Class TokenSecurityRealm.TokenRealmIdentity
- java.lang.Object
-
- org.wildfly.security.auth.realm.token.TokenSecurityRealm.TokenRealmIdentity
-
- All Implemented Interfaces:
RealmIdentity
- Enclosing class:
- TokenSecurityRealm
final class TokenSecurityRealm.TokenRealmIdentity extends Object implements RealmIdentity
-
-
Field Summary
Fields Modifier and Type Field Description private Attributesclaimsprivate BearerTokenEvidenceevidence-
Fields inherited from interface org.wildfly.security.auth.server.RealmIdentity
ANONYMOUS, NON_EXISTENT
-
-
Constructor Summary
Constructors Constructor Description TokenRealmIdentity(Evidence evidence)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanexists()Determine if the identity exists in lieu of verifying or acquiring a credential.AuthorizationIdentitygetAuthorizationIdentity()Get an authorization identity for this pre-authenticated identity.private AttributesgetClaims()<C extends Credential>
CgetCredential(Class<C> credentialType)Acquire a credential of the given type.SupportLevelgetCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)Determine whether a given credential type is definitely obtainable, possibly obtainable, or definitely not obtainable for this identity.SupportLevelgetEvidenceVerifySupport(Class<? extends Evidence> evidenceType, String algorithmName)Determine whether a given type of evidence is definitely verifiable, possibly verifiable, or definitely not verifiable.PrincipalgetRealmIdentityPrincipal()Get the principal that canonically identifies the identity within the realm.private voidsetClaims(Attributes claims)private AttributesvalidateToken(Evidence evidence)booleanverifyEvidence(Evidence evidence)Verify the given evidence against a credential of this identity.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.wildfly.security.auth.server.RealmIdentity
applyToCredential, applyToCredential, applyToCredential, dispose, getAttributes, getCredential, getCredential, getCredentialAcquireSupport, updateCredential
-
-
-
-
Field Detail
-
evidence
private final BearerTokenEvidence evidence
-
claims
private Attributes claims
-
-
Constructor Detail
-
TokenRealmIdentity
TokenRealmIdentity(Evidence evidence)
-
-
Method Detail
-
getRealmIdentityPrincipal
public Principal getRealmIdentityPrincipal()
Description copied from interface:RealmIdentityGet the principal that canonically identifies the identity within the realm. This method may return the principal object which was passed in as a parameter toSecurityRealm.getRealmIdentity(Principal)(a.k.a. domain principal), but is not required to do so. Any existent realm identity (i.e. any identity which returnstrueon invocation ofRealmIdentity.exists()) must return a non-nullprincipal.- Specified by:
getRealmIdentityPrincipalin interfaceRealmIdentity- Returns:
- the principal for this realm identity (may not be
null)
-
verifyEvidence
public boolean verifyEvidence(Evidence evidence) throws RealmUnavailableException
Description copied from interface:RealmIdentityVerify the given evidence against a credential of this identity. The credential to be used is selected based on the evidence type.- Specified by:
verifyEvidencein interfaceRealmIdentity- Parameters:
evidence- the evidence to verify- Returns:
trueif verification was successful,falseotherwise- Throws:
RealmUnavailableException- if the realm is not able to handle requests for any reason
-
exists
public boolean exists() throws RealmUnavailableExceptionDescription copied from interface:RealmIdentityDetermine if the identity exists in lieu of verifying or acquiring a credential. This method is intended to be used to verify an identity for non-authentication purposes only. Implementations of this method should returnfalseup until the point it is known that a call toRealmIdentity.getAuthorizationIdentity()can successfully return an identity. If a realm can load an identity independently of credential acquisition and evidence verification if not already loaded it should be loaded at the time of this call to return an accurate result.- Specified by:
existsin interfaceRealmIdentity- Returns:
trueif the identity exists in this realm,falseotherwise- Throws:
RealmUnavailableException- if the realm is not able to handle requests for any reason
-
getAuthorizationIdentity
public AuthorizationIdentity getAuthorizationIdentity() throws RealmUnavailableException
Description copied from interface:RealmIdentityGet an authorization identity for this pre-authenticated identity.- Specified by:
getAuthorizationIdentityin interfaceRealmIdentity- Returns:
- the authorization identity (may not be
null) - Throws:
RealmUnavailableException- if the realm is not able to handle requests for any reason
-
getCredentialAcquireSupport
public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec) throws RealmUnavailableException
Description copied from interface:RealmIdentityDetermine whether a given credential type is definitely obtainable, possibly obtainable, or definitely not obtainable for this identity.- Specified by:
getCredentialAcquireSupportin interfaceRealmIdentity- Parameters:
credentialType- the exact credential type (must not benull)algorithmName- the algorithm name, ornullif any algorithm is acceptable or the credential type does not support algorithm namesparameterSpec- the algorithm parameters to match, ornullif any parameters are acceptable or the credential type does not support algorithm parameters- Returns:
- the level of support for this credential type (may not be
null) - Throws:
RealmUnavailableException- if the realm is not able to handle requests for any reason
-
getCredential
public <C extends Credential> C getCredential(Class<C> credentialType) throws RealmUnavailableException
Description copied from interface:RealmIdentityAcquire a credential of the given type.- Specified by:
getCredentialin interfaceRealmIdentity- Type Parameters:
C- the credential type- Parameters:
credentialType- the credential type class (must not benull)- Returns:
- the credential, or
nullif no such credential exists - Throws:
RealmUnavailableException- if the realm is not able to handle requests for any reason
-
getEvidenceVerifySupport
public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> evidenceType, String algorithmName) throws RealmUnavailableException
Description copied from interface:RealmIdentityDetermine whether a given type of evidence is definitely verifiable, possibly verifiable, or definitely not verifiable.- Specified by:
getEvidenceVerifySupportin interfaceRealmIdentity- Parameters:
evidenceType- the type of evidence to be verified (must not benull)algorithmName- the algorithm name, ornullif any algorithm is acceptable or the evidence type does not support algorithm names- Returns:
- the level of support for this evidence type
- Throws:
RealmUnavailableException- if the realm is not able to handle requests for any reason
-
setClaims
private void setClaims(Attributes claims) throws RealmUnavailableException
- Throws:
RealmUnavailableException
-
getClaims
private Attributes getClaims() throws RealmUnavailableException
- Throws:
RealmUnavailableException
-
validateToken
private Attributes validateToken(Evidence evidence) throws RealmUnavailableException
- Throws:
RealmUnavailableException
-
-