IAMResponse (D4Science IAM Client 1.1.0-SNAPSHOT API)

All Known Implementing Classes:

AbstractIAMResponse, D4ScienceIAMClientAuthn, D4ScienceIAMClientAuthn4Client, D4ScienceIAMClientAuthn4User, D4ScienceIAMClientAuthz, OIDCBearerAuth
```
public interface IAMResponse
```
Interface for D4Science IAM response handling. Provides methods to access tokens, custom claims, and authentication information.

Author:

Mauro Mugnaini (Nubisware S.r.l.)

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`boolean`	`canBeRefreshed()` Check if the current response can be refreshed
`org.gcube.common.keycloak.model.AccessToken`	`getAccessToken()` Returns the access token in the response.
`String`	`getAccessTokenString()` Returns the access token in the response as string.
`String`	`getContactOrganization()` Returns the client's contact organization from the token
`String`	`getContactPerson()` Returns the client's contact person from the token
`Set<String>`	`getContextRoles()` Returns the resource roles for the resource specified in the token context
`Set<String>`	`getGlobalRoles()` Returns the realm roles in the token
`String`	`getName()` Returns the client's name from the token
`Set<String>`	`getResourceRoles(String resource)` Returns the resource roles for the resource specified in the resource parameter
`Set<String>`	`getRoles()` Returns all the roles, realm and from all the resources in the token in the same set
`boolean`	`isAccessTokenValid()` Quick way to check if the access token is valid by checking the digital signature and the token expiration
`boolean`	`isAccessTokenValid(boolean checkExpiration)` Quick way to check if the access token is valid by checking the digital signature and the token expiration if the `checkExpiration` parameter is `true`
`boolean`	`isExpired()` Check if the current response is expired
`boolean`	`isRefreshTokenValid()` Quick way to check if the refresh token present in the current response and it is valid by checking the digital signature and the token expiration
`boolean`	`isRefreshTokenValid(boolean checkExpiration)` Quick way to check if the refresh token present in the current response and it is valid by checking the digital signature and the token expiration if the `checkExpiration` parameter is `true`
`void`	`refresh()` Refreshes the current response, new data can be obtained again with accessors.
`void`	`verifyAccessToken()` Verifies the access token integrity and validity; token digital signature and expiration are reported via specific exceptions.
`void`	`verifyAccessToken(boolean checkExpiration)` Verifies the access token integrity and optionally for expiration; token digital signature and expiration are reported via specific exceptions.
`void`	`verifyRefreshToken()` Verifies the refresh token integrity and validity; token digital signature and expiration are reported via specific exceptions.
`void`	`verifyRefreshToken(boolean checkExpiration)` Verifies the refresh token integrity and validity; token digital signature and expiration are reported via specific exceptions.

- Method Detail
  - getAccessToken
```
org.gcube.common.keycloak.model.AccessToken getAccessToken()
                                                    throws D4ScienceIAMClientException
```
    Returns the access token in the response.
    
    Returns:
    
    The access token
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token decoding or JSON parsing
  - getAccessTokenString
```
String getAccessTokenString()
```
    Returns the access token in the response as string.
    
    Returns:
    
    The access token as string
  - isExpired
```
boolean isExpired()
           throws D4ScienceIAMClientException
```
    Check if the current response is expired
    
    Returns:
    
    true if the response is expired, false otherwise
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token decoding or JSON parsing
  - canBeRefreshed
```
boolean canBeRefreshed()
                throws D4ScienceIAMClientException
```
    Check if the current response can be refreshed
    
    Returns:
    
    true if the response can be refreshed, false otherwise
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token decoding or JSON parsing
  - refresh
```
void refresh()
      throws D4ScienceIAMClientException
```
    Refreshes the current response, new data can be obtained again with accessors.
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token refresh
  - getContextRoles
```
Set<String> getContextRoles()
                     throws D4ScienceIAMClientException
```
    Returns the resource roles for the resource specified in the token context
    
    Returns:
    
    the token context's roles
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token decoding or JSON parsing
  - getResourceRoles
```
Set<String> getResourceRoles(String resource)
                      throws D4ScienceIAMClientException
```
    Returns the resource roles for the resource specified in the resource parameter
    
    Parameters:
    
    resource - the resource of which obtain the roles
    
    Returns:
    
    the roles for the resource
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token decoding or JSON parsing
  - getRoles
```
Set<String> getRoles()
              throws D4ScienceIAMClientException
```
    Returns all the roles, realm and from all the resources in the token in the same set
    
    Returns:
    
    the union of all the roles in the token
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token decoding or JSON parsing
  - getGlobalRoles
```
Set<String> getGlobalRoles()
                    throws D4ScienceIAMClientException
```
    Returns the realm roles in the token
    
    Returns:
    
    the realm roles
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token decoding or JSON parsing
  - getContactOrganization
```
String getContactOrganization()
                       throws D4ScienceIAMClientException
```
    Returns the client's contact organization from the token
    
    Returns:
    
    the contact organization string
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token decoding or JSON parsing
  - getContactPerson
```
String getContactPerson()
                 throws D4ScienceIAMClientException
```
    Returns the client's contact person from the token
    
