Package io.continual.iam.impl.common

Class CommonJsonDb<I extends CommonJsonIdentity,G extends CommonJsonGroup>

java.lang.Object

io.continual.iam.impl.common.CommonJsonDb<I,G>

Type Parameters:

I - an identity class

G - a group class

All Implemented Interfaces:

AccessDb<G>, AccessManager<G>, AclUpdateListener, IamDb<I,G>, IdentityDb<I>, IdentityManager<I>, TagManager, MetricsSupplier, Closeable, AutoCloseable

Direct Known Subclasses:

JsonDocDb

public abstract class CommonJsonDb<I extends CommonJsonIdentity,G extends CommonJsonGroup>
extends Object
implements IamDb<I,G>

CommonJsonDb manages identity related objects that are serialized in JSON

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static interface	CommonJsonDb.AclFactory

Field Summary

Fields

Modifier and Type	Field	Description
static String	kAlias
static String	kCreateTsMs
static String	kEnabled
static String	kExpireEpoch
static String	kPasswordBlock
static String	kPasswordHash
static String	kPasswordSalt
static String	kSecret
static String	kTagId
static String	kTagType
static String	kTagType_PasswordReset
static String	kUserId

Fields inherited from interface io.continual.iam.access.AccessDb

kCreateOperation, kDeleteOperation, kReadOperation, kWriteOperation

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	CommonJsonDb()
protected	CommonJsonDb(CommonJsonDb.AclFactory aclMaker, JwtProducer jwtProd)

Method Summary

Modifier and Type	Method	Description
void	addAlias(String userId, String alias)	Add a username/alias for this user.
void	addJwtValidator(JwtValidator v)	Add a JWT validator to the identity manager.
void	addUserToGroup(String groupId, String userId)	Add a user to a given group
protected boolean	aliasExists(String userId)
I	authenticate(ApiKeyCredential akc)	Authenticate with an API key and signature
I	authenticate(JwtCredential jwt)	Authenticate with a JWT token
I	authenticate(UsernamePasswordCredential upc)	Authenticate with a username and password
boolean	canUser(String id, Resource resource, String operation)	Can the given user perform the requested access?
boolean	completePasswordReset(String tagId, String newPassword)	Complete a password reset by providing a tag and a new password.
I	createAnonymousUser()	Create a new anonymous user in the identity manager.
ApiKey	createApiKey(String userId)
protected abstract org.json.JSONObject	createApiKeyObject(String userId, String apiKey, String apiSecret)
G	createGroup(String groupDesc)	Create a group
G	createGroup(String groupId, String groupDesc)	Create a group with a given group ID
String	createJwtToken(Identity ii)	Create a JWT token for the given identity.
protected abstract org.json.JSONObject	createNewGroup(String id, String groupDesc)
protected abstract org.json.JSONObject	createNewUser(String id)
String	createTag(String userId, String appTagType, long duration, TimeUnit durationTimeUnit, String nonce)	Create a tag for a given user id with a particular type and duration.
I	createUser(String userId)	Create a new user in the identity manager.
protected abstract void	deleteAclObject(String id)
protected abstract void	deleteAliasObject(String id)
protected abstract void	deleteApiKeyObject(String id)
protected abstract void	deleteGroupObject(String id)
protected abstract void	deleteTagObject(String id, String userId, String appTagType)
void	deleteUser(String userId)	Delete a user from the identity manager.
protected abstract void	deleteUserObject(String id)
static String	generateKey(int length, String nonce)
AccessControlList	getAclFor(Resource resource)	load an ACL for a resource
Collection<String>	getAliasesFor(String userId)	Get the aliases for a userId.
String	getAppNonce()	return a nonce value for used in seeding things like password salts
String	getUserIdForTag(String tagId)	Retrieves the userId associated with a tag.
Set<String>	getUsersGroups(String userId)	Find out which groups a user is a member of.
Set<String>	getUsersInGroup(String groupId)	Get the set of user IDs in a particular group.
protected abstract ApiKey	instantiateApiKey(String id, org.json.JSONObject data)
protected abstract G	instantiateGroup(String id, org.json.JSONObject data)
protected abstract I	instantiateIdentity(String id, org.json.JSONObject data)
void	invalidateJwtToken(String token)	Invalidate the given JWT token
protected abstract boolean	isInvalidJwtToken(String token)
protected abstract org.json.JSONObject	loadAclObject(String id)
protected abstract Collection<String>	loadAliasesForUser(String userId)
protected abstract org.json.JSONObject	loadAliasObject(String id)
protected abstract org.json.JSONObject	loadApiKeyObject(String id)
ApiKey	loadApiKeyRecord(String apiKey)	Load an API key record based on the API key ID.
protected abstract Collection<String>	loadApiKeysForUser(String userId)
G	loadGroup(String groupId)	Get a group by its identifier.
protected abstract org.json.JSONObject	loadGroupObject(String id)
protected abstract org.json.JSONObject	loadTagObject(String id, boolean expiredOk)
protected abstract org.json.JSONObject	loadTagObject(String userId, String appTagType, boolean expiredOk)
I	loadUser(String userId)	Load a user from the identity manager.
protected abstract org.json.JSONObject	loadUserObject(String id)
I	loadUserOrAlias(String userIdOrAlias)	Load a user from the identity manager.
void	onAclUpdate(AccessControlList acl)
void	populateMetrics(MetricsCatalog metrics)
void	removeAlias(String alias)	Remove a username/alias from the database.
void	removeMatchingTag(String userId, String appTagType)	Remove any matching tag for the given user and type.
void	removeUserFromGroup(String groupId, String userId)	Remove a user from a given group
void	restoreApiKey(ApiKey key)	Restore an API key into the API key store
protected abstract void	storeAclObject(String id, org.json.JSONObject data)
protected abstract void	storeAliasObject(String id, org.json.JSONObject data)
protected abstract void	storeApiKeyObject(String id, org.json.JSONObject data)
protected abstract void	storeGroupObject(String id, org.json.JSONObject data)
protected abstract void	storeInvalidJwtToken(String token)
protected abstract void	storeTagObject(String id, String userId, String appTagType, org.json.JSONObject data)
protected abstract void	storeUserObject(String id, org.json.JSONObject data)
boolean	userExists(String userId)	Find out if a given user exists.
boolean	userOrAliasExists(String userIdOrAlias)	Find out if a given user or alias exists.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.continual.iam.access.AccessManager

