io.apiman.common.auth

Class AuthTokenUtil

java.lang.Object

io.apiman.common.auth.AuthTokenUtil

public class AuthTokenUtil
extends Object

A simple class to generate and consume authentication tokens. This is a very naive token-based authentication mechanism. It is useful for unit testing and demos, but should not be used in production as it is not secure. In production, it is better to use OAuth or some other mature bearer token style authentication approach.

Author:

eric.wittmann@redhat.com

Constructor Summary

Constructors

Constructor and Description
AuthTokenUtil()

Method Summary

Methods

Modifier and Type	Method and Description
static AuthToken	consumeToken(String encodedJson) Consumes an auth token, validating it during the process.
static AuthToken	createAuthToken(String principal, Set<String> roles, int expiresInMillis) Creates an auth token.
static AuthToken	fromJSON(String json) Read the auth token from the JSON string.
static String	produceToken(String principal, Set<String> roles, int expiresInMillis) Produce a token suitable for transmission.
static void	signAuthToken(AuthToken token) Adds a digital signature to the auth token.
static String	toJSON(AuthToken token) Convert the auth token to a JSON string.
static void	validateToken(AuthToken token) Validates an auth token.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthTokenUtil

public AuthTokenUtil()

Method Detail

produceToken

public static final String produceToken(String principal,
                  Set<String> roles,
                  int expiresInMillis)

Produce a token suitable for transmission. This will generate the auth token, then serialize it to a JSON string, then Base64 encode the JSON.

Parameters:

principal -

roles -

expiresInMillis -

consumeToken

public static final AuthToken consumeToken(String encodedJson)
                                    throws IllegalArgumentException

Consumes an auth token, validating it during the process. If successful, the AuthToken is returned. If the token is invalid (expired or bad signature) then an IllegalArgumentException is thrown. Any other error will result in a runtime exception.

Parameters:

encodedJson -

Throws:

IllegalArgumentException

validateToken

public static final void validateToken(AuthToken token)
                                throws IllegalArgumentException

Validates an auth token. This checks the expiration time of the token against the current system time. It also checks the validity of the signature.

Parameters:

token -

Throws:

IllegalArgumentException

createAuthToken

public static final AuthToken createAuthToken(String principal,
                        Set<String> roles,
                        int expiresInMillis)

Creates an auth token.

Parameters:

principal -

roles -

expiresInMillis -

signAuthToken

public static final void signAuthToken(AuthToken token)

Adds a digital signature to the auth token.

Parameters:

token -

toJSON

public static final String toJSON(AuthToken token)

Convert the auth token to a JSON string.

Parameters:

token -

fromJSON

public static final AuthToken fromJSON(String json)

Read the auth token from the JSON string.

Parameters:

json -