java.lang.Object
io.helidon.security.util.TokenHandler
Extracts a security token from request or updates headers with the token.
Currently supports headers as sources of tokens. The token is then extracted either
with a prefix (e.g. basic ) or with a regular expression (first group in the regexp).
When building header, it is created in the same way. To create a more complicated header, you can
use configuration option token-format that will be processed using
String.format(String, Object...)
with the token
as a single string argument.-
Nested Class Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
Add the token as a new header value.static TokenHandler.Builder
builder()
Fluent API builder to createTokenHandler
.static TokenHandler
Create aTokenHandler
from configuration.extractToken
(String tokenRawValue) Extracts the token from the string value of the header (or other field).extractToken
(Map<String, List<String>> headers) Extracts the token from request.static TokenHandler
A shortcut method to build a token handler that does not modify the token content.void
Set the token as a new header.Name of the header the token is expected in (or will be written into).
-
Method Details
-
builder
Fluent API builder to createTokenHandler
.- Returns:
- new builder instance
-
forHeader
A shortcut method to build a token handler that does not modify the token content.- Parameters:
header
- header name (to read or write to)- Returns:
- a new instance for the header name
-
create
Create aTokenHandler
from configuration. Expected configuration (to be located on token key):token { header = "Authorization" # or do not specify - then the whole header is considered to be the token value prefix = "bearer " # optional alternative - looking for first matching group #regexp = "bearer (.*)" }
- Parameters:
config
- config to parse into an instance of this object- Returns:
- a new instance configured from config
-
extractToken
Extracts the token from request. If expected header is not present, returns empty optional, otherwise parses the token according to configuration. If the header does not satisfy the configuration (e.g. invalid prefix, wrong pattern), throws exception.- Parameters:
headers
- Headers to extract token from- Returns:
- token value or empty in case the token is not present in request
- Throws:
SecurityException
- in case the token data is malformed
-
extractToken
Extracts the token from the string value of the header (or other field).- Parameters:
tokenRawValue
- such as "bearer AAAAAAA"- Returns:
- token extracted based on the configured rules
-
tokenHeader
Name of the header the token is expected in (or will be written into).- Returns:
- header name
-
header
Set the token as a new header. Creates the header if not present, replaces header value if present.- Parameters:
headers
- Headers to updatetoken
- Token value
-
addHeader
Add the token as a new header value. Creates the header if not present, adds header value to list of values if present.- Parameters:
headers
- Headers to updatetoken
- Token value
-