MasterAccessTokenValidator
@ThreadSafe public class SHA256BasedAccessTokenValidator extends Object
MasterAccessTokenValidator.ErrorResponse
Modifier and Type | Field | Description |
---|---|---|
protected List<byte[]> |
expectedTokenHashes |
The expected access token hashes, empty list if access to the web
API is disabled.
|
protected byte[] |
hashSalt |
Optional salt for computing the SHA-256 hashes.
|
protected org.apache.logging.log4j.Logger |
log |
Optional logger.
|
static int |
MIN_TOKEN_LENGTH |
The minimum acceptable access token length.
|
INVALID_BEARER_TOKEN, MISSING_BEARER_TOKEN, WEB_API_DISABLED
Constructor | Description |
---|---|
SHA256BasedAccessTokenValidator(String tokenHash) |
Creates a new basic access token validator.
|
SHA256BasedAccessTokenValidator(String... tokenHashes) |
Creates a new basic access token validator.
|
Modifier and Type | Method | Description |
---|---|---|
boolean |
accessIsDisabled() |
Returns
true if access is disabled (no access token
configured). |
org.apache.logging.log4j.Logger |
getLogger() |
Gets the optional logger.
|
boolean |
isValid(com.nimbusds.oauth2.sdk.token.BearerAccessToken accessToken) |
Returns
true if the specified bearer access token is valid. |
void |
setLogger(org.apache.logging.log4j.Logger log) |
Sets the optional logger.
|
void |
validateBearerAccessToken(String authzHeader) |
Validates a bearer access token passed in the specified HTTP
Authorization header value.
|
boolean |
validateBearerAccessToken(javax.servlet.http.HttpServletRequest servletRequest,
javax.servlet.http.HttpServletResponse servletResponse) |
Validates a bearer access token passed in the specified HTTP servlet
request.
|
public static final int MIN_TOKEN_LENGTH
protected final List<byte[]> expectedTokenHashes
protected byte[] hashSalt
protected org.apache.logging.log4j.Logger log
public SHA256BasedAccessTokenValidator(String tokenHash)
tokenHash
- The Bearer access token SHA-256 hash (in hex). If
null
access to the web API will be
disabled.public SHA256BasedAccessTokenValidator(String... tokenHashes)
tokenHashes
- The Bearer access token SHA-256 hashes (in hex).
If null
access to the web API will be
disabled.public void validateBearerAccessToken(String authzHeader) throws javax.ws.rs.WebApplicationException
MasterAccessTokenValidator
authzHeader
- The HTTP Authorization header value, null
if not specified.javax.ws.rs.WebApplicationException
- If the header value is null
,
the web API is disabled, or the
Bearer access token is missing or
invalid.public boolean validateBearerAccessToken(javax.servlet.http.HttpServletRequest servletRequest, javax.servlet.http.HttpServletResponse servletResponse) throws IOException
MasterAccessTokenValidator
servletRequest
- The HTTP servlet request. Must not be
null
.servletResponse
- The HTTP servlet response. Must not be
null
.true
if the bearer access token was successfully
validated, false
.IOException
- If the response couldn't be written.public boolean accessIsDisabled()
MasterAccessTokenValidator
true
if access is disabled (no access token
configured).accessIsDisabled
in interface MasterAccessTokenValidator
true
if access is disabled, else false
.public boolean isValid(com.nimbusds.oauth2.sdk.token.BearerAccessToken accessToken)
MasterAccessTokenValidator
true
if the specified bearer access token is valid.isValid
in interface MasterAccessTokenValidator
accessToken
- The bearer access token to check, null
if
not specified.true
if the specified bearer access token is valid,
else false
.public org.apache.logging.log4j.Logger getLogger()
MasterAccessTokenValidator
getLogger
in interface MasterAccessTokenValidator
null
if not specified.public void setLogger(org.apache.logging.log4j.Logger log)
MasterAccessTokenValidator
setLogger
in interface MasterAccessTokenValidator
log
- The logger, null
if not specified.Copyright © 2018 Connect2id. All rights reserved.