io.apiman.common.auth

Class AuthTokenUtil

java.lang.Object

io.apiman.common.auth.AuthTokenUtil

public class AuthTokenUtil
extends Object

A simple class to generate and consume authentication tokens. This is a very naive token-based authentication mechanism. It is useful for unit testing and demos, but should not be used in production as it is not secure. In production, it is better to use OAuth or some other mature bearer token style authentication approach.

Author:

eric.wittmann@redhat.com

Constructor Summary

Constructors

Constructor and Description
AuthTokenUtil()

Method Summary

Methods

Modifier and Type	Method and Description
static AuthToken	consumeToken(String encodedJson) Consumes an auth token, validating it during the process.
static AuthToken	createAuthToken(String principal, Set<String> roles, int expiresInMillis) Creates an auth token.
static AuthToken	fromJSON(String json) Read the auth token from the JSON string.
static String	produceToken(String principal, Set<String> roles, int expiresInMillis) Produce a token suitable for transmission.
static void	signAuthToken(AuthToken token) Adds a digital signature to the auth token.
static String	toJSON(AuthToken token) Convert the auth token to a JSON string.
static void	validateToken(AuthToken token) Validates an auth token.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthTokenUtil

public AuthTokenUtil()

Method Detail

produceToken

public static final String produceToken(String principal,
                  Set<String> roles,
                  int expiresInMillis)

Produce a token suitable for transmission. This will generate the auth token, then serialize it to a JSON string, then Base64 encode the JSON.

Parameters:

principal - the auth principal

roles - the auth roles

expiresInMillis - the number of millis to expiry

Returns:

the token

consumeToken

public static final AuthToken consumeToken(String encodedJson)
                                    throws IllegalArgumentException

Consumes an auth token, validating it during the process. If successful, the AuthToken is returned. If the token is invalid (expired or bad signature) then an IllegalArgumentException is thrown. Any other error will result in a runtime exception.

Parameters:

encodedJson - the raw token

Returns:

the token

Throws:

IllegalArgumentException - indicate that a method has been passed an illegal or inappropriate argument

validateToken

public static final void validateToken(AuthToken token)
                                throws IllegalArgumentException

Validates an auth token. This checks the expiration time of the token against the current system time. It also checks the validity of the signature.

Parameters:

token - the authentication token

Throws:

IllegalArgumentException - when the token is invalid

createAuthToken

public static final AuthToken createAuthToken(String principal,
                        Set<String> roles,
                        int expiresInMillis)

Creates an auth token.

Parameters:

principal - the auth principal

roles - the auth roles

expiresInMillis - the number of millis to expiry

Returns:

the auth token

signAuthToken

public static final void signAuthToken(AuthToken token)

Adds a digital signature to the auth token.

Parameters:

token - the auth token

toJSON

public static final String toJSON(AuthToken token)

Convert the auth token to a JSON string.

Parameters:

token - the auth token

Returns:

the token as json

fromJSON

public static final AuthToken fromJSON(String json)

Read the auth token from the JSON string.

Parameters:

json - the token as a json string

Returns:

the token