviceConfiguration

protected OAuth2ServiceConfiguration serviceConfiguration

Constructor Detail

AbstractTokenAuthenticator

public AbstractTokenAuthenticator()

Method Detail

validateRequest

public TokenAuthenticationResult validateRequest(javax.servlet.ServletRequest request,
                                                 javax.servlet.ServletResponse response)

Specified by:

validateRequest in interface TokenAuthenticator

withHttpClient

public AbstractTokenAuthenticator withHttpClient(org.apache.http.impl.client.CloseableHttpClient httpClient)

withServiceConfiguration

public AbstractTokenAuthenticator withServiceConfiguration(OAuth2ServiceConfiguration serviceConfiguration)

withValidationListener

public AbstractTokenAuthenticator withValidationListener(ValidationListener validationListener)

Adds the validation listener to the jwt validator that is being used by the authenticator to validate the tokens.

Parameters:

validationListener - the listener to be added.

Returns:

the authenticator instance

getServiceConfiguration

protected abstract OAuth2ServiceConfiguration getServiceConfiguration()

Return configured service configuration or Environments.getCurrent() if not configured.

Returns:

the actual service configuration

Throws:

IllegalStateException - in case service configuration is null

extractFromHeader

protected abstract Token extractFromHeader(String authorizationHeader)

Extracts the Token from the authorization header.

Parameters:

authorizationHeader - the value of the 'Authorization' request header

Returns:

the Token instance.

authenticated

protected TokenAuthenticationResult authenticated(Token token)