Module io.helidon.security

Package io.helidon.security

Interface ProviderRequest

All Superinterfaces:

AbacSupport

public interface ProviderRequest
extends AbacSupport

A request sent to security providers. Contains all information that may be needed to authenticate or authorize a request:

• User's subject: subject() - if user is authenticated
• Service subject: service() - if service is authenticated
• Environment information: env() - path, method etc.
• Object: getObject() - target resource, if provided by user
• Security context: securityContext() - current subjects and information about security context of this request
• Endpoint configuration: endpointConfig() - annotations, endpoint specific configuration, custom objects, custom attributes

Nested Class Summary

Nested classes/interfaces inherited from interface io.helidon.security.util.AbacSupport

AbacSupport.BasicAttributes

Method Summary

Modifier and Type	Method	Description
static ProviderRequest	create(SecurityContext context, Map<String,Supplier<Object>> boundAttributes)	Create a new provider request.
EndpointConfig	endpointConfig()	Configuration of the invoked endpoint, such as annotations declared.
SecurityEnvironment	env()	Environment of current request, such as the URI invoked, time to use for security decisions etc.
Optional<Object>	getObject()	The object of this request.
static Optional<Object>	getValue(Object object, String key)	Get a value of a property from an object.
SecurityContext	securityContext()	Security context associated with current request.
Optional<Subject>	service()	Current service subject, if already authenticated.
Optional<Subject>	subject()	Current user subject, if already authenticated.

Methods inherited from interface io.helidon.security.util.AbacSupport

abacAttribute, abacAttributeNames, abacAttributeRaw

Method Details

create

static ProviderRequest create(SecurityContext context,
 Map<String,Supplier<Object>> boundAttributes)

Create a new provider request. The following attributes will be bound by this method (even if already specified):

• env
• {code subject}
• {code service}

Parameters:

context - current security context

boundAttributes - suppliers of bound attributes

Returns:

a new provider request

getValue

static Optional<Object> getValue(Object object,
 String key)

Get a value of a property from an object. If object implements AbacSupport the value is obtained through AbacSupport.abacAttribute(String), if not, the value is obtained by reflection from a public field or a public getter method. The method name may be (for attribute called for example "audit"):

• audit
• getAudit
• isAudit
• shouldAudit
• hasAudit

Parameters:

object - object to get attribute from

key - key of the attribute

Returns:

value of the attribute if found

endpointConfig

EndpointConfig endpointConfig()

Configuration of the invoked endpoint, such as annotations declared.

Returns:

endpoint config

securityContext

SecurityContext securityContext()

Security context associated with current request.

Returns:

security context

subject

Optional<Subject> subject()

Current user subject, if already authenticated.

Returns:

user subject or empty

service

Optional<Subject> service()

Current service subject, if already authenticated.

Returns:

service subject or empty.

env

SecurityEnvironment env()

Environment of current request, such as the URI invoked, time to use for security decisions etc.

Returns:

security environment

getObject

Optional<Object> getObject()

The object of this request. Security request may be configured for a specific entity (e.g. if this is an entity modification request, the entity itself may be provided to help in a security task.

Returns:

the object or empty if not known