Package io.helidon.security.providers.httpsign

Class HttpSignProvider

java.lang.Object

io.helidon.security.providers.httpsign.HttpSignProvider

All Implemented Interfaces:

AuthenticationProvider, OutboundSecurityProvider, SecurityProvider

public final class HttpSignProvider
extends Object
implements AuthenticationProvider, OutboundSecurityProvider

A provider that can authenticate incoming requests based on HTTP signature of header fields, and can create signatures for outbound requests.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	HttpSignProvider.Builder	Fluent API builder for this provider.

Method Summary

Modifier and Type	Method	Description
CompletionStage<AuthenticationResponse>	authenticate(ProviderRequest providerRequest)	Authenticate a request.
static HttpSignProvider.Builder	builder()	Create a builder to build this provider.
static HttpSignProvider	create(Config config)	Create a new instance of this provider from configuration.
boolean	isOutboundSupported(ProviderRequest providerRequest, SecurityEnvironment outboundEnv, EndpointConfig outboundConfig)	Check if the path to be executed is supported by this security provider.
CompletionStage<OutboundSecurityResponse>	outboundSecurity(ProviderRequest providerRequest, SecurityEnvironment outboundEnv, EndpointConfig outboundConfig)	Creates necessary updates to headers and entity needed for outbound security (e.g.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.helidon.security.spi.SecurityProvider

supportedAnnotations, supportedAttributes, supportedConfigKeys, supportedCustomObjects

Method Detail

create

public static HttpSignProvider create(Config config)

Create a new instance of this provider from configuration.

Parameters:

config - config located at this provider, expects "http-signature" to be a child

Returns:

provider configured from config

builder

public static HttpSignProvider.Builder builder()

Create a builder to build this provider.

Returns:

builder instance

authenticate

public CompletionStage<AuthenticationResponse> authenticate(ProviderRequest providerRequest)

Description copied from interface: AuthenticationProvider

Authenticate a request. This may be just resolving headers (tokens) or full authentication (basic auth). Do not throw exception for normal processing (e.g. invalid credentials; you may throw an exception in case of misconfiguration). This method will be invoked for inbound requests ONLY.

This method must provide either a Principal or a whole Subject either for a user or for service (or both).

Specified by:

authenticate in interface AuthenticationProvider

Parameters:

providerRequest - context of this security enforcement/validation

Returns:

response that either authenticates the request, fails authentication or abstains from authentication

See Also:

AuthenticationResponse.success(Subject)

isOutboundSupported

public boolean isOutboundSupported(ProviderRequest providerRequest,
                                   SecurityEnvironment outboundEnv,
                                   EndpointConfig outboundConfig)

Description copied from interface: OutboundSecurityProvider

Check if the path to be executed is supported by this security provider. Defaults to true.

Specified by:

isOutboundSupported in interface OutboundSecurityProvider

Parameters:

providerRequest - context with environment, subject(s) etc. that was received

outboundEnv - environment for outbound call

outboundConfig - outbound endpoint configuration

Returns:

true if this identity propagator can generate required headers for the path defined

outboundSecurity

public CompletionStage<OutboundSecurityResponse> outboundSecurity(ProviderRequest providerRequest,
                                                                  SecurityEnvironment outboundEnv,
                                                                  EndpointConfig outboundConfig)

Description copied from interface: OutboundSecurityProvider

Creates necessary updates to headers and entity needed for outbound security (e.g. identity propagation, s2s security etc.). This method will be invoked for outbound requests ONLY.

Specified by:

outboundSecurity in interface OutboundSecurityProvider

Parameters:

providerRequest - context with environment, subject(s) etc. that was received

outboundEnv - environment for outbound call

outboundConfig - outbound endpoint configuration

Returns:

response with generated headers and other possible configuration

See Also:

OutboundSecurityResponse.builder()