TokenManager (CDAP Security 3.3.4 API)

java.lang.Object
- com.google.common.util.concurrent.AbstractIdleService
- - co.cask.cdap.security.auth.TokenManager

All Implemented Interfaces:

com.google.common.util.concurrent.Service
```
public class TokenManager
extends com.google.common.util.concurrent.AbstractIdleService
```
Provides a simple interface to generate and validate AccessTokens.

Nested Class Summary
- Nested classes/interfaces inherited from interface com.google.common.util.concurrent.Service
  com.google.common.util.concurrent.Service.Listener, com.google.common.util.concurrent.Service.State

Field Summary

Fields
Modifier and Type Field and Description

protected KeyManager keyManager

Fields
Modifier and Type	Field and Description
`protected KeyManager`	`keyManager`

Constructor Summary

Constructors
Constructor and Description

TokenManager(KeyManager keyManager, Codec<AccessTokenIdentifier> identifierCodec)

Constructors
Constructor and Description
`TokenManager(KeyManager keyManager, Codec<AccessTokenIdentifier> identifierCodec)`

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`shutDown()`
`AccessToken`	`signIdentifier(AccessTokenIdentifier identifier)` Generates a signature for the given token value, using the currently active secret key.
`void`	`startUp()`
`void`	`validateSecret(AccessToken token)` Given an `AccessToken` instance, checks that the token has not yet expired and that the digest matches the expected value.

Methods inherited from class com.google.common.util.concurrent.AbstractIdleService
addListener, executor, isRunning, start, startAndWait, state, stop, stopAndWait, toString

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Field Detail
  - keyManager
```
protected final KeyManager keyManager
```
- Constructor Detail
  - TokenManager
```
@Inject
public TokenManager(KeyManager keyManager,
                   Codec<AccessTokenIdentifier> identifierCodec)
```
- Method Detail
  - startUp
```
public void startUp()
```
    Specified by:
    
    startUp in class com.google.common.util.concurrent.AbstractIdleService
  - shutDown
```
public void shutDown()
```
    Specified by:
    
    shutDown in class com.google.common.util.concurrent.AbstractIdleService
  - signIdentifier
```
public AccessToken signIdentifier(AccessTokenIdentifier identifier)
```
    Generates a signature for the given token value, using the currently active secret key.
    
    Parameters:
    identifier - Verified identity for which a token should be generated.
    
    Returns:
    A token containing the verified identify and a digest of its contents.
  - validateSecret
```
public void validateSecret(AccessToken token)
                    throws InvalidTokenException
```
    Given an AccessToken instance, checks that the token has not yet expired and that the digest matches the expected value. To validate the token digest, we recompute the digest value, based on the asserted identity and our own view of the secret keys.
    
    Parameters:
    token - The token instance to validate.
    
    Throws:
    
    InvalidTokenException - If the provided token instance is expired or the digest does not match the recomputed value.

Class TokenManager

Nested Class Summary

Nested classes/interfaces inherited from interface com.google.common.util.concurrent.Service

Field Summary

Constructor Summary

Method Summary

Methods inherited from class com.google.common.util.concurrent.AbstractIdleService

Methods inherited from class java.lang.Object

Field Detail

keyManager

Constructor Detail

TokenManager

Method Detail

startUp

shutDown

signIdentifier

validateSecret