Package org.wildfly.security.auth.client

Class AuthenticationContextConfigurationClient

  • public final class AuthenticationContextConfigurationClient
extends Object
    A client for consuming authentication context configurations.
    Author:
    David M. Lloyd

    • Constructor Detail

      • AuthenticationContextConfigurationClient

        public AuthenticationContextConfigurationClient()
                                         throws SecurityException
        Construct a new instance. Requires the createAuthenticationContextConfigurationClient ElytronPermission.
        Throws:
        SecurityException - if the caller does not have permission to instantiate this class

    • Method Detail

      • getAuthenticationConfiguration

        public AuthenticationConfiguration getAuthenticationConfiguration​(URI uri,
                                                                  AuthenticationContext authenticationContext)
        Get the authentication configuration which matches the given URI, or AuthenticationConfiguration.EMPTY if there is none.
        Parameters:
        uri - the URI to match (must not be null)
        authenticationContext - the authentication context to examine (must not be null)
        Returns:
        the matching configuration

      • getAuthenticationConfiguration

        public AuthenticationConfiguration getAuthenticationConfiguration​(URI uri,
                                                                  AuthenticationContext authenticationContext,
                                                                  int protocolDefaultPort)
        Get the authentication configuration which matches the given URI, or AuthenticationConfiguration.EMPTY if there is none, setting a default protocol port.
        Parameters:
        uri - the URI to match (must not be null)
        authenticationContext - the authentication context to examine (must not be null)
        protocolDefaultPort - the protocol-default port
        Returns:
        the matching configuration

      • getAuthenticationConfiguration

        public AuthenticationConfiguration getAuthenticationConfiguration​(URI uri,
                                                                  AuthenticationContext authenticationContext,
                                                                  int protocolDefaultPort,
                                                                  String abstractType,
                                                                  String abstractTypeAuthority)
        Get the authentication configuration which matches the given URI and type, or AuthenticationConfiguration.EMPTY if there is none, setting a default protocol port. The user name, host, port, and protocol from the URI are copied into the configuration when the configuration does not already establish values for those fields.
        Parameters:
        uri - the URI to match (must not be null)
        authenticationContext - the authentication context to examine (must not be null)
        protocolDefaultPort - the protocol-default port
        abstractType - the abstract type (may be null)
        abstractTypeAuthority - the abstract type authority (may be null)
        Returns:
        the matching configuration

      • getAuthenticationConfigurationNoOverrides

        public AuthenticationConfiguration getAuthenticationConfigurationNoOverrides​(URI uri,
                                                                             AuthenticationContext authenticationContext,
                                                                             String abstractType,
                                                                             String abstractTypeAuthority)
        Get the authentication configuration which matches the given URI and type, or AuthenticationConfiguration.EMPTY if there is none. The user name from the URI is copied into the configuration if the configuration does not already establish a value for that field. No host, port, or protocol information is copied to the resultant configuration from the URI.
        Parameters:
        uri - the URI to match (must not be null)
        authenticationContext - the authentication context to examine (must not be null)
        abstractType - the abstract type (may be null)
        abstractTypeAuthority - the abstract type authority (may be null)
        Returns:
        the matching configuration

      • getSSLContext

        public SSLContext getSSLContext​(URI uri,
                                AuthenticationContext authenticationContext,
                                String abstractType,
                                String abstractTypeAuthority)
                         throws GeneralSecurityException
        Get the SSL context which matches the given URI and type, or SSLContext.getDefault() if there is none.
        Parameters:
        uri - the URI to match (must not be null)
        authenticationContext - the authentication context to examine (must not be null)
        abstractType - the abstract type (may be null)
        abstractTypeAuthority - the abstract type authority (may be null)
        Returns:
        the matching SSL context
        Throws:
        GeneralSecurityException

      • getSSLContextFactory

        public SecurityFactory<SSLContext> getSSLContextFactory​(URI uri,
                                                        AuthenticationContext authenticationContext,
                                                        String abstractType,
                                                        String abstractTypeAuthority)
        Get the SSL context factory which matches the given URI and type, or SSLContext.getDefault() if there is none.
        Parameters:
        uri - the URI to match
        authenticationContext - the authentication context to examine (must not be null)
        abstractType - the abstract type (may be null)
        abstractTypeAuthority - the abstract type authority (may be null)
        Returns:
        the matching SSL context factory (not null)

      • getCallbackHandler

        public CallbackHandler getCallbackHandler​(AuthenticationConfiguration configuration)
        Get an authentication callback handler for the given configuration.
        Parameters:
        configuration - the configuration (must not be null)
        Returns:
        the callback handler

      • getRealHost

        @Deprecated
public String getRealHost​(URI uri,
                          AuthenticationConfiguration configuration)
        Deprecated.
        Use URI.getHost() instead.
        Get the actual host to use for the given configuration and URI.
        Parameters:
        uri - the URI (must not be null)
        configuration - the configuration (must not be null)
        Returns:
        the real host to use

      • getRealHost

        @Deprecated
public String getRealHost​(AuthenticationConfiguration configuration)
        Deprecated.
        This configuration is not supported by most providers and will be removed in a future release.
        Get the actual host to use for the given configuration.
        Parameters:
        configuration - the configuration (must not be null)
        Returns:
        the real host to use

      • getRealPort

        @Deprecated
public int getRealPort​(URI uri,
                       AuthenticationConfiguration configuration)
        Deprecated.
        Use URI.getPort() instead.
        Get the actual port to use for the given configuration and URI.
        Parameters:
        uri - the URI (must not be null)
        configuration - the configuration (must not be null)
        Returns:
        the real port to use

