Package com.nimbusds.common.oauth2

Interface MasterAccessTokenValidator

    • Method Detail

      • computeSHA256

        static byte[] computeSHA256​(com.nimbusds.oauth2.sdk.token.BearerAccessToken token,
                            byte[] salt)
        Computes the SHA-256 hash of the specified Bearer access token.
        Parameters:
        token - The Bearer access token. Must not be null.
        salt - Optional salt to use, null if none.
        Returns:
        The computed SHA-256 hash.

      • accessIsDisabled

        boolean accessIsDisabled()
        Returns true if access is disabled (no access token configured).
        Returns:
        true if access is disabled, else false.

      • getLogger

        org.apache.logging.log4j.Logger getLogger()
        Gets the optional logger.
        Returns:
        The logger, null if not specified.

      • setLogger

        void setLogger​(org.apache.logging.log4j.Logger log)
        Sets the optional logger.
        Parameters:
        log - The logger, null if not specified.

      • isValid

        boolean isValid​(com.nimbusds.oauth2.sdk.token.BearerAccessToken accessToken)
        Returns true if the specified bearer access token is valid.
        Parameters:
        accessToken - The bearer access token to check, null if not specified.
        Returns:
        true if the specified bearer access token is valid, else false.

      • validateBearerAccessToken

        void validateBearerAccessToken​(String authzHeader)
                        throws javax.ws.rs.WebApplicationException
        Validates a bearer access token passed in the specified HTTP Authorization header value.
        Parameters:
        authzHeader - The HTTP Authorization header value, null if not specified.
        Throws:
        javax.ws.rs.WebApplicationException - If the header value is null, the web API is disabled, or the Bearer access token is missing or invalid.

      • validateBearerAccessToken

        boolean validateBearerAccessToken​(javax.servlet.http.HttpServletRequest servletRequest,
                                  javax.servlet.http.HttpServletResponse servletResponse)
                           throws IOException
        Validates a bearer access token passed in the specified HTTP servlet request.
        Parameters:
        servletRequest - The HTTP servlet request. Must not be null.
        servletResponse - The HTTP servlet response. Must not be null.
        Returns:
        true if the bearer access token was successfully validated, false.
        Throws:
        IOException - If the response couldn't be written.