Package net.devh.boot.grpc.server.security.authentication

Interface GrpcAuthenticationReader

All Known Implementing Classes:
AnonymousAuthenticationReader, BasicGrpcAuthenticationReader, BearerAuthenticationReader, CompositeGrpcAuthenticationReader, SSLContextGrpcAuthenticationReader
Functional Interface:
This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.
@FunctionalInterface public interface GrpcAuthenticationReader
Reads the authentication data from the given ServerCall and Metadata. The returned Authentication is not yet validated and needs to be passed to an AuthenticationManager.

This is similar to the org.springframework.security.web.authentication.AuthenticationConverter.

Note: The authentication manager needs a corresponding AuthenticationProvider to actually verify the Authentication.

  • Method Details

    • readAuthentication

      @Nullable Authentication readAuthentication(ServerCall<?,?> call, Metadata headers) throws AuthenticationException
      Tries to read the Authentication information from the given call and metadata.

      Note: Implementations are free to throw an AuthenticationException if no credentials could be found in the call. If an exception is thrown by an implementation then the authentication attempt should be considered as failed and no subsequent GrpcAuthenticationReaders should be called. Additionally, the call will fail as Status.UNAUTHENTICATED. If the call instead returns null, then the call processing will proceed unauthenticated.

      Parameters:
      call - The call to get that send the request.
      headers - The metadata/headers as sent by the client.
      Returns:
      The authentication object or null if no authentication is present.
      Throws:
      AuthenticationException - If the authentication details are malformed or incomplete and thus the authentication attempt should be aborted.