Package org.yamcs.security
Class OpenIDAuthModule
- java.lang.Object
-
- org.yamcs.security.OpenIDAuthModule
-
- All Implemented Interfaces:
AuthModule
public class OpenIDAuthModule extends Object implements AuthModule
AuthModule that identifies users against an external identity provider compliant with OpenID Connect (OIDC).
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description protected static classOpenIDAuthModule.OpenIDAuthenticationInfo
-
Constructor Summary
Constructors Constructor Description OpenIDAuthModule()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description AuthenticationInfogetAuthenticationInfo(AuthenticationToken token)Identify the subject based on the given information.StringgetAuthorizationEndpoint()AuthorizationInfogetAuthorizationInfo(AuthenticationInfo authenticationInfo)Retrieve access control information based on the given AuthenticationInfo.StringgetClientId()StringgetScope()SpecgetSpec()Returns the valid configuration of the input args of this AuthModule.voidinit(YConfiguration args)Initialize this AuthModule.booleanverifyValidity(AuthenticationInfo authenticationInfo)Verify if previously generated authentication info is (still) valid.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.yamcs.security.AuthModule
authenticationSucceeded
-
-
-
-
Method Detail
-
getSpec
public Spec getSpec()
Description copied from interface:AuthModuleReturns the valid configuration of the input args of this AuthModule.- Specified by:
getSpecin interfaceAuthModule- Returns:
- the argument specification.
-
init
public void init(YConfiguration args) throws InitException
Description copied from interface:AuthModuleInitialize this AuthModule.- Specified by:
initin interfaceAuthModule- Parameters:
args- The configured arguments for this AuthModule. IfAuthModule.getSpec()is implemented then this contains the arguments after being validated (including any defaults).- Throws:
InitException- When something goes wrong during the execution of this method.
-
getAuthenticationInfo
public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException
Description copied from interface:AuthModuleIdentify the subject based on the given information.- Specified by:
getAuthenticationInfoin interfaceAuthModule- Returns:
- an info object containing the principal of the subject, or null if the login failed
- Throws:
AuthenticationException
-
getAuthorizationInfo
public AuthorizationInfo getAuthorizationInfo(AuthenticationInfo authenticationInfo) throws AuthorizationException
Description copied from interface:AuthModuleRetrieve access control information based on the given AuthenticationInfo. This AuthenticationInfo may have been generated by a different AuthModule.- Specified by:
getAuthorizationInfoin interfaceAuthModule- Returns:
- an info object containing role/privilege information of the subject
- Throws:
AuthorizationException
-
verifyValidity
public boolean verifyValidity(AuthenticationInfo authenticationInfo)
Description copied from interface:AuthModuleVerify if previously generated authentication info is (still) valid. For example, if the authentication info references an externally issued expiring ticket, this can be validated here.This method is called very frequently, so implementations must take care to limit external requests.
- Specified by:
verifyValidityin interfaceAuthModule- Parameters:
authenticationInfo- information relevant to the authentication process- Returns:
- true if the authentication info is valid, false otherwise
-
getClientId
public String getClientId()
-
getAuthorizationEndpoint
public String getAuthorizationEndpoint()
-
getScope
public String getScope()
-
-