Package edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims

Class ServerQDLScriptHandler

  • All Implemented Interfaces:
    PayloadHandler, Serializable
    public class ServerQDLScriptHandler
extends Object
implements PayloadHandler
    This is a handler for all scripts that the user may set in the configuration. These scripts are run before any that the client defines so this is the first handler if present. Mostly this is vessel for conveying the scripts.

    Created by Jeff Gaynor
    on 4/30/22 at 5:52 AM

    See Also:
    Serialized Form

    • Method Detail

      • refresh

        public void refresh()
             throws Throwable
        Description copied from interface: PayloadHandler
        If the claims need to be updated (e.g. for a refresh and the timestamps need adjusting) this method needs to be called. It's contract is to reget all of the claims.
        Specified by:
        refresh in interface PayloadHandler
        Throws:
        Throwable

      • addRequestState

        public void addRequestState​(edu.uiuc.ncsa.security.util.scripting.ScriptRunRequest req)
                     throws Throwable
        For the server script, request everything. This allows for complete access as needed, so if a script, e.g., wants to set up all values in the pre_auth stage, it can do it once and be done, rather than require it to set it in increments.
        Specified by:
        addRequestState in interface PayloadHandler
        Parameters:
        req -
        Throws:
        Throwable

      • getRTData

        public net.sf.json.JSONObject getRTData()

      • setRTData

        public void setRTData​(net.sf.json.JSONObject rtData)

      • checkClaims

        public void checkClaims()
                 throws Throwable
        Description copied from interface: PayloadHandler
        Called after the runner has gotten the claims so that this class can check integrity. For instance, an OIDC server would need to see that the subject is set properly. SciTokens needs to check that its scopes (aka resource permissions) were set
        Specified by:
        checkClaims in interface PayloadHandler
        Throws:
        Throwable

      • execute

        public net.sf.json.JSONObject execute​(ClaimSource source,
                                      net.sf.json.JSONObject claims)
                               throws Throwable
        Description copied from interface: PayloadHandler
        Runs this specific claim source against the internal state of this class. Note that the contract is that it returns the updated claims and if there are no new claims, it should just return its claims argument.
        Specified by:
        execute in interface PayloadHandler
        Returns:
        Throws:
        Throwable

      • saveState

        public void saveState()
               throws Throwable
        Description copied from interface: PayloadHandler
        Called at the end of each block, this lets the handler save its state. Note that for OA4MP, the state is saved in the transaction which is saved once after the handlers run. Only put actual save code in here if needed, since it is apt to get called a lot.
        Specified by:
        saveState in interface PayloadHandler
        Throws:
        Throwable

      • getClaims

        public net.sf.json.JSONObject getClaims()
        Description copied from interface: PayloadHandler
        Get the claims (the actual payload).
        Specified by:
        getClaims in interface PayloadHandler
        Returns:

      • setClaims

        public void setClaims​(net.sf.json.JSONObject claims)

      • setExtendedAttributes

        public void setExtendedAttributes​(net.sf.json.JSONObject extendedAttributes)

      • setAccountingInformation

        public void setAccountingInformation()
        Description copied from interface: PayloadHandler
        This sets the accounting information (such as the expiration and such) for a token. This is called when a token is created or refreshed.
        Specified by:
        setAccountingInformation in interface PayloadHandler

      • refreshAccountingInformation

        public void refreshAccountingInformation()
        Description copied from interface: PayloadHandler
        This is used on refresh only. It will reset all the standard accounting information (such as timestamps) for an existing claims object.

        Usage

        Create an instance of the handler with the constructor for any state, then invoke this method.
        Specified by:
        refreshAccountingInformation in interface PayloadHandler

      • getToken

        public String getToken​(edu.uiuc.ncsa.security.util.jwk.JSONWebKey key)
        Description copied from interface: PayloadHandler
        Returns the payload from this handler encoded with a key, if applicable.
        Specified by:
        getToken in interface PayloadHandler
        Returns:

      • getAtData

        public net.sf.json.JSONObject getAtData()

      • setAtData

        public void setAtData​(net.sf.json.JSONObject atData)

      • handleResponse

        public void handleResponse​(edu.uiuc.ncsa.security.util.scripting.ScriptRunResponse resp)
                    throws Throwable
        Description copied from interface: PayloadHandler
        This takes the response from a script and unmarshalls the resources
        Specified by:
        handleResponse in interface PayloadHandler
        Throws:
        Throwable