getAllGroups

Methods inherited from interface io.continual.iam.IamDb

close, start

Methods inherited from interface io.continual.iam.identity.IdentityManager

findUsers, getAllUsers, loadAllUsers

Methods inherited from interface io.continual.iam.tags.TagManager

sweepExpiredTags

Field Detail

kTagId

public static final String kTagId

See Also:

Constant Field Values

kUserId

public static final String kUserId

See Also:

Constant Field Values

kTagType

public static final String kTagType

See Also:

Constant Field Values

kExpireEpoch

public static final String kExpireEpoch

See Also:

Constant Field Values

kSecret

public static final String kSecret

See Also:

Constant Field Values

kAlias

public static final String kAlias

See Also:

Constant Field Values

kCreateTsMs

public static final String kCreateTsMs

See Also:

Constant Field Values

kEnabled

public static final String kEnabled

See Also:

Constant Field Values

kPasswordBlock

public static final String kPasswordBlock

See Also:

Constant Field Values

kPasswordSalt

public static final String kPasswordSalt

See Also:

Constant Field Values

kPasswordHash

public static final String kPasswordHash

See Also:

Constant Field Values

kTagType_PasswordReset

public static final String kTagType_PasswordReset

See Also:

Constant Field Values

Constructor Detail

CommonJsonDb

protected CommonJsonDb()

CommonJsonDb

protected CommonJsonDb(CommonJsonDb.AclFactory aclMaker,
                       JwtProducer jwtProd)

Method Detail

populateMetrics

public void populateMetrics(MetricsCatalog metrics)

Specified by:

populateMetrics in interface MetricsSupplier

userExists

public boolean userExists(String userId)
                   throws IamSvcException

Description copied from interface: IdentityManager

Find out if a given user exists.

Specified by:

userExists in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

userId - a user ID

Returns:

true if the user exists in the identity manager.

Throws:

IamSvcException - when the call cannot be completed due to a service error

userOrAliasExists

public boolean userOrAliasExists(String userIdOrAlias)
                          throws IamSvcException

Description copied from interface: IdentityManager

Find out if a given user or alias exists.

Specified by:

userOrAliasExists in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

userIdOrAlias - the user ID or an alias

Returns:

true if the user exists by userId or alias in the identity manager.

