java.lang.Object
io.helidon.security.abac.scope.ScopeValidator
- All Implemented Interfaces:
AbacValidator<ScopeValidator.ScopesConfig>
public final class ScopeValidator
extends Object
implements AbacValidator<ScopeValidator.ScopesConfig>
ABAC validator for OAuth2 scopes.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic final classA fluent API builder forScopeValidator.static @interfaceScope annotation.static @interfaceRepeatable annotation forScopeValidator.Scope.static final classConfiguration custom class for scope validator. -
Field Summary
Fields -
Method Summary
Modifier and TypeMethodDescriptionstatic ScopeValidator.Builderbuilder()Create a fluent API builder.Class of the configuration type.Key of a configuration entry that maps to this validator's configuration.static ScopeValidatorcreate()Create an instance of scope validator with default configuration.static ScopeValidatorDeprecated, for removal: This API element is subject to removal in a future version.static ScopeValidatorCreate a new validator instance from configuration.fromAnnotations(EndpointConfig endpointConfig) Load configuration class instance from annotations this validator expects.fromConfig(Config config) Load configuration class instance from configuration.Collection<Class<? extends Annotation>> Provide extension annotations supported by this validator (e.g.voidvalidate(ScopeValidator.ScopesConfig config, Errors.Collector collector, ProviderRequest request) Validate that the configuration provided would grant access to the resource.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface io.helidon.security.providers.abac.spi.AbacValidator
fromConfig
-
Field Details
-
SCOPE_GRANT_TYPE
Use this type when constructing aGrant, so this validator can accept it as a scope.- See Also:
-
-
Method Details
-
builder
Create a fluent API builder.- Returns:
- a new builder instance
-
create
Create an instance of scope validator with default configuration.- Returns:
- scope validator that uses "AND" operator for required scopes
-
create
Deprecated, for removal: This API element is subject to removal in a future version.usecreate(io.helidon.config.Config)insteadCreate a new validator instance from configuration.- Parameters:
config- configuration on the key of this provider- Returns:
- scope validator instance
-
create
Create a new validator instance from configuration.- Parameters:
config- configuration on the key of this provider- Returns:
- scope validator instance
-
configClass
Description copied from interface:AbacValidatorClass of the configuration type.- Specified by:
configClassin interfaceAbacValidator<ScopeValidator.ScopesConfig>- Returns:
- class of the type
-
supportedAnnotations
Description copied from interface:AbacValidatorProvide extension annotations supported by this validator (e.g.RolesAllowed). Annotations will be collected according to framework in use. For JAX-RS, annotations from application class, resource class and resource methods will be collected. The annotations will be transformed to configuration byAbacValidator.fromAnnotations(EndpointConfig).- Specified by:
supportedAnnotationsin interfaceAbacValidator<ScopeValidator.ScopesConfig>- Returns:
- Collection of annotations this provider expects.
-
configKey
Description copied from interface:AbacValidatorKey of a configuration entry that maps to this validator's configuration.- Specified by:
configKeyin interfaceAbacValidator<ScopeValidator.ScopesConfig>- Returns:
- key in a config
Config
-
fromConfig
Description copied from interface:AbacValidatorLoad configuration class instance from configuration.API Note: the default method implementation is provided for backward compatibility and will be removed in the next major version
- Specified by:
fromConfigin interfaceAbacValidator<ScopeValidator.ScopesConfig>- Parameters:
config- configuration located on the key this validator expects inAbacValidator.configKey()- Returns:
- instance of configuration class
-
fromAnnotations
Description copied from interface:AbacValidatorLoad configuration class instance from annotations this validator expects.- Specified by:
fromAnnotationsin interfaceAbacValidator<ScopeValidator.ScopesConfig>- Parameters:
endpointConfig- endpoint config- Returns:
- instance of configuration class
-
validate
public void validate(ScopeValidator.ScopesConfig config, Errors.Collector collector, ProviderRequest request) Description copied from interface:AbacValidatorValidate that the configuration provided would grant access to the resource. Update collector with errors, if access should be denied usingErrors.Collector.fatal(Object, String).- Specified by:
validatein interfaceAbacValidator<ScopeValidator.ScopesConfig>- Parameters:
config- configuration of this validatorcollector- error collector to gather issues with this request (e.g. "service not in role ABC")request- ABAC context containing subject(s), object(s) and environment
-
create(io.helidon.config.Config)instead