      • getRealPort

        @Deprecated
public int getRealPort​(AuthenticationConfiguration configuration)
        Deprecated.
        This configuration is not supported by most providers and will be removed in a future release.
        Get the actual port to use for the given configuration.
        Parameters:
        configuration - the configuration (must not be null)
        Returns:
        the real port to use

      • getRealProtocol

        @Deprecated
public String getRealProtocol​(URI uri,
                              AuthenticationConfiguration configuration)
        Deprecated.
        Use URI.getScheme() instead.
        Get the actual protocol to use for the given configuration and URI.
        Parameters:
        uri - the URI (must not be null)
        configuration - the configuration (must not be null)
        Returns:
        the actual protocol to use, or null if none is configured and none is present on the URI

      • getRealProtocol

        @Deprecated
public String getRealProtocol​(AuthenticationConfiguration configuration)
        Deprecated.
        This configuration is not supported by most providers and will be removed in a future release.
        Get the actual protocol to use for the given configuration.
        Parameters:
        configuration - the configuration (must not be null)
        Returns:
        the actual protocol to use, or null if none is configured

      • getSaslProtocol

        public String getSaslProtocol​(AuthenticationConfiguration configuration)
        Get the actual sasl protocol to use for the given configuration.
        Parameters:
        configuration - the configuration (must not be null)
        Returns:
        the real port to use

      • getWsHttpMech

        public String getWsHttpMech​(AuthenticationConfiguration configuration)
        Get the WebServices HTTP mechanism to use for the given configuration.
        Parameters:
        configuration - the configuration (must not be null)
        Returns:
        the HTTP mechanism to use

      • getWsSecurityType

        public String getWsSecurityType​(AuthenticationConfiguration configuration)
        Get the actual WS-Security type to use for the given configuration.
        Parameters:
        configuration - the configuration (must not be null)
        Returns:
        the WS-Security type to use

      • getPrincipal

        public Principal getPrincipal​(AuthenticationConfiguration configuration)
        Get the authentication principal to use for the given configuration.
        Parameters:
        configuration - the configuration (must not be null)
        Returns:
        the authentication principal (not null)

      • getAuthorizationPrincipal

        public Principal getAuthorizationPrincipal​(AuthenticationConfiguration configuration)
        Get the authorization principal to use for the given configuration.
        Parameters:
        configuration - the configuration (must not be null)
        Returns:
        the authorization principal, or null if none is specified

      • createSaslClient

        public SaslClient createSaslClient​(URI uri,
                                   AuthenticationConfiguration configuration,
                                   Collection<String> offeredMechanisms)
                            throws SaslException
        Create a SASL client using the given URI and configuration from the given SASL client factory.
        Parameters:
        uri - the target URI (must not be null)
        configuration - the authentication configuration (must not be null)
        offeredMechanisms - the available mechanisms (must not be null)
        Returns:
        the SASL client, or null if no clients were available or could be configured
        Throws:
        SaslException

      • createSaslClient

        public SaslClient createSaslClient​(URI uri,
                                   AuthenticationConfiguration configuration,
                                   Collection<String> offeredMechanisms,
                                   UnaryOperator<SaslClientFactory> factoryOperator,
                                   SSLSession sslSession)
                            throws SaslException
        Create a SASL client using the given URI and configuration from the given SASL client factory.
        Parameters:
        uri - the target URI (must not be null)
        configuration - the authentication configuration (must not be null)
        offeredMechanisms - the available mechanisms (must not be null)
        factoryOperator - a UnaryOperator to apply to the SaslClientFactory used
        sslSession - the SSL session active for this connection, or null for none
        Returns:
        the SASL client, or null if no clients were available or could be configured
        Throws:
        SaslException

      • getDestinationInetSocketAddress

        @Deprecated
public InetSocketAddress getDestinationInetSocketAddress​(URI uri,
                                                         AuthenticationConfiguration configuration,
                                                         int protocolDefaultPort)
        Deprecated.
        Use Inet.getResolved(java.net.URI, int) instead.
        Get the address of the destination from a configuration and URI. The configuration may rewrite the destination as needed.
        Parameters:
        uri - the connection URI (must not be null)
        configuration - the authentication configuration to use (must not be null)
        protocolDefaultPort - the default port for the protocol
        Returns:
        the address of the destination

      • getDestinationInetSocketAddress

        @Deprecated
public InetSocketAddress getDestinationInetSocketAddress​(AuthenticationConfiguration configuration)
        Deprecated.
        This configuration is not supported by most providers and will be removed in a future release.
        Get the address of the destination from a configuration. The configuration may rewrite the destination as needed.
        Parameters:
        configuration - the authentication configuration to use (must not be null)
        Returns:
        the address of the destination

      • connect

        @Deprecated
public Socket connect​(URI uri,
                      AuthenticationConfiguration configuration,
                      int protocolDefaultPort)
               throws IOException
        Deprecated.
        Use Inet.getResolved(java.net.URI, int) with Socket(InetAddress, int) instead.
        Connect a plain socket to the given URI.
        Parameters:
        uri - the connection URI
        configuration - the authentication configuration to use
        protocolDefaultPort - the default port for the protocol used in the URI
        Returns:
        the connected socket
        Throws:
        IOException - if socket creation or connection fails for some reason

      • getProviderSupplier

        public Supplier<Provider[]> getProviderSupplier​(AuthenticationConfiguration configuration)
        Get a Supplier as a source for all Provider instances registered in the given configuration.
        Parameters:
        configuration - the authentication configuration to use (must not be null)
        Returns:
        a supplier as a source for Provider instances (not null)