Package de.dlr.proseo.api.odip

Klasse OAuth2TokenManager

java.lang.Object

de.dlr.proseo.api.odip.OAuth2TokenManager

@Component
public class OAuth2TokenManager
extends Object

Class for managing OAuth2 tokens and to access user information based on OAuth2 tokens

Autor:

Dr. Thomas Bassler

Verschachtelte Klassen - Übersicht

Verschachtelte Klassen

Modifizierer und Typ	Klasse	Beschreibung
static class	OAuth2TokenManager.UserInfo	Information about a user including cached password for authentication with prosEO backend services and authorities to determine access rights to order and workflow classes depending on their visibility

Konstruktorübersicht

Konstruktoren

Konstruktor	Beschreibung
OAuth2TokenManager()

Methodenübersicht

Modifizierer und Typ	Methode	Beschreibung
OAuth2Response	getToken(String grantType, String username, String password, org.springframework.http.HttpHeaders headers)	Retrieves an OAuth2 token based on the provided grant type, username, password, and headers
(Package privat) OAuth2TokenManager.UserInfo	getUser(String username)	Gets the user information for the given username
OAuth2TokenManager.UserInfo	getUserInfoFromToken(String token)	Analyze a given OAuth2 token (JSON Web Token format) and return the user information associated with the token

Von Klasse geerbte Methoden java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Konstruktordetails

OAuth2TokenManager

public OAuth2TokenManager()

Methodendetails

getUser

OAuth2TokenManager.UserInfo getUser(String username)

Gets the user information for the given username

Parameter:

username - the username (format <mission>\<user>) to check

Gibt zurück:

a UserInfo object or null, if no entry for the given username exists

getToken

public OAuth2Response getToken(String grantType,
 String username,
 String password,
 org.springframework.http.HttpHeaders headers)
                        throws IllegalArgumentException,
UnsupportedOperationException,
SecurityException

Retrieves an OAuth2 token based on the provided grant type, username, password, and headers

Parameter:

grantType - type of grant requested (value must be set to "password" for "Resource Owner Password Credentials Grant" flow or to "client_credentials" for "Client Credentials Grant" flow as per RFC 6749; REQUIRED)

username - the ODIP username (as per RFC 6749; REQUIRED for "Resource Owner Password Credentials Grant" flow, must not be set otherwise)

password - the ODIP password (as per RFC 6749; REQUIRED for "Resource Owner Password Credentials Grant" flow, must not be set otherwise)

headers - the HTTP request headers (for extraction of the Authentication header)

Gibt zurück:

an OAuth2 token grant response

Löst aus:

IllegalArgumentException - if the request is missing a required parameter, includes an unsupported parameter value (other than grant type), repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed.

UnsupportedOperationException - if the authorization grant type is not supported by the ODIP service

SecurityException - if the authenticated client is not authorized to use this authorization grant type

getUserInfoFromToken

public OAuth2TokenManager.UserInfo getUserInfoFromToken(String token)
                                                 throws SecurityException

Analyze a given OAuth2 token (JSON Web Token format) and return the user information associated with the token

Parameter:

token - the OAuth2 token to analyze

Gibt zurück:

the UserInfo object associated with this token

Löst aus:

SecurityException - if the token cannot be associated with a user or is expired