Klasse OAuth2TokenManager

java.lang.Object
de.dlr.proseo.api.odip.OAuth2TokenManager

@Component public class OAuth2TokenManager extends Object
Class for managing OAuth2 tokens and to access user information based on OAuth2 tokens
Autor:
Dr. Thomas Bassler
  • Konstruktordetails

    • OAuth2TokenManager

      public OAuth2TokenManager()
  • Methodendetails

    • getUser

      Gets the user information for the given username
      Parameter:
      username - the username (format <mission>\<user>) to check
      Gibt zurück:
      a UserInfo object or null, if no entry for the given username exists
    • getToken

      public OAuth2Response getToken(String grantType, String username, String password, org.springframework.http.HttpHeaders headers, OdipSecurity securityConfig) throws IllegalArgumentException, UnsupportedOperationException, SecurityException
      Retrieves an OAuth2 token based on the provided grant type, username, password, and headers
      Parameter:
      grantType - type of grant requested (value must be set to "password" for "Resource Owner Password Credentials Grant" flow or to "client_credentials" for "Client Credentials Grant" flow as per RFC 6749; REQUIRED)
      username - the ODIP username (as per RFC 6749; REQUIRED for "Resource Owner Password Credentials Grant" flow, must not be set otherwise)
      password - the ODIP password (as per RFC 6749; REQUIRED for "Resource Owner Password Credentials Grant" flow, must not be set otherwise)
      headers - the HTTP request headers (for extraction of the Authentication header)
      Gibt zurück:
      an OAuth2 token grant response
      Löst aus:
      IllegalArgumentException - if the request is missing a required parameter, includes an unsupported parameter value (other than grant type), repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed.
      UnsupportedOperationException - if the authorization grant type is not supported by the ODIP service
      SecurityException - if the authenticated client is not authorized to use this authorization grant type
    • getUserInfoFromToken

      public OAuth2TokenManager.UserInfo getUserInfoFromToken(String token) throws SecurityException
      Analyze a given OAuth2 token (JSON Web Token format) and return the user information associated with the token
      Parameter:
      token - the OAuth2 token to analyze
      Gibt zurück:
      the UserInfo object associated with this token
      Löst aus:
      SecurityException - if the token cannot be associated with a user or is expired