Package org.wildfly.security.auth.client

Class AuthenticationContextConfigurationClient

java.lang.Object
org.wildfly.security.auth.client.AuthenticationContextConfigurationClient
public final class AuthenticationContextConfigurationClient extends Object
A client for consuming authentication context configurations.
Author:
David M. Lloyd

  • Field Details

  • Constructor Details

    • AuthenticationContextConfigurationClient

      public AuthenticationContextConfigurationClient() throws SecurityException
      Construct a new instance. Requires the createAuthenticationContextConfigurationClient ElytronPermission.
      Throws:
      SecurityException - if the caller does not have permission to instantiate this class

  • Method Details

    • getAuthenticationConfiguration

      public AuthenticationConfiguration getAuthenticationConfiguration(URI uri, AuthenticationContext authenticationContext)
      Get the authentication configuration which matches the given URI, or AuthenticationConfiguration.EMPTY if there is none.
      Parameters:
      uri - the URI to match (must not be null)
      authenticationContext - the authentication context to examine (must not be null)
      Returns:
      the matching configuration

    • getAuthenticationConfiguration

      public AuthenticationConfiguration getAuthenticationConfiguration(URI uri, AuthenticationContext authenticationContext, int protocolDefaultPort)
      Get the authentication configuration which matches the given URI, or AuthenticationConfiguration.EMPTY if there is none, setting a default protocol port.
      Parameters:
      uri - the URI to match (must not be null)
      authenticationContext - the authentication context to examine (must not be null)
      protocolDefaultPort - the protocol-default port
      Returns:
      the matching configuration

    • getAuthenticationConfiguration

      public AuthenticationConfiguration getAuthenticationConfiguration(URI uri, AuthenticationContext authenticationContext, int protocolDefaultPort, String abstractType, String abstractTypeAuthority)
      Get the authentication configuration which matches the given URI and type, or AuthenticationConfiguration.EMPTY if there is none, setting a default protocol port. The user name, host, port, and protocol from the URI are copied into the configuration when the configuration does not already establish values for those fields.
      Parameters:
      uri - the URI to match (must not be null)
      authenticationContext - the authentication context to examine (must not be null)
      protocolDefaultPort - the protocol-default port
      abstractType - the abstract type (may be null)
      abstractTypeAuthority - the abstract type authority (may be null)
      Returns:
      the matching configuration

    • getAuthenticationConfigurationNoOverrides

      public AuthenticationConfiguration getAuthenticationConfigurationNoOverrides(URI uri, AuthenticationContext authenticationContext, String abstractType, String abstractTypeAuthority)
      Get the authentication configuration which matches the given URI and type, or AuthenticationConfiguration.EMPTY if there is none. The user name from the URI is copied into the configuration if the configuration does not already establish a value for that field. No host, port, or protocol information is copied to the resultant configuration from the URI.
      Parameters:
      uri - the URI to match (must not be null)
      authenticationContext - the authentication context to examine (must not be null)
      abstractType - the abstract type (may be null)
      abstractTypeAuthority - the abstract type authority (may be null)
      Returns:
      the matching configuration

    • getConfiguredSSLContexts

      public List<SSLContext> getConfiguredSSLContexts(AuthenticationContext authenticationContext) throws GeneralSecurityException
      Get all SSL contexts configured for this authentication context.
      Parameters:
      authenticationContext - the authentication context to examine (must not be null)
      Returns:
      List of all configured SSL contexts belonging to the provided authentication context
      Throws:
      GeneralSecurityException

    • getDefaultSSLContext

      public SSLContext getDefaultSSLContext(AuthenticationContext authenticationContext) throws GeneralSecurityException
      Get the default SSL context that should be used when no other rules match, or SSLContext.getDefault() if there is none configured.
      Parameters:
      authenticationContext - the authentication context to examine (must not be null)
      Returns:
      the default SSL context configured if no other rules match
      Throws:
      GeneralSecurityException

    • getSSLContext

      public SSLContext getSSLContext(AuthenticationContext authenticationContext) throws GeneralSecurityException
      Get the configured SSL context which matches ALL rules from provided AuthenticationContext, or SSLContext.getDefault() if there is none.
      Parameters:
      authenticationContext - the authentication context to examine (must not be null)
      Returns:
      the SSL context from provided AuthenticationContext that matches ALL rules
      Throws:
      GeneralSecurityException

