Package io.helidon.security.util
Class TokenHandler
- java.lang.Object
-
- io.helidon.security.util.TokenHandler
-
public final class TokenHandler extends Object
Extracts a security token from request or updates headers with the token. Currently supports headers as sources of tokens. The token is then extracted either with a prefix (e.g. basic ) or with a regular expression (first group in the regexp). When building header, it is created in the same way. To create a more complicated header, you can use configuration option token-format that will be processed usingString.format(String, Object...)
with the token as a single string argument.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
TokenHandler.Builder
Fluent API builder to createTokenHandler
.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addHeader(Map<String,List<String>> headers, String token)
Add the token as a new header value.static TokenHandler.Builder
builder()
Fluent API builder to createTokenHandler
.static TokenHandler
create(Config config)
Create aTokenHandler
from configuration.String
extractToken(String tokenRawValue)
Extracts the token from the string value of the header (or other field).Optional<String>
extractToken(Map<String,List<String>> headers)
Extracts the token from request.static TokenHandler
forHeader(String header)
A shortcut method to build a token handler that does not modify the token content.void
header(Map<String,List<String>> headers, String token)
Set the token as a new header.String
tokenHeader()
Name of the header the token is expected in (or will be written into).
-
-
-
Method Detail
-
builder
public static TokenHandler.Builder builder()
Fluent API builder to createTokenHandler
.- Returns:
- new builder instance
-
forHeader
public static TokenHandler forHeader(String header)
A shortcut method to build a token handler that does not modify the token content.- Parameters:
header
- header name (to read or write to)- Returns:
- a new instance for the header name
-
create
public static TokenHandler create(Config config)
Create aTokenHandler
from configuration. Expected configuration (to be located on token key):token { header = "Authorization" # or do not specify - then the whole header is considered to be the token value prefix = "bearer " # optional alternative - looking for first matching group #regexp = "bearer (.*)" }
- Parameters:
config
- config to parse into an instance of this object- Returns:
- a new instance configured from config
-
extractToken
public Optional<String> extractToken(Map<String,List<String>> headers)
Extracts the token from request. If expected header is not present, returns empty optional, otherwise parses the token according to configuration. If the header does not satisfy the configuration (e.g. invalid prefix, wrong pattern), throws exception.- Parameters:
headers
- Headers to extract token from- Returns:
- token value or empty in case the token is not present in request
- Throws:
SecurityException
- in case the token data is malformed
-
extractToken
public String extractToken(String tokenRawValue)
Extracts the token from the string value of the header (or other field).- Parameters:
tokenRawValue
- such as "bearer AAAAAAA"- Returns:
- token extracted based on the configured rules
-
tokenHeader
public String tokenHeader()
Name of the header the token is expected in (or will be written into).- Returns:
- header name
-
header
public void header(Map<String,List<String>> headers, String token)
Set the token as a new header. Creates the header if not present, replaces header value if present.- Parameters:
headers
- Headers to updatetoken
- Token value
-
-