public class BaseResourceEndpoint extends BaseEndpoint
| Constructor and Description |
|---|
BaseResourceEndpoint() |
| Modifier and Type | Method and Description |
|---|---|
String |
extractAccessToken(String authorization,
String accessTokenInRequestParameters)
Extract an access token from either
Authorization header
or request parameters. |
AccessTokenInfo |
validateAccessToken(com.authlete.common.api.AuthleteApi api,
String accessToken)
Validate an access token.
|
AccessTokenInfo |
validateAccessToken(com.authlete.common.api.AuthleteApi api,
String accessToken,
String[] requiredScopes)
Validate an access token.
|
AccessTokenInfo |
validateAccessToken(com.authlete.common.api.AuthleteApi api,
String accessToken,
String[] requiredScopes,
String requiredSubject)
Validate an access token.
|
onErrorpublic String extractAccessToken(String authorization, String accessTokenInRequestParameters)
Authorization header
or request parameters.
The first argument expects a value of Authorization header
that complies with RFC 6750 (Bearer Token Usage). If the argument contains an
access token, this method returns the access token without checking
the second argument.
The second argument expects a value of access_token
request parameter. The value of this argument is returned when
the first argument does not contain an access token.
authorization - A value of Authorization header whose scheme is
Bearer. For example, "Bearer SlAV32hkKG".accessTokenInRequestParameters - A value of access_token request parameter.public AccessTokenInfo validateAccessToken(com.authlete.common.api.AuthleteApi api, String accessToken) throws javax.ws.rs.WebApplicationException
validate(api, accessToken, null, null).api - Implementation of AuthleteApi interface.accessToken - An access token to validate.javax.ws.rs.WebApplicationException - The access token is invalid. To be concrete, the access
token does not exist or it has expired.public AccessTokenInfo validateAccessToken(com.authlete.common.api.AuthleteApi api, String accessToken, String[] requiredScopes) throws javax.ws.rs.WebApplicationException
validate(api, accessToken, requiredScopes, null).api - Implementation of AuthleteApi interface.accessToken - An access token to validate.requiredScopes - Scopes that must be associated with the access token.
null is okay.javax.ws.rs.WebApplicationException - The access token is invalid. To be concrete, one or more of
the following conditions meet.
public AccessTokenInfo validateAccessToken(com.authlete.common.api.AuthleteApi api, String accessToken, String[] requiredScopes, String requiredSubject) throws javax.ws.rs.WebApplicationException
This method internally creates a AccessTokenValidator instance and
calls its validate() method. Then, this method uses the value returned from the
validate() method as a response from this method.
When AccessTokenValidator.validate() method raises a WebApplicationException, this method calls onError() method with the exception. The default implementation of onError()
calls printStackTrace() of the exception and does nothing else. You
can override the method as necessary. After calling onError() method,
this method re-throws the exception. The response contained in the exception
complies with the requirements described in RFC 6750 (The OAuth 2.0 Authorization
Framework: Bearer Token Usage).
api - Implementation of AuthleteApi interface.accessToken - An access token to validate.requiredScopes - Scopes that must be associated with the access token.
null is okay.requiredSubject - Subject (= user's unique identifier) that must be associated
with the access token. null is okay.javax.ws.rs.WebApplicationException - The access token is invalid. To be concrete, one or more of
the following conditions meet.
Copyright © 2016. All rights reserved.