if (location.href.indexOf('is-external=true') == -1) { parent.document.; } //-->
allClassesLink = document.getElementById("allclasses_navbar_top"); if(window==top) { allClassesLink.style.display = "block"; } else { allClassesLink.style.display = "none"; } //-->
com.ibm.mfp.java.token.validator
Class TokenValidationManager
- java.lang.Object
- com.ibm.mfp.java.token.validator.TokenValidationManager
public class TokenValidationManager extends java.lang.Object
Implements TokenValidationManager Validates authorization headers (Access Tokens) against the AZ Server's introspection service. Created by Ore Poran on 11/18/15.
Field Summary
Fields Modifier and Type Field and Description static java.lang.String INVALID_TOKEN_ERROR
Constructor Summary
Constructors Constructor and Description TokenValidationManager(java.net.URI authorizationURI, java.lang.String clientId, java.lang.String clientSecret)Constructs a new TokenValidationManager
TokenValidationManager(java.net.URI authorizationURI, java.lang.String clientId, java.lang.String clientSecret, long cacheSize)Constructs a new TokenValidationManager
Method Summary
Methods Modifier and Type Method and Description protected TokenIntrospectionData makeIntrospectionRequest(java.lang.String authorizationHeader) java.util.Map obtainAccessToken(java.lang.String scope)Obtains an access token from the Authorization Server's token endpoint.
TokenValidationResult validate(java.lang.String authorizationHeader)Validates and returns the Introspection Data of the specified authorization header via the Introspection Endpoint of the AZ server
TokenValidationResult validate(java.lang.String authorizationHeader, java.lang.String expectedScope)Validates and returns the Introspection Data of the specified authorization header via the Introspection Endpoint of the AZ server
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Field Detail
INVALID_TOKEN_ERROR
public static final java.lang.String INVALID_TOKEN_ERROR
- See Also:
- Constant Field Values
Constructor Detail
TokenValidationManager
public TokenValidationManager(java.net.URI authorizationURI, java.lang.String clientId, java.lang.String clientSecret, long cacheSize) throws TokenValidationException
Constructs a new TokenValidationManager
- Parameters:
authorizationURI - The URI of the Authorization Server for example http://localhost:/mfp/api
clientId - , The confidential-client clientId of the resourceclientSecret
- , The confidential-client secret of the resourcecacheSize
- , the size of the cached access tokens mapping (default 10000)- Throws:
TokenValidationException
TokenValidationManager
public TokenValidationManager(java.net.URI authorizationURI, java.lang.String clientId, java.lang.String clientSecret) throws TokenValidationException
Constructs a new TokenValidationManager
- Parameters:
authorizationURI - The URI of the Authorization Server for example http://localhost:/mfp/api
clientId - , The confidential-client clientId of the resourceclientSecret
- , The confidential-client secret of the resource- Throws:
TokenValidationException
Method Detail
validate
public TokenValidationResult validate(java.lang.String authorizationHeader, java.lang.String expectedScope) throws TokenValidationException
Validates and returns the Introspection Data of the specified authorization header via the Introspection Endpoint of the AZ server
- Parameters:
authorizationHeader - the authorization header to validateexpectedScope
- the scope to validate this authorization header with- Returns:
- TokenValidationResult object, with the authenticationError and the IntrospectionData
- Throws:
TokenValidationException - in the case of an error connecting to the AZ Server
validate
public TokenValidationResult validate(java.lang.String authorizationHeader) throws TokenValidationException
Validates and returns the Introspection Data of the specified authorization header via the Introspection Endpoint of the AZ server
- Parameters:
authorizationHeader - the authorization header to validate- Returns:
- TokenValidationResult object, with the authenticationError and the IntrospectionData
- Throws:
TokenValidationException - in the case of an error connecting to the AZ Server
obtainAccessToken
public java.util.Map obtainAccessToken(java.lang.String scope) throws TokenValidationException
Obtains an access token from the Authorization Server's token endpoint. The Confidential Client credentials passed to the constructor are used to obtain the token If these credentials don't exist or are not allowed to obtain the given scope, an error is thrown Otherwise the access token map is returned
- Parameters:
scope - the scope to obtain an access token to- Returns:
- a Map holding the access token according to OAuth 2.0 Spec RFC6749
- Throws:
TokenValidationException - if unable to obtain token, its possible this error is thrown if the confidential client of this manager is not allowed to obtain this scope
makeIntrospectionRequest
protected TokenIntrospectionData makeIntrospectionRequest(java.lang.String authorizationHeader) throws TokenValidationException
- Throws:
TokenValidationException
allClassesLink = document.getElementById("allclasses_navbar_bottom"); if(window==top) { allClassesLink.style.display = "block"; } else { allClassesLink.style.display = "none"; } //-->
© Copyright IBM Corp. 2006, 2015. All Rights Reserved.