Package io.helidon.security
Class ProviderRequest
- java.lang.Object
-
- io.helidon.security.ProviderRequest
-
- All Implemented Interfaces:
AbacSupport
public class ProviderRequest extends Object implements AbacSupport
A request sent to security providers. Contains all information that may be needed to authenticate or authorize a request:- User's subject:
subject()
- if user is authenticated - Service subject:
service()
- if service is authenticated - Environment information:
env()
- path, method etc. - Object:
getObject()
- target resource, if provided by user - Security context:
securityContext()
- current subjects and information about security context of this request - Endpoint configuration:
endpointConfig()
- annotations, endpoint specific configuration, custom objects, custom atttributes
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface io.helidon.security.util.AbacSupport
AbacSupport.BasicAttributes
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description Collection<String>
abacAttributeNames()
A collection of all property names in this container.Object
abacAttributeRaw(String key)
Return the actual property value or null if not present.EndpointConfig
endpointConfig()
Configuration of the invoked endpoint, such as annotations declared.SecurityEnvironment
env()
Environment of current request, such as the URI invoked, time to use for security decisions etc.Optional<Object>
getObject()
The object of this request.static Optional<Object>
getValue(Object object, String key)
Get a value of a property from an object.Optional<Entity>
requestEntity()
Deprecated.entity access is going to be removed from securityOptional<Entity>
responseEntity()
Deprecated.entity access is going to be removed from securitySecurityContext
securityContext()
Security context associated with current request.Optional<Subject>
service()
Current service subject, if already authenticated.Optional<Subject>
subject()
Current user subject, if already authenticated.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface io.helidon.security.util.AbacSupport
abacAttribute
-
-
-
-
Method Detail
-
getValue
public static Optional<Object> getValue(Object object, String key)
Get a value of a property from an object. If object implementsAbacSupport
the value is obtained throughAbacSupport.abacAttribute(String)
, if not, the value is obtained by reflection from a public field or a public getter method. The method name may be (for attribute called for example "audit"):- audit
- getAudit
- isAudit
- shouldAudit
- hasAudit
- Parameters:
object
- object to get attribute fromkey
- key of the attribute- Returns:
- value of the attribute if found
-
endpointConfig
public EndpointConfig endpointConfig()
Configuration of the invoked endpoint, such as annotations declared.- Returns:
- endpoint config
-
securityContext
public SecurityContext securityContext()
Security context associated with current request.- Returns:
- security context
-
subject
public Optional<Subject> subject()
Current user subject, if already authenticated.- Returns:
- user subject or empty
-
service
public Optional<Subject> service()
Current service subject, if already authenticated.- Returns:
- service subject or empty.
-
env
public SecurityEnvironment env()
Environment of current request, such as the URI invoked, time to use for security decisions etc.- Returns:
- security environment
-
getObject
public Optional<Object> getObject()
The object of this request. Security request may be configured for a specific entity (e.g. if this is an entity modification request, the entity itself may be provided to help in a security task.- Returns:
- the object or empty if not known
-
requestEntity
@Deprecated public Optional<Entity> requestEntity()
Deprecated.entity access is going to be removed from securityAccess request message entity.- Returns:
- Entity of the request, if current request has entity
-
responseEntity
@Deprecated public Optional<Entity> responseEntity()
Deprecated.entity access is going to be removed from securityAccess response message entity.- Returns:
- Entity of the response, if current response can have entity
-
abacAttributeRaw
public Object abacAttributeRaw(String key)
Description copied from interface:AbacSupport
Return the actual property value or null if not present. This is the only method that needs to be implemented.- Specified by:
abacAttributeRaw
in interfaceAbacSupport
- Parameters:
key
- key (name) of the property- Returns:
- value of the property or null
-
abacAttributeNames
public Collection<String> abacAttributeNames()
Description copied from interface:AbacSupport
A collection of all property names in this container.- Specified by:
abacAttributeNames
in interfaceAbacSupport
- Returns:
- collection of keys
-
-