Package com.sap.cloud.security.servlet

Class AbstractTokenAuthenticator

java.lang.Object
com.sap.cloud.security.servlet.AbstractTokenAuthenticator
All Implemented Interfaces:
TokenAuthenticator
Direct Known Subclasses:
IasTokenAuthenticator, XsuaaTokenAuthenticator
public abstract class AbstractTokenAuthenticator extends Object implements TokenAuthenticator

  • Field Details

    • httpClient

      protected org.apache.http.impl.client.CloseableHttpClient httpClient

    • serviceConfiguration

      protected OAuth2ServiceConfiguration serviceConfiguration

  • Constructor Details

    • AbstractTokenAuthenticator

      public AbstractTokenAuthenticator()

  • Method Details

    • validateRequest

      public TokenAuthenticationResult validateRequest(jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response)
      Specified by:
      validateRequest in interface TokenAuthenticator

    • withCacheConfiguration

      public AbstractTokenAuthenticator withCacheConfiguration(CacheConfiguration cacheConfiguration)
      Use to configure the token key cache.
      Parameters:
      cacheConfiguration - the cache configuration
      Returns:
      this authenticator

    • withHttpClient

      public AbstractTokenAuthenticator withHttpClient(org.apache.http.impl.client.CloseableHttpClient httpClient)
      Use to configure the HttpClient that is used to retrieve token keys or to perform a token-exchange.
      Parameters:
      httpClient - the HttpClient
      Returns:
      this authenticator

    • withServiceConfiguration

      public AbstractTokenAuthenticator withServiceConfiguration(OAuth2ServiceConfiguration serviceConfiguration)
      Use to override the service configuration used.
      Parameters:
      serviceConfiguration - the service configuration to use
      Returns:
      this authenticator

    • withValidationListener

      public AbstractTokenAuthenticator withValidationListener(ValidationListener validationListener)
      Adds the validation listener to the jwt validator that is being used by the authenticator to validate the tokens.
      Parameters:
      validationListener - the listener to be added.
      Returns:
      the authenticator instance

    • getServiceConfiguration

      protected abstract OAuth2ServiceConfiguration getServiceConfiguration()
      Return configured service configuration or Environments.getCurrent() if not configured.
      Returns:
      the actual service configuration
      Throws:
      IllegalStateException - in case service configuration is null

    • getOtherServiceConfiguration

      @Nullable protected abstract OAuth2ServiceConfiguration getOtherServiceConfiguration()
      Return other configured service configurations or null if not configured.
      Returns:
      the other service configuration or null

    • extractFromHeader

      protected abstract Token extractFromHeader(String authorizationHeader)
      Extracts the Token from the authorization header.
      Parameters:
      authorizationHeader - the value of the 'Authorization' request header
      Returns:
      the Token instance.

    • authenticated

      protected TokenAuthenticationResult authenticated(Token token)