Module io.helidon.security
Package io.helidon.security

Class ProviderRequest

java.lang.Object
io.helidon.security.ProviderRequest
All Implemented Interfaces:
AbacSupport
public abstract class ProviderRequest extends Object implements AbacSupport
A request sent to security providers. Contains all information that may be needed to authenticate or authorize a request:
  • User's subject: subject() - if user is authenticated
  • Service subject: service() - if service is authenticated
  • Environment information: env() - path, method etc.
  • Object: getObject() - target resource, if provided by user
  • Security context: securityContext() - current subjects and information about security context of this request
  • Endpoint configuration: endpointConfig() - annotations, endpoint specific configuration, custom objects, custom attributes

  • Constructor Details

    • ProviderRequest

      protected ProviderRequest()
      Constructor for subclasses.

  • Method Details

    • create

      public static ProviderRequest create(SecurityContext context, Map<String,Supplier<Object>> boundAttributes)
      Create a new provider request. The following attributes will be bound by this method (even if already specified):
      • env
      • {code subject}
      • {code service}
      Parameters:
      context - current security context
      boundAttributes - suppliers of bound attributes
      Returns:
      a new provider request

    • getValue

      public static Optional<Object> getValue(Object object, String key)
      Get a value of a property from an object. If object implements AbacSupport the value is obtained through AbacSupport.abacAttribute(String), if not, the value is obtained by reflection from a public field or a public getter method. The method name may be (for attribute called for example "audit"):
      • audit
      • getAudit
      • isAudit
      • shouldAudit
      • hasAudit
      Parameters:
      object - object to get attribute from
      key - key of the attribute
      Returns:
      value of the attribute if found

    • endpointConfig

      public abstract EndpointConfig endpointConfig()
      Configuration of the invoked endpoint, such as annotations declared.
      Returns:
      endpoint config

    • securityContext

      public abstract SecurityContext securityContext()
      Security context associated with current request.
      Returns:
      security context

    • subject

      public abstract Optional<Subject> subject()
      Current user subject, if already authenticated.
      Returns:
      user subject or empty

    • service

      public abstract Optional<Subject> service()
      Current service subject, if already authenticated.
      Returns:
      service subject or empty.

    • env

      public abstract SecurityEnvironment env()
      Environment of current request, such as the URI invoked, time to use for security decisions etc.
      Returns:
      security environment

    • getObject

      public abstract Optional<Object> getObject()
      The object of this request. Security request may be configured for a specific entity (e.g. if this is an entity modification request, the entity itself may be provided to help in a security task.
      Returns:
      the object or empty if not known

    • abacAttributeRaw

      public abstract Object abacAttributeRaw(String key)
      Return the actual ABAC property value or null if not present.
      Specified by:
      abacAttributeRaw in interface AbacSupport
      Parameters:
      key - key of the property
      Returns:
      value of the property or null

    • abacAttributeNames

      public abstract Collection<String> abacAttributeNames()
      Return all ABAC property names.
      Specified by:
      abacAttributeNames in interface AbacSupport
      Returns:
      collection of keys