Throws:

IamSvcException - when the call cannot be completed due to a service error

aliasExists

protected boolean aliasExists(String userId)
                       throws IamSvcException

Throws:

IamSvcException

loadUser

public I loadUser(String userId)
           throws IamSvcException

Description copied from interface: IdentityManager

Load a user from the identity manager.

Specified by:

loadUser in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

userId - a user ID

Returns:

a user or null if the user doesn't exist

Throws:

IamSvcException - when the call cannot be completed due to a service error

loadUserOrAlias

public I loadUserOrAlias(String userIdOrAlias)
                  throws IamSvcException

Description copied from interface: IdentityManager

Load a user from the identity manager.

Specified by:

loadUserOrAlias in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

userIdOrAlias - the actual userId or an alias

Returns:

a user or null if the user doesn't exist

Throws:

IamSvcException - when the call cannot be completed due to a service error

createUser

public I createUser(String userId)
             throws IamSvcException,
                    IamIdentityExists

Description copied from interface: IdentityManager

Create a new user in the identity manager. The username for this user defaults to the userId value provided here.

Specified by:

createUser in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

userId - a user ID

Returns:

the new user

Throws:

IamSvcException - when the call cannot be completed due to a service error

IamIdentityExists - if the user exists

createAnonymousUser

public I createAnonymousUser()
                      throws IamSvcException

Description copied from interface: IdentityManager

Create a new anonymous user in the identity manager.

Specified by:

createAnonymousUser in interface IdentityManager<I extends CommonJsonIdentity>

Returns:

a new anonymous user

Throws:

IamSvcException - when the call cannot be completed due to a service error

deleteUser

public void deleteUser(String userId)
                throws IamSvcException

Description copied from interface: IdentityManager

Delete a user from the identity manager.

Specified by:

deleteUser in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

userId - a user ID

Throws:

IamSvcException - when the call cannot be completed due to a service error

completePasswordReset

public boolean completePasswordReset(String tagId,
                                     String newPassword)
                              throws IamSvcException

Description copied from interface: IdentityManager

Complete a password reset by providing a tag and a new password. The update will fail if the tag is unknown or has expired. See requestPasswordReset for details on creating a password reset tag.

Specified by:

completePasswordReset in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

tagId - a tag

newPassword - a new password

Returns:

true if the password was updated successfully.

Throws:

IamSvcException - when the call cannot be completed due to a service error

loadApiKeyRecord

public ApiKey loadApiKeyRecord(String apiKey)
                        throws IamSvcException

Description copied from interface: IdentityManager

Load an API key record based on the API key ID.

Specified by:

loadApiKeyRecord in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

apiKey - an API key

Returns:

an API key or null if it doesn't exist

Throws:

IamSvcException - when the call cannot be completed due to a service error

restoreApiKey

public void restoreApiKey(ApiKey key)
                   throws IamIdentityDoesNotExist,
                          IamBadRequestException,
                          IamSvcException

Restore an API key into the API key store

Specified by:

restoreApiKey in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

key -

Throws:

IamSvcException

IamBadRequestException

IamIdentityDoesNotExist

createJwtToken

public String createJwtToken(Identity ii)
                      throws IamSvcException

Description copied from interface: IdentityDb

Create a JWT token for the given identity.

Specified by:

createJwtToken in interface IdentityDb<I extends CommonJsonIdentity>

Parameters:

ii - an identity

Returns:

a JWT token

Throws:

IamSvcException - when the call cannot be completed due to a service error

authenticate

public I authenticate(ApiKeyCredential akc)
               throws IamSvcException

Description copied from interface: IdentityDb

Authenticate with an API key and signature

Specified by:

authenticate in interface IdentityDb<I extends CommonJsonIdentity>

Parameters:

akc - the API key credential

Returns:

an authenticated identity or null

Throws:

IamSvcException - when the call cannot be completed due to a service error

authenticate

public I authenticate(JwtCredential jwt)
               throws IamSvcException

Description copied from interface: IdentityDb

Authenticate with a JWT token

Specified by:

authenticate in interface IdentityDb<I extends CommonJsonIdentity>

Parameters:

jwt - the JWT credential

Returns:

an authenticated identity or null

Throws:

IamSvcException - when the call cannot be completed due to a service error

invalidateJwtToken

public void invalidateJwtToken(String token)
                        throws IamSvcException

