com.holonplatform.auth.internal

Class DefaultRealm

java.lang.Object

com.holonplatform.auth.internal.DefaultRealm

All Implemented Interfaces:

Authentication.AuthenticationNotifier, Authenticator<AuthenticationToken>, Authenticator.MessageAuthenticator, Authorizer<Permission>, Realm

public class DefaultRealm
extends Object
implements Realm

Default Realm implementation

Since:

5.0.0

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	DefaultRealm.RealmBuilder Default Builder implementation.

Nested classes/interfaces inherited from interface com.holonplatform.auth.Realm

Realm.Builder

Nested classes/interfaces inherited from interface com.holonplatform.auth.Authenticator

Authenticator.MessageAuthenticator

Field Summary

Fields inherited from interface com.holonplatform.auth.Realm

CONTEXT_KEY

Constructor Summary

Constructors

Constructor and Description
DefaultRealm() Constructor
DefaultRealm(String name) Constructor with Realm name.

Method Summary

Modifier and Type	Method and Description
void	addAuthenticationListener(Authentication.AuthenticationListener authenticationListener) Register an Authentication.AuthenticationListener.
void	addAuthenticationTokenResolver(AuthenticationToken.AuthenticationTokenResolver<?> authenticationTokenResolver) Add an AuthenticationToken.AuthenticationTokenResolver to translate messages into AuthenticationTokens.
<T extends AuthenticationToken> void	addAuthenticator(Authenticator<T> authenticator) Add a concrete Authenticator for a specific AuthenticationToken type to this Realm
<P extends Permission> void	addAuthorizer(Authorizer<P> authorizer) Add and Authorizer to support a specific Permission type
Authentication	authenticate(AuthenticationToken authenticationToken) Attempts to perform authentication using given AuthenticationToken.
Authentication	authenticate(Message<?,?> message, String... schemes) Try to authenticate given message with the same contract as Authenticator.authenticate(AuthenticationToken).
Optional<String>	getName() Get optional realm name.
Class<? extends Permission>	getPermissionType() Get supported Permission type
<T extends Message> List<AuthenticationToken.AuthenticationTokenResolver<T>>	getResolversForMessageType(Class<T> messageType) Get available AuthenticationToken.AuthenticationTokenResolvers for given message type
Class<? extends AuthenticationToken>	getTokenType() Get supported AuthenticationToken type
boolean	isPermitted(Authentication authentication, Collection<? extends Permission> permissions) Check if given Authentication has all the specified permissions.
boolean	isPermitted(Authentication authentication, Permission... permissions) Check if given Authentication has all the specified permission/s.
boolean	isPermitted(Authentication authentication, String... permissions) Check if given Authentication has all specified permission/s, using the String permission representation.
boolean	isPermittedAny(Authentication authentication, Collection<? extends Permission> permissions) Check if given Authentication has any of the specified permissions.
boolean	isPermittedAny(Authentication authentication, Permission... permissions) Check if given Authentication has any of the specified permission/s.
boolean	isPermittedAny(Authentication authentication, String... permissions) Check if given Authentication has any of the specified permission/s, using the String permission representation.
void	removeAuthenticationListener(Authentication.AuthenticationListener authenticationListener) Removes a registered Authentication.AuthenticationListener.
void	setName(String name) Set Realm name
boolean	supportsMessage(Class<? extends Message<?,?>> messageType) Check whether this MessageAuthenticator supports given message type
boolean	supportsPermission(Class<? extends Permission> permissionType) Returns whether this Realm supports given Permission type
boolean	supportsToken(Class<? extends AuthenticationToken> authenticationTokenType) Returns whether this Realm supports given AuthenticationToken type (i.e.
String	toString()

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface com.holonplatform.auth.Realm

builder, getCurrent, require

Methods inherited from interface com.holonplatform.auth.Authenticator

create

Methods inherited from interface com.holonplatform.auth.Authorizer

create

Constructor Detail

DefaultRealm

public DefaultRealm()

Constructor

DefaultRealm

public DefaultRealm(String name)

Constructor with Realm name.

Parameters:

name - Realm name

Method Detail

getName

public Optional<String> getName()

Description copied from interface: Realm

Get optional realm name. Should be unique at application level.