    • getSSLContext

      public SSLContext getSSLContext(URI uri, AuthenticationContext authenticationContext) throws GeneralSecurityException
      Get the SSL context which matches the given URI, or SSLContext.getDefault() if there is none.
      Parameters:
      uri - the URI to match (must not be null)
      authenticationContext - the authentication context to examine (must not be null)
      Returns:
      the matching SSL context
      Throws:
      GeneralSecurityException

    • getSSLContext

      public SSLContext getSSLContext(URI uri, AuthenticationContext authenticationContext, String abstractType, String abstractTypeAuthority) throws GeneralSecurityException
      Get the SSL context which matches the given URI and type, or SSLContext.getDefault() if there is none.
      Parameters:
      uri - the URI to match (must not be null)
      authenticationContext - the authentication context to examine (must not be null)
      abstractType - the abstract type (may be null)
      abstractTypeAuthority - the abstract type authority (may be null)
      Returns:
      the matching SSL context
      Throws:
      GeneralSecurityException

    • getSSLContextFactory

      public org.wildfly.security.SecurityFactory<SSLContext> getSSLContextFactory(URI uri, AuthenticationContext authenticationContext, String abstractType, String abstractTypeAuthority)
      Get the SSL context factory which matches the given URI and type, or SSLContext.getDefault() if there is none.
      Parameters:
      uri - the URI to match
      authenticationContext - the authentication context to examine (must not be null)
      abstractType - the abstract type (may be null)
      abstractTypeAuthority - the abstract type authority (may be null)
      Returns:
      the matching SSL context factory (not null)

    • getCallbackHandler

      public CallbackHandler getCallbackHandler(AuthenticationConfiguration configuration)
      Get an authentication callback handler for the given configuration.
      Parameters:
      configuration - the configuration (must not be null)
      Returns:
      the callback handler

    • getRealHost

      @Deprecated public String getRealHost(URI uri, AuthenticationConfiguration configuration)
      Deprecated.
      Use URI.getHost() instead.
      Get the actual host to use for the given configuration and URI.
      Parameters:
      uri - the URI (must not be null)
      configuration - the configuration (must not be null)
      Returns:
      the real host to use

    • getRealHost

      @Deprecated public String getRealHost(AuthenticationConfiguration configuration)
      Deprecated.
      This configuration is not supported by most providers and will be removed in a future release.
      Get the actual host to use for the given configuration.
      Parameters:
      configuration - the configuration (must not be null)
      Returns:
      the real host to use

    • getRealPort

      @Deprecated public int getRealPort(URI uri, AuthenticationConfiguration configuration)
      Deprecated.
      Use URI.getPort() instead.
      Get the actual port to use for the given configuration and URI.
      Parameters:
      uri - the URI (must not be null)
      configuration - the configuration (must not be null)
      Returns:
      the real port to use

    • getRealPort

      @Deprecated public int getRealPort(AuthenticationConfiguration configuration)
      Deprecated.
      This configuration is not supported by most providers and will be removed in a future release.
      Get the actual port to use for the given configuration.
      Parameters:
      configuration - the configuration (must not be null)
      Returns:
      the real port to use

    • getRealProtocol

      @Deprecated public String getRealProtocol(URI uri, AuthenticationConfiguration configuration)
      Deprecated.
      Use URI.getScheme() instead.
      Get the actual protocol to use for the given configuration and URI.
      Parameters:
      uri - the URI (must not be null)
      configuration - the configuration (must not be null)
      Returns:
      the actual protocol to use, or null if none is configured and none is present on the URI

    • getRealProtocol

      @Deprecated public String getRealProtocol(AuthenticationConfiguration configuration)
      Deprecated.
      This configuration is not supported by most providers and will be removed in a future release.
      Get the actual protocol to use for the given configuration.
      Parameters:
      configuration - the configuration (must not be null)
      Returns:
      the actual protocol to use, or null if none is configured

    • getSaslProtocol

      public String getSaslProtocol(AuthenticationConfiguration configuration)
      Get the actual sasl protocol to use for the given configuration.
      Parameters:
      configuration - the configuration (must not be null)
      Returns:
      the real port to use

    • getWsHttpMech

      public String getWsHttpMech(AuthenticationConfiguration configuration)
      Get the WebServices HTTP mechanism to use for the given configuration.
      Parameters:
      configuration - the configuration (must not be null)
      Returns:
      the HTTP mechanism to use