Description copied from interface: IdentityDb

Invalidate the given JWT token

Specified by:

invalidateJwtToken in interface IdentityDb<I extends CommonJsonIdentity>

Parameters:

token - a JWT token

Throws:

IamSvcException - when the call cannot be completed due to a service error

authenticate

public I authenticate(UsernamePasswordCredential upc)
               throws IamSvcException

Description copied from interface: IdentityDb

Authenticate with a username and password

Specified by:

authenticate in interface IdentityDb<I extends CommonJsonIdentity>

Parameters:

upc - the username/password credential

Returns:

an authenticated identity or null

Throws:

IamSvcException - when the call cannot be completed due to a service error

createGroup

public G createGroup(String groupDesc)
              throws IamSvcException

Description copied from interface: AccessManager

Create a group

Specified by:

createGroup in interface AccessManager<I extends CommonJsonIdentity>

Parameters:

groupDesc - the group description

Returns:

a new group with the given description

Throws:

IamSvcException - when the call cannot be completed due to a service error

createGroup

public G createGroup(String groupId,
                     String groupDesc)
              throws IamGroupExists,
                     IamSvcException

Description copied from interface: AccessManager

Create a group with a given group ID

Specified by:

createGroup in interface AccessManager<I extends CommonJsonIdentity>

Parameters:

groupId - a group ID

groupDesc - a group description

Returns:

a new group with the given id and description

Throws:

IamGroupExists - if the group already exists

IamSvcException - when the call cannot be completed due to a service error

addUserToGroup

public void addUserToGroup(String groupId,
                           String userId)
                    throws IamIdentityDoesNotExist,
                           IamSvcException,
                           IamGroupDoesNotExist

Description copied from interface: AccessManager

Add a user to a given group

Specified by:

addUserToGroup in interface AccessManager<I extends CommonJsonIdentity>

Parameters:

groupId - a group ID

userId - a user ID

Throws:

IamIdentityDoesNotExist - when the identity doesn't exist

IamSvcException - when the call cannot be completed due to a service error

IamGroupDoesNotExist - if the group does not exist

removeUserFromGroup

public void removeUserFromGroup(String groupId,
                                String userId)
                         throws IamSvcException,
                                IamIdentityDoesNotExist,
                                IamGroupDoesNotExist

Description copied from interface: AccessManager

Remove a user from a given group

Specified by:

removeUserFromGroup in interface AccessManager<I extends CommonJsonIdentity>

Parameters:

groupId - a group ID

userId - a user ID

Throws:

IamSvcException - when the call cannot be completed due to a service error

IamIdentityDoesNotExist - when the identity doesn't exist

IamGroupDoesNotExist - if the group does not exist

getUsersGroups

public Set<String> getUsersGroups(String userId)
                           throws IamSvcException,
                                  IamIdentityDoesNotExist

Description copied from interface: AccessManager

Find out which groups a user is a member of.

Specified by:

getUsersGroups in interface AccessManager<I extends CommonJsonIdentity>

Parameters:

userId - a user ID

Returns:

a set of 0 or more group IDs

Throws:

IamSvcException - when the call cannot be completed due to a service error

IamIdentityDoesNotExist - when the identity doesn't exist

getUsersInGroup

public Set<String> getUsersInGroup(String groupId)
                            throws IamGroupDoesNotExist,
                                   IamSvcException

Description copied from interface: AccessManager

Get the set of user IDs in a particular group.

Specified by:

getUsersInGroup in interface AccessManager<I extends CommonJsonIdentity>

Parameters:

groupId - a group ID

Returns:

a set of 0 or more user IDs

Throws:

IamGroupDoesNotExist - when the identity doesn't exist

IamSvcException - when the call cannot be completed due to a service error

loadGroup

public G loadGroup(String groupId)
            throws IamSvcException

Description copied from interface: AccessDb

Get a group by its identifier.

Specified by:

loadGroup in interface AccessDb<I extends CommonJsonIdentity>

Parameters:

groupId - the group's ID

Returns:

a group, or null if it does not exist

Throws:

IamSvcException - if there's a problem in the IAM service

getAclFor

public AccessControlList getAclFor(Resource resource)
                            throws IamSvcException

Description copied from interface: AccessDb

load an ACL for a resource

Specified by:

getAclFor in interface AccessDb<I extends CommonJsonIdentity>

Parameters:

resource - the resource for which you want the ACL

Returns:

an ACL, or null if there is none

Throws:

IamSvcException - if there's a problem in the IAM service

onAclUpdate

public void onAclUpdate(AccessControlList acl)

Specified by:

onAclUpdate in interface AclUpdateListener

canUser

public boolean canUser(String id,
                       Resource resource,
                       String operation)
                throws IamSvcException

Description copied from interface: AccessDb

Can the given user perform the requested access?