    Returns:
    
    the contact person string
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token decoding or JSON parsing
  - getName
```
String getName()
        throws D4ScienceIAMClientException
```
    Returns the client's name from the token
    
    Returns:
    
    the name string
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token decoding or JSON parsing
  - isAccessTokenValid
```
boolean isAccessTokenValid()
                    throws D4ScienceIAMClientException
```
    Quick way to check if the access token is valid by checking the digital signature and the token expiration
    
    Returns:
    
    true if the access token is valid, false otherwise
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token validity checks
  - isAccessTokenValid
```
boolean isAccessTokenValid(boolean checkExpiration)
                    throws D4ScienceIAMClientException
```
    Quick way to check if the access token is valid by checking the digital signature and the token expiration if the checkExpiration parameter is true
    
    Parameters:
    
    checkExpiration - checks also if the token is expired
    
    Returns:
    
    true if the access token is valid, false otherwise
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token validity checks
  - verifyAccessToken
```
void verifyAccessToken()
                throws org.gcube.io.jsonwebtoken.security.SignatureException,
                       org.gcube.io.jsonwebtoken.ExpiredJwtException,
                       D4ScienceIAMClientException
```
    Verifies the access token integrity and validity; token digital signature and expiration are reported via specific exceptions.
    
    Throws:
    
    org.gcube.io.jsonwebtoken.security.SignatureException - if the token has been tampered and/or signature is invalid
    
    org.gcube.io.jsonwebtoken.ExpiredJwtException - if the token validity is expired
    
    D4ScienceIAMClientException - if something else goes wrong during the token verification
  - verifyAccessToken
```
void verifyAccessToken(boolean checkExpiration)
                throws org.gcube.io.jsonwebtoken.security.SignatureException,
                       org.gcube.io.jsonwebtoken.ExpiredJwtException,
                       D4ScienceIAMClientException
```
    Verifies the access token integrity and optionally for expiration; token digital signature and expiration are reported via specific exceptions.
    
    Parameters:
    
    checkExpiration - if false token expiration check is disabled
    
    Throws:
    
    org.gcube.io.jsonwebtoken.security.SignatureException - if the token has been tampered and/or signature is invalid
    
    org.gcube.io.jsonwebtoken.ExpiredJwtException - if the token validity is expired if the checkExpiration argument is true
    
    D4ScienceIAMClientException - if something else goes wrong during the token verification
  - isRefreshTokenValid
```
boolean isRefreshTokenValid()
                     throws D4ScienceIAMClientException
```
    Quick way to check if the refresh token present in the current response and it is valid by checking the digital signature and the token expiration
    
    Returns:
    
    true if the refresh token is valid, false otherwise
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token validity checks
  - isRefreshTokenValid
```
boolean isRefreshTokenValid(boolean checkExpiration)
                     throws D4ScienceIAMClientException
```
    Quick way to check if the refresh token present in the current response and it is valid by checking the digital signature and the token expiration if the checkExpiration parameter is true
    
    Parameters:
    
    checkExpiration - checks also if the token is expired
    
    Returns:
    
    true if the refresh token is valid, false otherwise
    
    Throws:
    
    D4ScienceIAMClientException - if something goes wrong during the token validity checks
  - verifyRefreshToken
```
void verifyRefreshToken()
                 throws org.gcube.io.jsonwebtoken.security.SignatureException,
                        org.gcube.io.jsonwebtoken.ExpiredJwtException,
                        D4ScienceIAMClientException
```
    Verifies the refresh token integrity and validity; token digital signature and expiration are reported via specific exceptions.
    
    Throws:
    
    org.gcube.io.jsonwebtoken.security.SignatureException - if the token has been tampered and/or signature is invalid
    
    org.gcube.io.jsonwebtoken.ExpiredJwtException - if the token validity is expired
    
    D4ScienceIAMClientException - if something else goes wrong during the token verification
  - verifyRefreshToken
```
void verifyRefreshToken(boolean checkExpiration)
                 throws org.gcube.io.jsonwebtoken.security.SignatureException,
                        org.gcube.io.jsonwebtoken.ExpiredJwtException,
                        D4ScienceIAMClientException
```
    Verifies the refresh token integrity and validity; token digital signature and expiration are reported via specific exceptions.
    
    Parameters:
    
    checkExpiration - if false token expiration check is disabled
    
    Throws:
    
    org.gcube.io.jsonwebtoken.security.SignatureException - if the token has been tampered and/or signature is invalid
    
    org.gcube.io.jsonwebtoken.ExpiredJwtException - if the token validity is expired if the checkExpiration argument is true
    
    D4ScienceIAMClientException - if something else goes wrong during the token verification

Interface IAMResponse

Method Summary

Method Detail

getAccessToken

getAccessTokenString

isExpired

canBeRefreshed

refresh

getContextRoles

getResourceRoles

getRoles

getGlobalRoles

getContactOrganization

getContactPerson

getName

isAccessTokenValid

isAccessTokenValid

verifyAccessToken

verifyAccessToken

isRefreshTokenValid

isRefreshTokenValid

verifyRefreshToken

verifyRefreshToken