AuthorizationDecisionHandlerSpiAdapter (com.authlete:authlete-java-jaxrs 1.3 API)

java.lang.Object
- com.authlete.jaxrs.spi.AuthorizationDecisionHandlerSpiAdapter

All Implemented Interfaces:

AuthorizationDecisionHandlerSpi
```
public class AuthorizationDecisionHandlerSpiAdapter
extends Object
implements AuthorizationDecisionHandlerSpi
```
Empty implementation of AuthorizationDecisionHandlerSpi interface.

Author:

Takahiko Kawasaki

Constructor Summary

Constructors
Constructor and Description

AuthorizationDecisionHandlerSpiAdapter()

Constructors
Constructor and Description
`AuthorizationDecisionHandlerSpiAdapter()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`String`	`getAcr()` Get the authentication context class reference (ACR) that was satisfied when the current end-user was authenticated.
`com.authlete.common.dto.Property[]`	`getProperties()` Get extra properties to associate with an access token and/or an authorization code.
`long`	`getUserAuthenticatedAt()` Get the time when the end-user was authenticated.
`Object`	`getUserClaim(String claimName, String languageTag)` Get the value of a claim of the user.
`String`	`getUserSubject()` Get the subject (= unique identifier) of the end-user.
`boolean`	`isClientAuthorized()` Get the decision on the authorization request.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - AuthorizationDecisionHandlerSpiAdapter
```
public AuthorizationDecisionHandlerSpiAdapter()
```
- Method Detail
  - isClientAuthorized
```
public boolean isClientAuthorized()
```
    Description copied from interface: AuthorizationDecisionHandlerSpi
    
    Get the decision on the authorization request.
    
    Specified by:
    
    isClientAuthorized in interface AuthorizationDecisionHandlerSpi
    
    Returns:
    
    true if the end-user has decided to grant authorization to the client application. Otherwise, false.
  - getUserAuthenticatedAt
```
public long getUserAuthenticatedAt()
```
    Description copied from interface: AuthorizationDecisionHandlerSpi
    Get the time when the end-user was authenticated.
    For example, if an authorization always requires an end-user to login, the authentication time is always "just now", so the implementation of this method will be like the following.
    @Override public long getUserAuthenticatedAt() { return System.currentTimeMillis() / 1000; }
    This method is not called when AuthorizationDecisionHandlerSpi.isClientAuthorized() has returned false.
    Specified by:
    
    getUserAuthenticatedAt in interface AuthorizationDecisionHandlerSpi
    
    Returns:
    
    The time when the end-user authentication occurred. The number of seconds since Unix epoch (1970-01-01). Return 0 if the time is unknown.
  - getUserSubject
```
public String getUserSubject()
```
    Description copied from interface: AuthorizationDecisionHandlerSpi
    
    Get the subject (= unique identifier) of the end-user. It must consist of only ASCII letters and its length must not exceed 100.
    In a typical case, the subject is a primary key or another unique ID of the record that represents the end-user in your user database.
    
    This method is not called when AuthorizationDecisionHandlerSpi.isClientAuthorized() has returned false.
    
    Specified by:
    
    getUserSubject in interface AuthorizationDecisionHandlerSpi
    
    Returns:
    
    The subject (= unique identifier) of the end-user. Returning null makes the authorization request fail.
  - getAcr
```
public String getAcr()
```
    Description copied from interface: AuthorizationDecisionHandlerSpi
    
    Get the authentication context class reference (ACR) that was satisfied when the current end-user was authenticated.
    The value returned by this method has an important meaning only when an authorization requests acr claim as an essential claim. Practically speaking, it is unlikely to happen. See "5.5.1.1. Requesting the "acr" Claim" in OpenID Connect Core 1.0 if you are interested in the details.
    
    If you don't know what ACR is, return null.
    
    Specified by:
    
    getAcr in interface AuthorizationDecisionHandlerSpi
    
    Returns:
    
    The authentication context class reference (ACR) that was satisfied when the current end-user was authenticated.
  - getUserClaim
```
public Object getUserClaim(String claimName,
                           String languageTag)
```
    Description copied from interface: AuthorizationDecisionHandlerSpi
    
    Get the value of a claim of the user.
    This method may be called multiple times. On the other hand, this method is not called when AuthorizationDecisionHandlerSpi.isClientAuthorized() has returned false or when AuthorizationDecisionHandlerSpi.getUserSubject() has returned null.
    
    Specified by:
    
    getUserClaim in interface AuthorizationDecisionHandlerSpi
    
    Parameters:
    
    claimName - A claim name such as name and family_name. Standard claim names are listed in "5.1. Standard Claims" of OpenID Connect Core 1.0. Java constant values that represent the standard claims are listed in StandardClaims class. The value of claimName does NOT contain a language tag.
    
    languageTag - A language tag such as en and ja. Implementations should take this into account whenever possible. See "5.2. Claims Languages and Scripts" in OpenID Connect Core 1.0 for details.
    
    Returns:
    
    The claim value. null if the claim value of the claim is not available.
  - getProperties
```
public com.authlete.common.dto.Property[] getProperties()
```
    Description copied from interface: AuthorizationDecisionHandlerSpi
    Get extra properties to associate with an access token and/or an authorization code.
    This method is expected to return an array of extra properties. The following is an example that returns an array containing one extra property.
```
 @Override
 public Property[] getProperties()
 {
     return new Property[] {
         new Property("example_parameter", "example_value")
     };
 }
```
    Extra properties returned from this method will appear as top-level entries in a JSON response from an authorization server as shown in 5.1. Successful Response in RFC 6749.
    
    Keys listed below should not be used and they would be ignored on the server side even if they were used. It's because they are reserved in RFC 6749 and OpenID Connect Core 1.0.
    - access_token
    - token_type
    - expires_in
    - refresh_token
    - scope
    - error
    - error_description
    - error_uri
    - id_token
    Note that there is an upper limit on the total size of extra properties. On the server side, the properties will be (1) converted to a multidimensional string array, (2) converted to JSON, (3) encrypted by AES/CBC/PKCS5Padding, (4) encoded by base64url, and then stored into the database. The length of the resultant string must not exceed 65,535 in bytes. This is the upper limit, but we think it is big enough.
    Specified by:
    
    getProperties in interface AuthorizationDecisionHandlerSpi
    
    Returns:
    
    Extra properties. If null is returned, any extra property will not be associated.

Class AuthorizationDecisionHandlerSpiAdapter

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

AuthorizationDecisionHandlerSpiAdapter

Method Detail

isClientAuthorized

getUserAuthenticatedAt

getUserSubject

getAcr

getUserClaim

getProperties