Specified by:

canUser in interface AccessDb<I extends CommonJsonIdentity>

Parameters:

id - the identity/subject making the request

resource - the resource on which access is requested

operation - the operation

Returns:

true if the user is allowed to perform the operation, false otherwise

Throws:

IamSvcException - if there's a problem in the IAM service

createTag

public String createTag(String userId,
                        String appTagType,
                        long duration,
                        TimeUnit durationTimeUnit,
                        String nonce)
                 throws IamSvcException

Description copied from interface: TagManager

Create a tag for a given user id with a particular type and duration. If a tag for the same user with the same type exists, it's replaced with the new tag.

Specified by:

createTag in interface TagManager

Parameters:

userId - a user ID

appTagType - a tag type

duration - the length of time the tag should exist

durationTimeUnit - the time unit for the duration

nonce - used to seed random number generator

Returns:

a tag

Throws:

IamSvcException - if there's a problem in the IAM service

getUserIdForTag

public String getUserIdForTag(String tagId)
                       throws IamSvcException

Description copied from interface: TagManager

Retrieves the userId associated with a tag. If the tag has expired, null is returned.

Specified by:

getUserIdForTag in interface TagManager

Parameters:

tagId - a tag generated by createTag

Returns:

a user ID or null if no entry exists (or an entry existed but expired)

Throws:

IamSvcException - if there's a problem in the IAM service

removeMatchingTag

public void removeMatchingTag(String userId,
                              String appTagType)
                       throws IamSvcException

Description copied from interface: TagManager

Remove any matching tag for the given user and type.

Specified by:

removeMatchingTag in interface TagManager

Parameters:

userId - a user ID

appTagType - a tag type

Throws:

IamSvcException - if there's a problem in the IAM service

addAlias

public void addAlias(String userId,
                     String alias)
              throws IamSvcException,
                     IamBadRequestException

Description copied from interface: IdentityManager

Add a username/alias for this user. Identity DBs should normally support multiple aliases (username, email, mobile phone, etc.). Tracking them beyond being references to an identity record is done at the application level.

Specified by:

addAlias in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

userId - a user ID

alias - an alias

Throws:

IamSvcException - when the call cannot be completed due to a service error

IamBadRequestException - if the request is illegal

removeAlias

public void removeAlias(String alias)
                 throws IamBadRequestException,
                        IamSvcException

Description copied from interface: IdentityManager

Remove a username/alias from the database. A userId may not be removed (disable the user instead).

Specified by:

removeAlias in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

alias - an alias

Throws:

IamBadRequestException - If a userId is provided.

IamSvcException - when the call cannot be completed due to a service error

getAliasesFor

public Collection<String> getAliasesFor(String userId)
                                 throws IamSvcException,
                                        IamIdentityDoesNotExist

Description copied from interface: IdentityManager

Get the aliases for a userId. The result must be non-null but may be empty. The userId is not included in the list.

Specified by:

getAliasesFor in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

userId - a user ID

Returns:

a collection of 0 or more aliases for a userId

Throws:

IamSvcException - when the call cannot be completed due to a service error

IamIdentityDoesNotExist - if the identity does not exist

addJwtValidator

public void addJwtValidator(JwtValidator v)

Description copied from interface: IdentityManager

Add a JWT validator to the identity manager.

Specified by:

addJwtValidator in interface IdentityManager<I extends CommonJsonIdentity>

Parameters:

v - a validator

getAppNonce

public String getAppNonce()

return a nonce value for used in seeding things like password salts

Returns:

a string

createApiKey

public ApiKey createApiKey(String userId)
                    throws IamIdentityDoesNotExist,
                           IamSvcException,
                           IamBadRequestException

Throws:

IamIdentityDoesNotExist

IamSvcException

IamBadRequestException

createNewUser

protected abstract org.json.JSONObject createNewUser(String id)

loadUserObject

protected abstract org.json.JSONObject loadUserObject(String id)
                                               throws IamSvcException

Throws:

IamSvcException

storeUserObject

protected abstract void storeUserObject(String id,
                                        org.json.JSONObject data)
                                 throws IamSvcException

