Package org.gcube.common.security.secrets

Class Secret

java.lang.Object

org.gcube.common.security.secrets.Secret

public abstract class Secret
extends Object

An abstract class representing a secret used for authorization.

A secret encapsulates sensitive information required to authenticate an Owner and authorize access to resources within a specific context. This class provides a contract for retrieving key security attributes such as the owner, context, and HTTP authorization headers, while also offering methods to check the secret's validity and expiration status.

Author:

Luca Frosini (ISTI - CNR)

Constructor Summary

Constructors

Constructor	Description
Secret()

Method Summary

Modifier and Type	Method	Description
abstract String	getContext()	Retrieves the authorization context to which this secret belongs.
abstract Map<String,String>	getHTTPAuthorizationHeaders()	Retrieves a map of HTTP authorization headers to be used with this secret.
abstract Owner	getOwner()	Retrieves the Owner associated with this secret.
abstract boolean	isExpired()	Checks if the secret has expired.
abstract boolean	isValid()	Checks if the secret is currently valid and usable for authorization.
abstract int	priority()	The priority of this secret.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Secret

public Secret()

Method Details

priority

public abstract int priority()

The priority of this secret. Higher priority secrets are preferred when we try to set multiple secret in SecretManagerProvider.

Returns:

the priority as an integer.

getOwner

public abstract Owner getOwner()

Retrieves the Owner associated with this secret. The owner represents the entity (user or application) that possesses and uses the secret.

Returns:

The Owner of this secret.

getContext

public abstract String getContext()

Retrieves the authorization context to which this secret belongs. The context is typically a string representing a specific environment, service, or scope (e.g., a VO or a VRE).

Returns:

The string representing the context.

getHTTPAuthorizationHeaders

public abstract Map<String,String> getHTTPAuthorizationHeaders()

Retrieves a map of HTTP authorization headers to be used with this secret. These headers can be directly added to an HTTP request for authentication.

Returns:

A Map<String, String> containing the header names and their corresponding values.

isValid

public abstract boolean isValid()

Checks if the secret is currently valid and usable for authorization. A secret may be invalid if it has been revoked or has not yet become active.

Returns:

true if the secret is valid, false otherwise.

isExpired

public abstract boolean isExpired()

Checks if the secret has expired. An expired secret should no longer be used for authorization.

Returns:

true if the secret has expired, false otherwise.