Class IDTokenHandler
- java.lang.Object
-
- edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.AbstractPayloadHandler
-
- edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.IDTokenHandler
-
- All Implemented Interfaces:
IDTokenHandlerInterface,PayloadHandler,Serializable
public class IDTokenHandler extends AbstractPayloadHandler implements IDTokenHandlerInterface
Created by Jeff Gaynor
on 2/16/20 at 6:51 AM- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static StringID_TOKEN_BASIC_HANDLER_TYPEstatic StringID_TOKEN_DEFAULT_HANDLER_TYPEprotected Stringissuer-
Fields inherited from class edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.AbstractPayloadHandler
claims, oa2se, request, transaction
-
-
Constructor Summary
Constructors Constructor Description IDTokenHandler(PayloadHandlerConfigImpl payloadHandlerConfig)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddRequestState(edu.uiuc.ncsa.security.util.scripting.ScriptRunRequest req)Marshall any resources this script needs to make a request.protected voidcheckClaim(net.sf.json.JSONObject claims, String claimKey)voidcheckClaims()Called after the runner has gotten the claims so that this class can check integrity.protected voidcheckRequiredScopes(OA2ServiceTransaction t)Use this to check for any requires scopes that the request must have.net.sf.json.JSONObjectexecute(ClaimSource source, net.sf.json.JSONObject claims)Runs this specific claim source against the internal state of this class.voidfinish(String execPhase)For CIL-499.List<ClaimSource>getSources()These are the sources that the runner will use to populate the claimsvoidhandleResponse(edu.uiuc.ncsa.security.util.scripting.ScriptRunResponse resp)This takes the response from a script and unmarshalls the resourcesvoidinit()Creates and initializes the claims object this class manages.voidrefreshAccountingInformation()This is used on refresh only.voidsaveState()Called at the end of each block, this lets the handler save its state.voidsetAccountingInformation()This sets the accounting information (such as the expiration and such) for a token.protected voidsetIssuer(javax.servlet.http.HttpServletRequest request)-
Methods inherited from class edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.AbstractPayloadHandler
doServerVariables, doSubstitution, getClaims, getExtendedAttributes, getPhCfg, getResponseCode, getToken, hasScript, isEmpty, listToString, refresh, setClaims, setExtendedAttributes, setPhCfg, setResponseCode
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface edu.uiuc.ncsa.oa4mp.delegation.oa2.jwt.PayloadHandler
getClaims, getExtendedAttributes, getPhCfg, getResponseCode, getToken, hasScript, refresh, setPhCfg, setResponseCode
-
-
-
-
Field Detail
-
issuer
protected String issuer
-
ID_TOKEN_DEFAULT_HANDLER_TYPE
public static final String ID_TOKEN_DEFAULT_HANDLER_TYPE
- See Also:
- Constant Field Values
-
ID_TOKEN_BASIC_HANDLER_TYPE
public static final String ID_TOKEN_BASIC_HANDLER_TYPE
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
IDTokenHandler
public IDTokenHandler(PayloadHandlerConfigImpl payloadHandlerConfig)
-
-
Method Detail
-
setIssuer
protected void setIssuer(javax.servlet.http.HttpServletRequest request)
-
init
public void init() throws ThrowableDescription copied from interface:PayloadHandlerCreates and initializes the claims object this class manages.- Specified by:
initin interfacePayloadHandler- Throws:
Throwable
-
refreshAccountingInformation
public void refreshAccountingInformation()
Description copied from interface:PayloadHandlerThis is used on refresh only. It will reset all the standard accounting information (such as timestamps) for an existing claims object.Usage
Create an instance of the handler with the constructor for any state, then invoke this method.- Specified by:
refreshAccountingInformationin interfacePayloadHandler
-
setAccountingInformation
public void setAccountingInformation()
Description copied from interface:PayloadHandlerThis sets the accounting information (such as the expiration and such) for a token. This is called when a token is created or refreshed.- Specified by:
setAccountingInformationin interfacePayloadHandler
-
addRequestState
public void addRequestState(edu.uiuc.ncsa.security.util.scripting.ScriptRunRequest req) throws ThrowableDescription copied from interface:PayloadHandlerMarshall any resources this script needs to make a request. I.e., add specific state (if needed) from this handler to theScriptRunRequest.- Specified by:
addRequestStatein interfacePayloadHandler- Throws:
Throwable
-
handleResponse
public void handleResponse(edu.uiuc.ncsa.security.util.scripting.ScriptRunResponse resp) throws ThrowableDescription copied from interface:PayloadHandlerThis takes the response from a script and unmarshalls the resources- Specified by:
handleResponsein interfacePayloadHandler- Overrides:
handleResponsein classAbstractPayloadHandler- Throws:
Throwable
-
checkClaims
public void checkClaims() throws ThrowableDescription copied from interface:PayloadHandlerCalled after the runner has gotten the claims so that this class can check integrity. For instance, an OIDC server would need to see that the subject is set properly. SciTokens needs to check that its scopes (aka resource permissions) were set- Specified by:
checkClaimsin interfacePayloadHandler- Throws:
Throwable
-
getSources
public List<ClaimSource> getSources() throws Throwable
Description copied from interface:PayloadHandlerThese are the sources that the runner will use to populate the claims- Specified by:
getSourcesin interfacePayloadHandler- Returns:
- Throws:
Throwable
-
finish
public void finish(String execPhase) throws Throwable
For CIL-499. It is possible to remove key claims with functors and return unusable claims objects. This method will check that claims that must be present are there or will raise a server-side exception.- Specified by:
finishin interfacePayloadHandler- Parameters:
execPhase- - the current execution phase.- Throws:
Throwable
-
saveState
public void saveState() throws ThrowableDescription copied from interface:PayloadHandlerCalled at the end of each block, this lets the handler save its state. Note that for OA4MP, the state is saved in the transaction which is saved once after the handlers run. Only put actual save code in here if needed, since it is apt to get called a lot.- Specified by:
saveStatein interfacePayloadHandler- Throws:
Throwable
-
checkRequiredScopes
protected void checkRequiredScopes(OA2ServiceTransaction t) throws Throwable
Use this to check for any requires scopes that the request must have. It is usually best to check these in the transaction since they have been normalized there, but the request is supplied too for completeness.- Parameters:
t-- Throws:
Throwable
-
checkClaim
protected void checkClaim(net.sf.json.JSONObject claims, String claimKey)
-
execute
public net.sf.json.JSONObject execute(ClaimSource source, net.sf.json.JSONObject claims) throws Throwable
Description copied from interface:PayloadHandlerRuns this specific claim source against the internal state of this class. Note that the contract is that it returns the updated claims and if there are no new claims, it should just return its claims argument.- Specified by:
executein interfacePayloadHandler- Overrides:
executein classAbstractPayloadHandler- Returns:
- Throws:
Throwable
-
-