Specified by:

getName in interface Realm

Returns:

Realm name or an empty Optional if not available

setName

public void setName(String name)

Set Realm name

Parameters:

name - the name to set

getResolversForMessageType

public <T extends Message> List<AuthenticationToken.AuthenticationTokenResolver<T>> getResolversForMessageType(Class<T> messageType)

Description copied from interface: Authenticator.MessageAuthenticator

Get available AuthenticationToken.AuthenticationTokenResolvers for given message type

Specified by:

getResolversForMessageType in interface Authenticator.MessageAuthenticator

Type Parameters:

T - Message type

Parameters:

messageType - Message type

Returns:

List of AuthenticationTokenResolvers, in the order they were registered, or an empty list if none available

getTokenType

public Class<? extends AuthenticationToken> getTokenType()

Description copied from interface: Authenticator

Get supported AuthenticationToken type

Specified by:

getTokenType in interface Authenticator<AuthenticationToken>

Returns:

Supported AuthenticationToken type

addAuthenticator

public <T extends AuthenticationToken> void addAuthenticator(Authenticator<T> authenticator)

Description copied from interface: Realm

Add a concrete Authenticator for a specific AuthenticationToken type to this Realm

Specified by:

addAuthenticator in interface Realm

Type Parameters:

T - Authentication token type

Parameters:

authenticator - The Authenticator to add (not null)

supportsToken

public boolean supportsToken(Class<? extends AuthenticationToken> authenticationTokenType)

Description copied from interface: Realm

Returns whether this Realm supports given AuthenticationToken type (i.e. and Authenticator bound to given token type is registered in realm)

Specified by:

supportsToken in interface Realm

Parameters:

authenticationTokenType - AuthenticationToken type

Returns:

true if Realm supports given AuthenticationToken type

authenticate

public Authentication authenticate(AuthenticationToken authenticationToken)
                            throws AuthenticationException

Description copied from interface: Authenticator

Attempts to perform authentication using given AuthenticationToken.

If the authentication is successful, an Authentication instance is returned that represents the user's account data and provides authorization operations.

If authentication is not successful, a suitable exception should be thrown. See the specific exceptions listed below for builtin available authentication errors.

Specified by:

authenticate in interface Authenticator<AuthenticationToken>

Parameters:

authenticationToken - the authentication request token

Returns:

the Authentication that represents principal's account and authorization data

Throws:

AuthenticationException - Authentication failed

See Also:

DisabledAccountException, LockedAccountException, UnknownAccountException, ExpiredCredentialsException, InvalidCredentialsException, UnsupportedTokenException, UnexpectedAuthenticationException

addAuthenticationTokenResolver

public void addAuthenticationTokenResolver(AuthenticationToken.AuthenticationTokenResolver<?> authenticationTokenResolver)

Description copied from interface: Authenticator.MessageAuthenticator

Add an AuthenticationToken.AuthenticationTokenResolver to translate messages into AuthenticationTokens.

Specified by:

addAuthenticationTokenResolver in interface Authenticator.MessageAuthenticator

Parameters:

authenticationTokenResolver - The AuthenticationToken.AuthenticationTokenResolver to add (not null)

supportsMessage

public boolean supportsMessage(Class<? extends Message<?,?>> messageType)

Description copied from interface: Authenticator.MessageAuthenticator

Check whether this MessageAuthenticator supports given message type

Specified by:

supportsMessage in interface Authenticator.MessageAuthenticator

Parameters:

messageType - Message type to check

Returns:

true if message type is supported

authenticate

public Authentication authenticate(Message<?,?> message,
                                   String... schemes)
                            throws AuthenticationException

Description copied from interface: Authenticator.MessageAuthenticator

Try to authenticate given message with the same contract as Authenticator.authenticate(AuthenticationToken).

Message-based authentication is performed using a resolvers chain: all available resolvers for given message type are called in the order they where registered, and the first not null AuthenticationToken returned by a resolver is used for attempting authentication.