    • getWsSecurityType

      public String getWsSecurityType(AuthenticationConfiguration configuration)
      Get the actual WS-Security type to use for the given configuration.
      Parameters:
      configuration - the configuration (must not be null)
      Returns:
      the WS-Security type to use

    • getPrincipal

      public Principal getPrincipal(AuthenticationConfiguration configuration)
      Get the authentication principal to use for the given configuration.
      Parameters:
      configuration - the configuration (must not be null)
      Returns:
      the authentication principal (not null)

    • getAuthorizationPrincipal

      public Principal getAuthorizationPrincipal(AuthenticationConfiguration configuration)
      Get the authorization principal to use for the given configuration.
      Parameters:
      configuration - the configuration (must not be null)
      Returns:
      the authorization principal, or null if none is specified

    • createSaslClient

      public SaslClient createSaslClient(URI uri, AuthenticationConfiguration configuration, Collection<String> offeredMechanisms) throws SaslException
      Create a SASL client using the given URI and configuration from the given SASL client factory.
      Parameters:
      uri - the target URI (must not be null)
      configuration - the authentication configuration (must not be null)
      offeredMechanisms - the available mechanisms (must not be null)
      Returns:
      the SASL client, or null if no clients were available or could be configured
      Throws:
      SaslException

    • createSaslClient

      public SaslClient createSaslClient(URI uri, AuthenticationConfiguration configuration, Collection<String> offeredMechanisms, UnaryOperator<SaslClientFactory> factoryOperator) throws SaslException
      Create a SASL client using the given URI and configuration from the given SASL client factory.
      Parameters:
      uri - the target URI (must not be null)
      configuration - the authentication configuration (must not be null)
      offeredMechanisms - the available mechanisms (must not be null)
      factoryOperator - a UnaryOperator to apply to the SaslClientFactory used
      Returns:
      the SASL client, or null if no clients were available or could be configured
      Throws:
      SaslException

    • createSaslClient

      public SaslClient createSaslClient(URI uri, AuthenticationConfiguration configuration, Collection<String> offeredMechanisms, UnaryOperator<SaslClientFactory> factoryOperator, SSLSession sslSession) throws SaslException
      Create a SASL client using the given URI and configuration from the given SASL client factory.
      Parameters:
      uri - the target URI (must not be null)
      configuration - the authentication configuration (must not be null)
      offeredMechanisms - the available mechanisms (must not be null)
      factoryOperator - a UnaryOperator to apply to the SaslClientFactory used
      sslSession - the SSL session active for this connection, or null for none
      Returns:
      the SASL client, or null if no clients were available or could be configured
      Throws:
      SaslException

    • getDestinationInetSocketAddress

      @Deprecated public InetSocketAddress getDestinationInetSocketAddress(URI uri, AuthenticationConfiguration configuration, int protocolDefaultPort)
      Deprecated.
      Use Inet.getResolved(java.net.URI, int) instead.
      Get the address of the destination from a configuration and URI. The configuration may rewrite the destination as needed.
      Parameters:
      uri - the connection URI (must not be null)
      configuration - the authentication configuration to use (must not be null)
      protocolDefaultPort - the default port for the protocol
      Returns:
      the address of the destination

    • getDestinationInetSocketAddress

      @Deprecated public InetSocketAddress getDestinationInetSocketAddress(AuthenticationConfiguration configuration)
      Deprecated.
      This configuration is not supported by most providers and will be removed in a future release.
      Get the address of the destination from a configuration. The configuration may rewrite the destination as needed.
      Parameters:
      configuration - the authentication configuration to use (must not be null)
      Returns:
      the address of the destination

    • connect

      @Deprecated public Socket connect(URI uri, AuthenticationConfiguration configuration, int protocolDefaultPort) throws IOException
      Deprecated.
      Use Inet.getResolved(java.net.URI, int) with Socket(InetAddress, int) instead.
      Connect a plain socket to the given URI.
      Parameters:
      uri - the connection URI
      configuration - the authentication configuration to use
      protocolDefaultPort - the default port for the protocol used in the URI
      Returns:
      the connected socket
      Throws:
      IOException - if socket creation or connection fails for some reason

    • getProviderSupplier

      public Supplier<Provider[]> getProviderSupplier(AuthenticationConfiguration configuration)
      Get a Supplier as a source for all Provider instances registered in the given configuration.
      Parameters:
      configuration - the authentication configuration to use (must not be null)
      Returns:
      a supplier as a source for Provider instances (not null)