Interface PayloadHandler
-
- All Superinterfaces:
Serializable
- All Known Subinterfaces:
AccessTokenHandlerInterface
,RefreshTokenHandlerInterface
public interface PayloadHandler extends Serializable
This class is charged with creating and managing the payload of a single type of JWT. As we get more types of these (OIDC, SciToken, etc.) each of these has completely separate requirements for creating, management and such. All of that should be encapsulated into a class.Created by Jeff Gaynor
on 2/15/20 at 7:13 AM
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
addRequestState(edu.uiuc.ncsa.security.util.scripting.ScriptRunRequest req)
Marshall any resources this script needs to make a request.void
checkClaims()
Called after the runner has gotten the claims so that this class can check integrity.net.sf.json.JSONObject
execute(ClaimSource source, net.sf.json.JSONObject claims)
Runs this specific claim source against the internal state of this class.void
finish(String execPhase)
Called at the very end of all processing, this lets the handler, clean up or whatever it needs to do.net.sf.json.JSONObject
getExtendedAttributes()
Get the claims (the actual payload).net.sf.json.JSONObject
getPayload()
The payload for this is the actual token created (payload is the middle of a JWT, e.g.)PayloadHandlerConfig
getPhCfg()
int
getResponseCode()
TokenImpl
getSignedPayload(edu.uiuc.ncsa.security.util.jwk.JSONWebKey key)
TokenImpl
getSignedPayload(edu.uiuc.ncsa.security.util.jwk.JSONWebKey key, String headerType)
Take the payload of this and sign it with the given key, using the header as needed.List<ClaimSource>
getSources()
These are the sources that the runner will use to populate the claimsvoid
handleResponse(edu.uiuc.ncsa.security.util.scripting.ScriptRunResponse resp)
This takes the response from a script and unmarshalls the resourcesboolean
hasScript()
void
init()
Creates and initializes the claims object this class manages.void
refresh()
If the claims need to be updated (e.g.void
refreshAccountingInformation()
This is used on refresh only.void
saveState(String execPhase)
Called at the end of each block, this lets the handler save its state.void
setAccountingInformation()
This sets the accounting information (such as the expiration and such) for a token.void
setPayload(net.sf.json.JSONObject payload)
void
setPhCfg(PayloadHandlerConfig phCfg)
void
setResponseCode(int responseCode)
-
-
-
Method Detail
-
init
void init() throws Throwable
Creates and initializes the claims object this class manages.- Throws:
Throwable
-
refresh
void refresh() throws Throwable
If the claims need to be updated (e.g. for a refresh and the timestamps need adjusting) this method needs to be called. It's contract is to reget all of the claims.- Throws:
Throwable
-
addRequestState
void addRequestState(edu.uiuc.ncsa.security.util.scripting.ScriptRunRequest req) throws Throwable
Marshall any resources this script needs to make a request. I.e., add specific state (if needed) from this handler to theScriptRunRequest
.- Throws:
Throwable
-
handleResponse
void handleResponse(edu.uiuc.ncsa.security.util.scripting.ScriptRunResponse resp) throws Throwable
This takes the response from a script and unmarshalls the resources- Parameters:
resp
-- Throws:
Throwable
-
checkClaims
void checkClaims() throws Throwable
Called after the runner has gotten the claims so that this class can check integrity. For instance, an OIDC server would need to see that the subject is set properly. SciTokens needs to check that its scopes (aka resource permissions) were set- Throws:
Throwable
-
getSources
List<ClaimSource> getSources() throws Throwable
These are the sources that the runner will use to populate the claims- Returns:
- Throws:
Throwable
-
execute
net.sf.json.JSONObject execute(ClaimSource source, net.sf.json.JSONObject claims) throws Throwable
Runs this specific claim source against the internal state of this class. Note that the contract is that it returns the updated claims and if there are no new claims, it should just return its claims argument.- Parameters:
claims
-- Returns:
- Throws:
Throwable
-
finish
void finish(String execPhase) throws Throwable
Called at the very end of all processing, this lets the handler, clean up or whatever it needs to do. It is called beforesaveState(String)
()}.- Parameters:
execPhase
- - the current execution phase.- Throws:
Throwable
-
saveState
void saveState(String execPhase) throws Throwable
Called at the end of each block, this lets the handler save its state. Note that for OA4MP, the state is saved in the transaction which is saved once after the handlers run. Only put actual save code in here if needed, since it is apt to get called a lot.- Throws:
Throwable
-
getExtendedAttributes
net.sf.json.JSONObject getExtendedAttributes() throws Throwable
Get the claims (the actual payload).- Returns:
- Throws:
Throwable
-
setAccountingInformation
void setAccountingInformation()
This sets the accounting information (such as the expiration and such) for a token. This is called when a token is created or refreshed.
-
refreshAccountingInformation
void refreshAccountingInformation()
This is used on refresh only. It will reset all the standard accounting information (such as timestamps) for an existing claims object.Usage
Create an instance of the handler with the constructor for any state, then invoke this method.
-
getPhCfg
PayloadHandlerConfig getPhCfg()
-
setPhCfg
void setPhCfg(PayloadHandlerConfig phCfg)
-
hasScript
boolean hasScript()
-
setResponseCode
void setResponseCode(int responseCode)
-
getResponseCode
int getResponseCode()
-
getPayload
net.sf.json.JSONObject getPayload()
The payload for this is the actual token created (payload is the middle of a JWT, e.g.)- Returns:
-
setPayload
void setPayload(net.sf.json.JSONObject payload)
-
getSignedPayload
TokenImpl getSignedPayload(edu.uiuc.ncsa.security.util.jwk.JSONWebKey key)
-
-