Throws:

IamSvcException

deleteUserObject

protected abstract void deleteUserObject(String id)
                                  throws IamSvcException

Throws:

IamSvcException

instantiateIdentity

protected abstract I instantiateIdentity(String id,
                                         org.json.JSONObject data)

createNewGroup

protected abstract org.json.JSONObject createNewGroup(String id,
                                                      String groupDesc)

loadGroupObject

protected abstract org.json.JSONObject loadGroupObject(String id)
                                                throws IamSvcException

Throws:

IamSvcException

storeGroupObject

protected abstract void storeGroupObject(String id,
                                         org.json.JSONObject data)
                                  throws IamSvcException

Throws:

IamSvcException

deleteGroupObject

protected abstract void deleteGroupObject(String id)
                                   throws IamSvcException

Throws:

IamSvcException

instantiateGroup

protected abstract G instantiateGroup(String id,
                                      org.json.JSONObject data)

createApiKeyObject

protected abstract org.json.JSONObject createApiKeyObject(String userId,
                                                          String apiKey,
                                                          String apiSecret)

loadApiKeyObject

protected abstract org.json.JSONObject loadApiKeyObject(String id)
                                                 throws IamSvcException

Throws:

IamSvcException

storeApiKeyObject

protected abstract void storeApiKeyObject(String id,
                                          org.json.JSONObject data)
                                   throws IamSvcException,
                                          IamIdentityDoesNotExist,
                                          IamBadRequestException

Throws:

IamSvcException

IamIdentityDoesNotExist

IamBadRequestException

deleteApiKeyObject

protected abstract void deleteApiKeyObject(String id)
                                    throws IamSvcException

Throws:

IamSvcException

instantiateApiKey

protected abstract ApiKey instantiateApiKey(String id,
                                            org.json.JSONObject data)

loadApiKeysForUser

protected abstract Collection<String> loadApiKeysForUser(String userId)
                                                  throws IamSvcException,
                                                         IamIdentityDoesNotExist

Throws:

IamSvcException

IamIdentityDoesNotExist

loadAclObject

protected abstract org.json.JSONObject loadAclObject(String id)
                                              throws IamSvcException

Throws:

IamSvcException

storeAclObject

protected abstract void storeAclObject(String id,
                                       org.json.JSONObject data)
                                throws IamSvcException

Throws:

IamSvcException

deleteAclObject

protected abstract void deleteAclObject(String id)
                                 throws IamSvcException

Throws:

IamSvcException

loadTagObject

protected abstract org.json.JSONObject loadTagObject(String id,
                                                     boolean expiredOk)
                                              throws IamSvcException

Throws:

IamSvcException

loadTagObject

protected abstract org.json.JSONObject loadTagObject(String userId,
                                                     String appTagType,
                                                     boolean expiredOk)
                                              throws IamSvcException

Throws:

IamSvcException

storeTagObject

protected abstract void storeTagObject(String id,
                                       String userId,
                                       String appTagType,
                                       org.json.JSONObject data)
                                throws IamSvcException

Throws:

IamSvcException

deleteTagObject

protected abstract void deleteTagObject(String id,
                                        String userId,
                                        String appTagType)
                                 throws IamSvcException

Throws:

IamSvcException

loadAliasObject

protected abstract org.json.JSONObject loadAliasObject(String id)
                                                throws IamSvcException

Throws:

IamSvcException

storeAliasObject

protected abstract void storeAliasObject(String id,
                                         org.json.JSONObject data)
                                  throws IamSvcException,
                                         IamBadRequestException

Throws:

IamSvcException

IamBadRequestException

deleteAliasObject

protected abstract void deleteAliasObject(String id)
                                   throws IamSvcException

Throws:

IamSvcException

loadAliasesForUser

protected abstract Collection<String> loadAliasesForUser(String userId)
                                                  throws IamSvcException,
                                                         IamIdentityDoesNotExist

Throws:

IamSvcException

IamIdentityDoesNotExist

storeInvalidJwtToken

protected abstract void storeInvalidJwtToken(String token)
                                      throws IamSvcException

Throws:

IamSvcException

isInvalidJwtToken

protected abstract boolean isInvalidJwtToken(String token)
                                      throws IamSvcException

Throws:

IamSvcException

generateKey

public static String generateKey(int length,
                                 String nonce)