Package io.micronaut.security.endpoints.introspection

Class DefaultIntrospectionProcessor<T>

java.lang.Object
io.micronaut.security.endpoints.introspection.DefaultIntrospectionProcessor<T>
Type Parameters:
T - Request
All Implemented Interfaces:
IntrospectionProcessor<T>
@Singleton public class DefaultIntrospectionProcessor<T> extends Object implements IntrospectionProcessor<T>
Validates the IntrospectionRequest.getToken() with the available TokenValidator. Then it creates a IntrospectionResponse with the first Authentication object. If no TokenValidator is able to validate the token, it tries with RefreshTokenValidator. If it cannot authenticate it returns {active: false}
Since:
2.1.0
Author:
Sergio del Amo

  • Field Details

  • Constructor Details

  • Method Details

    • introspect

      @NonNull public @NonNull org.reactivestreams.Publisher<IntrospectionResponse> introspect(@NonNull @NonNull IntrospectionRequest introspectionRequest, @NonNull T requestContext)
      Specified by:
      introspect in interface IntrospectionProcessor<T>
      Parameters:
      introspectionRequest - A parameter representing the token along with optional parameters representing additional context
      requestContext - HTTP Request
      Returns:
      Introspection Response

    • emptyIntrospectionResponse

      @NonNull protected @NonNull IntrospectionResponse emptyIntrospectionResponse(@NonNull @NonNull String token)
      Empty response for introspection response.
      Parameters:
      token - Token
      Returns:
      Introspection Response

    • introspect

      @NonNull public @NonNull org.reactivestreams.Publisher<IntrospectionResponse> introspect(@NonNull @NonNull Authentication authentication, @NonNull T requestContext)
      Specified by:
      introspect in interface IntrospectionProcessor<T>
      Parameters:
      authentication - The authentication
      requestContext - HTTP Request
      Returns:
      Introspection Response

    • createIntrospectionResponse

      @NonNull public @NonNull IntrospectionResponse createIntrospectionResponse(@NonNull @NonNull Authentication authentication, @NonNull T requestContext)
      Creates an IntrospectionResponse for an Authentication.
      Parameters:
      authentication - Authentication
      requestContext - HTTP Request
      Returns:
      an IntrospectionResponse

    • resolveExtensions

      @NonNull protected @NonNull Map<String,Object> resolveExtensions(@NonNull @NonNull Authentication authentication)
      Parameters:
      authentication - Authentication
      Returns:
      Introspection response extensions

    • resolveScope

      protected Optional<String> resolveScope(@NonNull @NonNull Authentication authentication)
      Populates the introspection response scope.
      Parameters:
      authentication - Authentication
      Returns:
      the scope

    • resolveTokenType

      @NonNull protected @NonNull Optional<String> resolveTokenType(@NonNull @NonNull Authentication authentication)
      Populates the introspection response token type.
      Parameters:
      authentication - Authentication
      Returns:
      the Token type

    • resolveClientId

      @NonNull protected @NonNull Optional<String> resolveClientId(@NonNull @NonNull Authentication authentication)
      Populates the introspection response client_id.
      Parameters:
      authentication - Authentication
      Returns:
      client_id value

    • resolveAud

      @NonNull protected @NonNull Optional<String> resolveAud(@NonNull @NonNull Authentication authentication)
      Populates the introspection response with aud claim.
      Parameters:
      authentication - Authentication
      Returns:
      value of aud claim

    • resolveSub

      @NonNull protected @NonNull String resolveSub(@NonNull @NonNull Authentication authentication)
      Populates the introspection response with sub claim.
      Parameters:
      authentication - Authentication
      Returns:
      value of sub claim

    • resolveIssuer

      @NonNull protected @NonNull Optional<String> resolveIssuer(@NonNull @NonNull Authentication authentication)
      Populates the introspection response with iss claim.
      Parameters:
      authentication - Authentication
      Returns:
      value of iss claim

    • resolveJwtId

      @NonNull protected @NonNull Optional<String> resolveJwtId(@NonNull @NonNull Authentication authentication)
      Populates the introspection response with jti username.
      Parameters:
      authentication - Authentication
      Returns:
      the jti claim value

    • resolveUsername

      @NonNull protected @NonNull Optional<String> resolveUsername(@NonNull @NonNull Authentication authentication)
      Populates the introspection response with the username.
      Parameters:
      authentication - Authentication
      Returns:
      the username

    • resolveExpiration

      protected Optional<Long> resolveExpiration(@NonNull @NonNull Authentication authentication)
      Populates the introspection response with the exp claim of authentication.
      Parameters:
      authentication - Authentication
      Returns:
      the exp claim

    • secondsSinceEpochOfAttribute

      protected Optional<Long> secondsSinceEpochOfAttribute(@NonNull @NonNull String attributeName, @NonNull @NonNull Authentication authentication)
      Parameters:
      attributeName - The attribute name e.g. exp nbf iat
      authentication - Authentication
      Returns:
      An empty optional if the authentication attribute is not found or it cannot be transformed to epoch seconds

    • resolveNotBefore

      @NonNull protected @NonNull Optional<Long> resolveNotBefore(@NonNull @NonNull Authentication authentication)
      Populates the introspection response with the nbf claim of authentication.
      Parameters:
      authentication - Authentication
      Returns:
      value for nbf claim

    • resolveIssuedAt

      @NonNull protected @NonNull Optional<Long> resolveIssuedAt(@NonNull @NonNull Authentication authentication)
      Populates the introspection response with the iat claim of authentication.
      Parameters:
      authentication - Authentication
      Returns:
      value for iat claim

    • toSecondsSinceEpoch

      public static long toSecondsSinceEpoch(Date date)
      Parameters:
      date - Date
      Returns:
      seconds since epoch