com.ibm.mfp.java.token.validator

Class TokenValidationManager

  • java.lang.Object
    • com.ibm.mfp.java.token.validator.TokenValidationManager


  • public class TokenValidationManager
    extends java.lang.Object
    Implements TokenValidationManager Validates authorization headers (Access Tokens) against the AZ Server's introspection service. Created by Ore Poran on 11/18/15.
    • Field Summary

      Fields 
      Modifier and Type Field and Description
      static java.lang.String INVALID_TOKEN_ERROR 
    • Constructor Summary

      Constructors 
      Constructor and Description
      TokenValidationManager(java.net.URI authorizationURI, java.lang.String clientId, java.lang.String clientSecret)
      Constructs a new TokenValidationManager
      TokenValidationManager(java.net.URI authorizationURI, java.lang.String clientId, java.lang.String clientSecret, long cacheSize)
      Constructs a new TokenValidationManager
    • Method Summary

      Methods 
      Modifier and Type Method and Description
      protected TokenIntrospectionData makeIntrospectionRequest(java.lang.String authorizationHeader) 
      java.util.Map obtainAccessToken(java.lang.String scope)
      Obtains an access token from the Authorization Server's token endpoint.
      TokenValidationResult validate(java.lang.String authorizationHeader)
      Validates and returns the Introspection Data of the specified authorization header via the Introspection Endpoint of the AZ server
      TokenValidationResult validate(java.lang.String authorizationHeader, java.lang.String expectedScope)
      Validates and returns the Introspection Data of the specified authorization header via the Introspection Endpoint of the AZ server
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • INVALID_TOKEN_ERROR

        public static final java.lang.String INVALID_TOKEN_ERROR
        See Also:
        Constant Field Values
    • Constructor Detail

      • TokenValidationManager

        public TokenValidationManager(java.net.URI authorizationURI,
                              java.lang.String clientId,
                              java.lang.String clientSecret,
                              long cacheSize)
                               throws TokenValidationException
        Constructs a new TokenValidationManager
        Parameters:
        authorizationURI - The URI of the Authorization Server for example http://localhost:/mfp/api
        clientId - , The confidential-client clientId of the resource
        clientSecret - , The confidential-client secret of the resource
        cacheSize - , the size of the cached access tokens mapping (default 10000)
        Throws:
        TokenValidationException
      • TokenValidationManager

        public TokenValidationManager(java.net.URI authorizationURI,
                              java.lang.String clientId,
                              java.lang.String clientSecret)
                               throws TokenValidationException
        Constructs a new TokenValidationManager
        Parameters:
        authorizationURI - The URI of the Authorization Server for example http://localhost:/mfp/api
        clientId - , The confidential-client clientId of the resource
        clientSecret - , The confidential-client secret of the resource
        Throws:
        TokenValidationException
    • Method Detail

      • validate

        public TokenValidationResult validate(java.lang.String authorizationHeader,
                                     java.lang.String expectedScope)
                                       throws TokenValidationException
        Validates and returns the Introspection Data of the specified authorization header via the Introspection Endpoint of the AZ server
        Parameters:
        authorizationHeader - the authorization header to validate
        expectedScope - the scope to validate this authorization header with
        Returns:
        TokenValidationResult object, with the authenticationError and the IntrospectionData
        Throws:
        TokenValidationException - in the case of an error connecting to the AZ Server
      • validate

        public TokenValidationResult validate(java.lang.String authorizationHeader)
                                       throws TokenValidationException
        Validates and returns the Introspection Data of the specified authorization header via the Introspection Endpoint of the AZ server
        Parameters:
        authorizationHeader - the authorization header to validate
        Returns:
        TokenValidationResult object, with the authenticationError and the IntrospectionData
        Throws:
        TokenValidationException - in the case of an error connecting to the AZ Server
      • obtainAccessToken

        public java.util.Map obtainAccessToken(java.lang.String scope)
                                        throws TokenValidationException
        Obtains an access token from the Authorization Server's token endpoint. The Confidential Client credentials passed to the constructor are used to obtain the token If these credentials don't exist or are not allowed to obtain the given scope, an error is thrown Otherwise the access token map is returned
        Parameters:
        scope - the scope to obtain an access token to
        Returns:
        a Map holding the access token according to OAuth 2.0 Spec RFC6749
        Throws:
        TokenValidationException - if unable to obtain token, its possible this error is thrown if the confidential client of this manager is not allowed to obtain this scope
      • makeIntrospectionRequest

        protected TokenIntrospectionData makeIntrospectionRequest(java.lang.String authorizationHeader)
                                                           throws TokenValidationException
        Throws:
        TokenValidationException


© Copyright IBM Corp. 2006, 2015. All Rights Reserved.