Package com.nimbusds.common.oauth2
Interface MasterAccessTokenValidator
-
- All Known Implementing Classes:
BasicAccessTokenValidator
,SHA256BasedAccessTokenValidator
public interface MasterAccessTokenValidator
Master access token validator. Intended for validation of master API access tokens for the Connect2id server and elsewhere.
-
-
Nested Class Summary
Nested Classes Modifier and Type Interface Description static class
MasterAccessTokenValidator.ErrorResponse
Bearer token error response.
-
Field Summary
Fields Modifier and Type Field Description static MasterAccessTokenValidator.ErrorResponse
INVALID_BEARER_TOKEN
Error response: Invalid OAuth 2.0 Bearer access token.static MasterAccessTokenValidator.ErrorResponse
MISSING_BEARER_TOKEN
Error response: Missing OAuth 2.0 Bearer access token.static MasterAccessTokenValidator.ErrorResponse
WEB_API_DISABLED
Error response: Web API disabled.
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Modifier and Type Method Description boolean
accessIsDisabled()
Returnstrue
if access is disabled (no access token configured).static byte[]
computeSHA256(com.nimbusds.oauth2.sdk.token.BearerAccessToken token, byte[] salt)
Computes the SHA-256 hash of the specified Bearer access token.org.apache.logging.log4j.Logger
getLogger()
Gets the optional logger.boolean
isValid(com.nimbusds.oauth2.sdk.token.BearerAccessToken accessToken)
Returnstrue
if the specified bearer access token is valid.void
setLogger(org.apache.logging.log4j.Logger log)
Sets the optional logger.void
validateBearerAccessToken(String authzHeader)
Validates a bearer access token passed in the specified HTTP Authorization header value.boolean
validateBearerAccessToken(javax.servlet.http.HttpServletRequest servletRequest, javax.servlet.http.HttpServletResponse servletResponse)
Validates a bearer access token passed in the specified HTTP servlet request.
-
-
-
Field Detail
-
MISSING_BEARER_TOKEN
static final MasterAccessTokenValidator.ErrorResponse MISSING_BEARER_TOKEN
Error response: Missing OAuth 2.0 Bearer access token.
-
INVALID_BEARER_TOKEN
static final MasterAccessTokenValidator.ErrorResponse INVALID_BEARER_TOKEN
Error response: Invalid OAuth 2.0 Bearer access token.
-
WEB_API_DISABLED
static final MasterAccessTokenValidator.ErrorResponse WEB_API_DISABLED
Error response: Web API disabled.
-
-
Method Detail
-
computeSHA256
static byte[] computeSHA256(com.nimbusds.oauth2.sdk.token.BearerAccessToken token, byte[] salt)
Computes the SHA-256 hash of the specified Bearer access token.- Parameters:
token
- The Bearer access token. Must not benull
.salt
- Optional salt to use,null
if none.- Returns:
- The computed SHA-256 hash.
-
accessIsDisabled
boolean accessIsDisabled()
Returnstrue
if access is disabled (no access token configured).- Returns:
true
if access is disabled, elsefalse
.
-
getLogger
org.apache.logging.log4j.Logger getLogger()
Gets the optional logger.- Returns:
- The logger,
null
if not specified.
-
setLogger
void setLogger(org.apache.logging.log4j.Logger log)
Sets the optional logger.- Parameters:
log
- The logger,null
if not specified.
-
isValid
boolean isValid(com.nimbusds.oauth2.sdk.token.BearerAccessToken accessToken)
Returnstrue
if the specified bearer access token is valid.- Parameters:
accessToken
- The bearer access token to check,null
if not specified.- Returns:
true
if the specified bearer access token is valid, elsefalse
.
-
validateBearerAccessToken
void validateBearerAccessToken(String authzHeader) throws javax.ws.rs.WebApplicationException
Validates a bearer access token passed in the specified HTTP Authorization header value.- Parameters:
authzHeader
- The HTTP Authorization header value,null
if not specified.- Throws:
javax.ws.rs.WebApplicationException
- If the header value isnull
, the web API is disabled, or the Bearer access token is missing or invalid.
-
validateBearerAccessToken
boolean validateBearerAccessToken(javax.servlet.http.HttpServletRequest servletRequest, javax.servlet.http.HttpServletResponse servletResponse) throws IOException
Validates a bearer access token passed in the specified HTTP servlet request.- Parameters:
servletRequest
- The HTTP servlet request. Must not benull
.servletResponse
- The HTTP servlet response. Must not benull
.- Returns:
true
if the bearer access token was successfully validated,false
.- Throws:
IOException
- If the response couldn't be written.
-
-