Package org.gcube.common.iam

Class OIDCBearerAuth

java.lang.Object

org.gcube.common.iam.AbstractIAMResponse

org.gcube.common.iam.D4ScienceIAMClientAuthn

org.gcube.common.iam.OIDCBearerAuth

All Implemented Interfaces:

IAMResponse

public class OIDCBearerAuth
extends D4ScienceIAMClientAuthn

OIDC Bearer authentication implementation for handling bearer tokens. Provides utility methods to construct authentication objects from various token formats.

Author:

Mauro Mugnaini (Nubisware S.r.l.)

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	OIDCBearerAuth(D4ScienceIAMClient iamClient, org.gcube.common.keycloak.model.TokenResponse tokenResponse)	Creates a new OIDC bearer authentication instance.

Method Summary

Modifier and Type	Method	Description
static OIDCBearerAuth	fromAccessTokenString(String accessToken)	Constructs a new object from an OIDC base64 encoded access-token string.
static OIDCBearerAuth	fromAuthorizationHeader(String authorizationHeader)	Constructs a new object from an HTTP authorization header containing the bearer token with an OIDC access-token.
static OIDCBearerAuth	fromBearerAuthorization(String bearerAuthorization)	Constructs a new object from a bearer token with an OIDC access-token.

Methods inherited from class org.gcube.common.iam.D4ScienceIAMClientAuthn

authorize, authorize

Methods inherited from class org.gcube.common.iam.AbstractIAMResponse

canBeRefreshed, getAccessToken, getAccessTokenString, getContactOrganization, getContactPerson, getContextRoles, getGlobalRoles, getIamClient, getName, getRefreshTokenString, getResourceRoles, getRoles, getTokenResponse, isAccessTokenValid, isAccessTokenValid, isExpired, isRefreshTokenValid, isRefreshTokenValid, refresh, refresh, setIamClient, setTokenResponse, verifyAccessToken, verifyRefreshToken

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OIDCBearerAuth

protected OIDCBearerAuth(D4ScienceIAMClient iamClient,
 org.gcube.common.keycloak.model.TokenResponse tokenResponse)

Creates a new OIDC bearer authentication instance.

Parameters:

iamClient - the IAM client

tokenResponse - the token response

Method Details

fromAuthorizationHeader

public static OIDCBearerAuth fromAuthorizationHeader(String authorizationHeader)

Constructs a new object from an HTTP authorization header containing the bearer token with an OIDC access-token.

Parameters:

authorizationHeader - the HTTP authorization header

Returns:

the auth object

fromBearerAuthorization

public static OIDCBearerAuth fromBearerAuthorization(String bearerAuthorization)

Constructs a new object from a bearer token with an OIDC access-token.

Parameters:

bearerAuthorization - the bearer token (with or without 'bearer ' prefix

Returns:

the auth object

fromAccessTokenString

public static OIDCBearerAuth fromAccessTokenString(String accessToken)

Constructs a new object from an OIDC base64 encoded access-token string.

Parameters:

accessToken - the OIDC base64 encoded access-token string

Returns:

the auth object