Source code

001package ca.uhn.fhir.rest.client.interceptor;
002
003/*
004 * #%L
005 * HAPI FHIR - Client Framework
006 * %%
007 * Copyright (C) 2014 - 2019 University Health Network
008 * %%
009 * Licensed under the Apache License, Version 2.0 (the "License");
010 * you may not use this file except in compliance with the License.
011 * You may obtain a copy of the License at
012 * 
013 *      http://www.apache.org/licenses/LICENSE-2.0
014 * 
015 * Unless required by applicable law or agreed to in writing, software
016 * distributed under the License is distributed on an "AS IS" BASIS,
017 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
018 * See the License for the specific language governing permissions and
019 * limitations under the License.
020 * #L%
021 */
022
023import org.apache.commons.lang3.Validate;
024
025import ca.uhn.fhir.rest.api.Constants;
026import ca.uhn.fhir.rest.client.api.*;
027import ca.uhn.fhir.util.CoverageIgnore;
028
029/**
030 * HTTP interceptor to be used for adding HTTP Authorization using "bearer tokens" to requests. Bearer tokens are used for protocols such as OAUTH2 (see the
031 * <a href="http://tools.ietf.org/html/rfc6750">RFC 6750</a> specification on bearer token usage for more information).
032 * <p>
033 * This interceptor adds a header resembling the following:<br>
034 * &nbsp;&nbsp;&nbsp;<code>Authorization: Bearer dsfu9sd90fwp34.erw0-reu</code><br>
035 * where the token portion (at the end of the header) is supplied by the invoking code.
036 * </p>
037 * <p>
038 * See the <a href="http://jamesagnew.github.io/hapi-fhir/doc_rest_client_interceptor.html#Security_HTTP_Bearer_Token_Authorization">HAPI Documentation</a> for information on how to use this class.
039 * </p>
040 */
041public class BearerTokenAuthInterceptor implements IClientInterceptor {
042
043        private String myToken;
044
045        /**
046         * Constructor. If this constructor is used, a token must be supplied later
047         */
048        @CoverageIgnore
049        public BearerTokenAuthInterceptor() {
050                // nothing
051        }
052
053        /**
054         * Constructor
055         * 
056         * @param theToken
057         *           The bearer token to use (must not be null)
058         */
059        public BearerTokenAuthInterceptor(String theToken) {
060                Validate.notNull("theToken must not be null");
061                myToken = theToken;
062        }
063
064        /**
065         * Returns the bearer token to use
066         */
067        public String getToken() {
068                return myToken;
069        }
070
071        @Override
072        public void interceptRequest(IHttpRequest theRequest) {
073                theRequest.addHeader(Constants.HEADER_AUTHORIZATION, (Constants.HEADER_AUTHORIZATION_VALPREFIX_BEARER + myToken));
074        }
075
076        @Override
077        public void interceptResponse(IHttpResponse theResponse) {
078                // nothing
079        }
080
081        /**
082         * Sets the bearer token to use
083         */
084        public void setToken(String theToken) {
085                myToken = theToken;
086        }
087
088}