Class OAuth2TokenIntrospectionAuthorizer
java.lang.Object
com.linecorp.armeria.server.auth.AbstractAuthorizerWithHandlers<OAuth2Token>
com.linecorp.armeria.server.auth.oauth2.OAuth2TokenIntrospectionAuthorizer
- All Implemented Interfaces:
Authorizer<OAuth2Token>
@UnstableApi
public final class OAuth2TokenIntrospectionAuthorizer
extends AbstractAuthorizerWithHandlers<OAuth2Token>
Determines whether a given
OAuth2Token
is authorized for the service registered in using OAuth 2.0
Token Introspection. ctx
can be used for storing authorization information about the request for use
in business logic.-
Method Summary
Modifier and TypeMethodDescriptionAuthorization type permitted by this authorizer.Authorizes the givendata
.Returns a newly createdOAuth2TokenIntrospectionAuthorizerBuilder
.An instance ofOAuth2AuthorizationFailureHandler
.Scopes permitted by this authorizer.realm()
An HTTP Realm - a name designating the protected area.Methods inherited from class com.linecorp.armeria.server.auth.AbstractAuthorizerWithHandlers
authorize
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface com.linecorp.armeria.server.auth.Authorizer
orElse
-
Method Details
-
builder
public static OAuth2TokenIntrospectionAuthorizerBuilder builder(WebClient introspectionEndpoint, String introspectionEndpointPath) Returns a newly createdOAuth2TokenIntrospectionAuthorizerBuilder
.- Parameters:
introspectionEndpoint
- AWebClient
to facilitate the Token Introspection request. Must correspond to the Token Introspection endpoint of the OAuth 2.0 system.introspectionEndpointPath
- A URI path that corresponds to the Token Introspection endpoint of the OAuth 2.0 system.
-
permittedScope
Scopes permitted by this authorizer. The authorizer will accept any scope if empty. -
accessTokenType
Authorization type permitted by this authorizer. The authorizer will accept any type if empty. One of the registered HTTP authentication schemes as per HTTP Authentication Scheme Registry. -
realm
An HTTP Realm - a name designating the protected area. OPTIONAL. -
failureHandler
An instance ofOAuth2AuthorizationFailureHandler
. -
authorizeAndSupplyHandlers
public CompletionStage<AuthorizationStatus> authorizeAndSupplyHandlers(ServiceRequestContext ctx, @Nullable @Nullable OAuth2Token data) Description copied from interface:Authorizer
Authorizes the givendata
.- Specified by:
authorizeAndSupplyHandlers
in interfaceAuthorizer<OAuth2Token>
- Specified by:
authorizeAndSupplyHandlers
in classAbstractAuthorizerWithHandlers<OAuth2Token>
- Parameters:
ctx
-ServiceRequestContext
of the request being authorized.data
- an actual authorization data, likeHttpRequest
, token extracted from it ornull
if such authorization data is missing.- Returns:
- a
CompletionStage
that will resolve toAuthorizationStatus
. If the future resolves exceptionally, the request will not be authorized.
-