io.inversion.action.security

Class AuthAction.JwtUserDao

java.lang.Object

io.inversion.action.security.AuthAction.JwtUserDao

All Implemented Interfaces:

AuthAction.UserDao

Enclosing class:

AuthAction

public static class AuthAction.JwtUserDao
extends java.lang.Object
implements AuthAction.UserDao

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static interface	AuthAction.JwtUserDao.RevokedTokenCache

Constructor Summary

Constructors

Constructor and Description
JwtUserDao()

Method Summary

Modifier and Type	Method and Description
protected void	addPermsToUser(User user, com.auth0.jwt.interfaces.Claim c)
protected User	createUserFromValidJwt(com.auth0.jwt.interfaces.DecodedJWT jwt)
protected java.util.List<java.lang.String>	getJwtSecrets(AuthAction action, java.lang.String apiName, java.lang.String tenant) Looks gwt signing secrets up as environment vars or sysprops.
AuthAction.JwtUserDao.RevokedTokenCache	getRevokedTokenCache()
User	getUser(AuthAction action, java.lang.String token, java.lang.String apiName, java.lang.String tenant)
User	getUser(AuthAction action, java.lang.String username, java.lang.String password, java.lang.String apiName, java.lang.String tenant)
java.lang.String	signJwt(com.auth0.jwt.JWTCreator.Builder jwtBuilder, AuthAction action, java.lang.String apiName, java.lang.String tenant)
AuthAction.JwtUserDao	withRevokedTokenCache(AuthAction.JwtUserDao.RevokedTokenCache revokedTokenCache)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.inversion.action.security.AuthAction.UserDao

getGuest

Constructor Detail

JwtUserDao

public JwtUserDao()

Method Detail

getUser

public User getUser(AuthAction action,
                    java.lang.String username,
                    java.lang.String password,
                    java.lang.String apiName,
                    java.lang.String tenant)
             throws ApiException

Specified by:

getUser in interface AuthAction.UserDao

Throws:

ApiException

getUser

public User getUser(AuthAction action,
                    java.lang.String token,
                    java.lang.String apiName,
                    java.lang.String tenant)
             throws ApiException

Specified by:

getUser in interface AuthAction.UserDao

Throws:

ApiException

createUserFromValidJwt

protected User createUserFromValidJwt(com.auth0.jwt.interfaces.DecodedJWT jwt)

addPermsToUser

protected void addPermsToUser(User user,
                              com.auth0.jwt.interfaces.Claim c)

getJwtSecrets

protected java.util.List<java.lang.String> getJwtSecrets(AuthAction action,
                                                         java.lang.String apiName,
                                                         java.lang.String tenant)

Looks gwt signing secrets up as environment vars or sysprops.

Finds the most specific keys keys first.

Parameters:

action - the action requesting the secrets

apiName - the name of the parent api

tenant - the tenant if there is one

Returns:

any jwt secrets found

signJwt

public java.lang.String signJwt(com.auth0.jwt.JWTCreator.Builder jwtBuilder,
                                AuthAction action,
                                java.lang.String apiName,
                                java.lang.String tenant)
                         throws java.lang.IllegalArgumentException,
                                com.auth0.jwt.exceptions.JWTCreationException,
                                java.io.UnsupportedEncodingException

Throws:

java.lang.IllegalArgumentException

com.auth0.jwt.exceptions.JWTCreationException

java.io.UnsupportedEncodingException

getRevokedTokenCache

public AuthAction.JwtUserDao.RevokedTokenCache getRevokedTokenCache()

withRevokedTokenCache

public AuthAction.JwtUserDao withRevokedTokenCache(AuthAction.JwtUserDao.RevokedTokenCache revokedTokenCache)