Specified by:

authenticate in interface Authenticator.MessageAuthenticator

Parameters:

message - Request message

schemes - Optional authentication schemes to use. If not null or empty, only AuthenticationToken.AuthenticationTokenResolvers bound to given scheme names will be used

Returns:

the Authentication that represents principal's account and authorization data

Throws:

AuthenticationException - Authentication failed

getPermissionType

public Class<? extends Permission> getPermissionType()

Description copied from interface: Authorizer

Get supported Permission type

Specified by:

getPermissionType in interface Authorizer<Permission>

Returns:

Supported Permission type

supportsPermission

public boolean supportsPermission(Class<? extends Permission> permissionType)

Description copied from interface: Realm

Returns whether this Realm supports given Permission type

Specified by:

supportsPermission in interface Realm

Parameters:

permissionType - Permission type

Returns:

true if this Realm supports given Permission type

addAuthorizer

public <P extends Permission> void addAuthorizer(Authorizer<P> authorizer)

Description copied from interface: Realm

Add and Authorizer to support a specific Permission type

Specified by:

addAuthorizer in interface Realm

Type Parameters:

P - Permission type

Parameters:

authorizer - The Authorizer to add (not null)

isPermitted

public boolean isPermitted(Authentication authentication,
                           Permission... permissions)

Description copied from interface: Authorizer

Check if given Authentication has all the specified permission/s.

Specified by:

isPermitted in interface Authorizer<Permission>

Parameters:

authentication - The Authentication for which to check the permissions

permissions - The permissions to be checked

Returns:

true if given Authentication has all the specified permissions

isPermitted

public boolean isPermitted(Authentication authentication,
                           String... permissions)

Description copied from interface: Authorizer

Check if given Authentication has all specified permission/s, using the String permission representation.

String permission match against Authentication Permissions should be performed using the Permission.getPermission() method.

Specified by:

isPermitted in interface Authorizer<Permission>

Parameters:

authentication - The Authentication for which to check the permissions

permissions - The permissions to be checked

Returns:

true if given Authentication has all the specified permissions

isPermittedAny

public boolean isPermittedAny(Authentication authentication,
                              Permission... permissions)

Description copied from interface: Authorizer

Check if given Authentication has any of the specified permission/s.

Specified by:

isPermittedAny in interface Authorizer<Permission>

Parameters:

authentication - The Authentication for which to check the permissions

permissions - The permissions to be checked

Returns:

true if given Authentication has any of the specified permission

isPermittedAny

public boolean isPermittedAny(Authentication authentication,
                              String... permissions)

Description copied from interface: Authorizer

Check if given Authentication has any of the specified permission/s, using the String permission representation.

String permission match against Authentication Permissions will be performed using Permission.getPermission() method.

Specified by:

isPermittedAny in interface Authorizer<Permission>

Parameters:

authentication - The Authentication for which to check the permissions

permissions - The permissions to be checked

Returns:

true if given Authentication has any of the specified permission

isPermitted

public boolean isPermitted(Authentication authentication,
                           Collection<? extends Permission> permissions)

Description copied from interface: Authorizer

Check if given Authentication has all the specified permissions.

Specified by:

isPermitted in interface Authorizer<Permission>

Parameters:

authentication - The Authentication for which to check the permissions

permissions - The permissions to be checked

Returns:

true if given Authentication has all the specified permissions

isPermittedAny

public boolean isPermittedAny(Authentication authentication,
                              Collection<? extends Permission> permissions)

Description copied from interface: Authorizer

Check if given Authentication has any of the specified permissions.

Specified by:

isPermittedAny in interface Authorizer<Permission>

Parameters:

authentication - The Authentication for which to check the permissions

permissions - The permissions to be checked

Returns:

true if given Authentication has any of the specified permission

addAuthenticationListener

public void addAuthenticationListener(Authentication.AuthenticationListener authenticationListener)

Description copied from interface: Authentication.AuthenticationNotifier

Register an Authentication.AuthenticationListener.

Specified by:

addAuthenticationListener in interface Authentication.AuthenticationNotifier

Parameters:

authenticationListener - The listener to add (not null)

removeAuthenticationListener

public void removeAuthenticationListener(Authentication.AuthenticationListener authenticationListener)

Description copied from interface: Authentication.AuthenticationNotifier

Removes a registered Authentication.AuthenticationListener.

Specified by:

removeAuthenticationListener in interface Authentication.AuthenticationNotifier

Parameters:

authenticationListener - Listener to remove

toString

public String toString()

Overrides:

toString in class Object