Class OA2HeaderUtils


  • public class OA2HeaderUtils
    extends edu.uiuc.ncsa.security.servlet.HeaderUtils
    Utilities for dealing with getting tokens that may be either sent as parameters or in the authorization header . Note that you should check that if a user sends both, that they match and throw an exception if they do not.

    Created by Jeff Gaynor
    on 9/25/17 at 5:33 PM

    • Field Summary

      • Fields inherited from class edu.uiuc.ncsa.security.servlet.HeaderUtils

        BASIC_HEADER, BEARER_HEADER, ID_INDEX, SECRET_INDEX
    • Constructor Summary

      Constructors 
      Constructor Description
      OA2HeaderUtils()  
    • Constructor Detail

      • OA2HeaderUtils

        public OA2HeaderUtils()
    • Method Detail

      • getATFromParameter

        public static String getATFromParameter​(javax.servlet.http.HttpServletRequest request)
        This gets the tokens from the authorization header. There are several types and it is possible to have several values passed in, so this returns an array of string rather than a single value. A downside with passing along several values this way is there is no way to disambiguate them, e.g. a client id from a client secret. If there is no authorization header or there are no tokens of the stated type, the returned value is an empty list.
        Parameters:
        request -
        Returns:
      • getIDFromParameters

        public static edu.uiuc.ncsa.security.core.Identifier getIDFromParameters​(javax.servlet.http.HttpServletRequest request)