Package org.gcube.common.iam

Class D4ScienceIAMClientAuthn

java.lang.Object

org.gcube.common.iam.AbstractIAMResponse

org.gcube.common.iam.D4ScienceIAMClientAuthn

All Implemented Interfaces:

IAMResponse

Direct Known Subclasses:

D4ScienceIAMClientAuthn4Client, D4ScienceIAMClientAuthn4User

public abstract class D4ScienceIAMClientAuthn
extends AbstractIAMResponse

Abstract base class for D4Science IAM client authentication responses. Provides functionality for obtaining authorization after successful authentication.

Author:

Luca Frosini (ISTI-CNR)

Constructor Summary

Constructors

Constructor	Description
D4ScienceIAMClientAuthn(D4ScienceIAMClient iamClient, org.gcube.common.keycloak.model.TokenResponse tokenResponse)	Creates a new authentication response.

Method Summary

Modifier and Type	Method	Description
D4ScienceIAMClientAuthz	authorize(String context)	Authorizes the client or the user by using the authn already obtained, for the specific context audience and no optional permissions.
D4ScienceIAMClientAuthz	authorize(String context, List<String> permissions)	Authorizes the client or the user by using the authn already obtained, for the specific context audience and with optional permissions.

Methods inherited from class org.gcube.common.iam.AbstractIAMResponse

canBeRefreshed, getAccessToken, getAccessTokenString, getContactOrganization, getContactPerson, getContextRoles, getGlobalRoles, getIamClient, getName, getRefreshTokenString, getResourceRoles, getRoles, getTokenResponse, isAccessTokenValid, isAccessTokenValid, isExpired, isRefreshTokenValid, isRefreshTokenValid, refresh, refresh, setIamClient, setTokenResponse, verifyAccessToken, verifyRefreshToken

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

D4ScienceIAMClientAuthn

public D4ScienceIAMClientAuthn(D4ScienceIAMClient iamClient,
                               org.gcube.common.keycloak.model.TokenResponse tokenResponse)

Creates a new authentication response.

Parameters:

iamClient - the D4Science IAM client instance

tokenResponse - the token response from authentication

Method Detail

authorize

public D4ScienceIAMClientAuthz authorize(String context)
                                  throws D4ScienceIAMClientException

Authorizes the client or the user by using the authn already obtained, for the specific context audience and no optional permissions.

Parameters:

context - the requested token context audience (e.g. a specific context or another client)

Returns:

the authz object

Throws:

D4ScienceIAMClientException - if an error occurs during authz process

authorize

public D4ScienceIAMClientAuthz authorize(String context,
                                         List<String> permissions)
                                  throws D4ScienceIAMClientException

Authorizes the client or the user by using the authn already obtained, for the specific context audience and with optional permissions.

Parameters:

context - the requested token context audience (e.g. a specific context or another client)

permissions - the optional permissions

Returns:

the authz object

Throws:

D4ScienceIAMClientException - if an error occurs during authz process