Package io.micronaut.security.endpoints.introspection

Class DefaultIntrospectionProcessor<T>

java.lang.Object
io.micronaut.security.endpoints.introspection.DefaultIntrospectionProcessor<T>
Type Parameters:
T - Request
All Implemented Interfaces:
IntrospectionProcessor<T>
@Singleton public class DefaultIntrospectionProcessor<T> extends Object implements IntrospectionProcessor<T>
Validates the IntrospectionRequest.getToken() with the available TokenValidator. Then it creates a IntrospectionResponse with the first Authentication object. If no TokenValidator is able to validate the token, it tries with RefreshTokenValidator. If it cannot authenticate it returns {active: false}
Since:
2.1.0
Author:
Sergio del Amo

  • Field Details

  • Constructor Details

  • Method Details

    • introspect

      public @NonNull org.reactivestreams.Publisher<IntrospectionResponse> introspect(@NonNull IntrospectionRequest introspectionRequest, @NonNull T requestContext)
      Specified by:
      introspect in interface IntrospectionProcessor<T>
      Parameters:
      introspectionRequest - A parameter representing the token along with optional parameters representing additional context
      requestContext - HTTP Request
      Returns:
      Introspection Response

    • emptyIntrospectionResponse

      protected @NonNull IntrospectionResponse emptyIntrospectionResponse(@NonNull String token)
      Empty response for introspection response.
      Parameters:
      token - Token
      Returns:
      Introspection Response

    • introspect

      public @NonNull org.reactivestreams.Publisher<IntrospectionResponse> introspect(@NonNull Authentication authentication, @NonNull T requestContext)
      Specified by:
      introspect in interface IntrospectionProcessor<T>
      Parameters:
      authentication - The authentication
      requestContext - HTTP Request
      Returns:
      Introspection Response

    • createIntrospectionResponse

      public @NonNull IntrospectionResponse createIntrospectionResponse(@NonNull Authentication authentication, @NonNull T requestContext)
      Creates an IntrospectionResponse for an Authentication.
      Parameters:
      authentication - Authentication
      requestContext - HTTP Request
      Returns:
      an IntrospectionResponse

    • resolveExtensions

      protected @NonNull Map<String,Object> resolveExtensions(@NonNull Authentication authentication)
      Parameters:
      authentication - Authentication
      Returns:
      Introspection response extensions

    • resolveScope

      protected Optional<String> resolveScope(@NonNull Authentication authentication)
      Populates the introspection response scope.
      Parameters:
      authentication - Authentication
      Returns:
      the scope

    • resolveTokenType

      protected @NonNull Optional<String> resolveTokenType(@NonNull Authentication authentication)
      Populates the introspection response token type.
      Parameters:
      authentication - Authentication
      Returns:
      the Token type

    • resolveClientId

      protected @NonNull Optional<String> resolveClientId(@NonNull Authentication authentication)
      Populates the introspection response client_id.
      Parameters:
      authentication - Authentication
      Returns:
      client_id value

    • resolveAud

      protected @NonNull Optional<String> resolveAud(@NonNull Authentication authentication)
      Populates the introspection response with aud claim.
      Parameters:
      authentication - Authentication
      Returns:
      value of aud claim

    • resolveSub

      protected @NonNull String resolveSub(@NonNull Authentication authentication)
      Populates the introspection response with sub claim.
      Parameters:
      authentication - Authentication
      Returns:
      value of sub claim

    • resolveIssuer

      protected @NonNull Optional<String> resolveIssuer(@NonNull Authentication authentication)
      Populates the introspection response with iss claim.
      Parameters:
      authentication - Authentication
      Returns:
      value of iss claim

    • resolveJwtId

      protected @NonNull Optional<String> resolveJwtId(@NonNull Authentication authentication)
      Populates the introspection response with jti username.
      Parameters:
      authentication - Authentication
      Returns:
      the jti claim value

    • resolveUsername

      protected @NonNull Optional<String> resolveUsername(@NonNull Authentication authentication)
      Populates the introspection response with the username.
      Parameters:
      authentication - Authentication
      Returns:
      the username

    • resolveExpiration

      protected Optional<Long> resolveExpiration(@NonNull Authentication authentication)
      Populates the introspection response with the exp claim of authentication.
      Parameters:
      authentication - Authentication
      Returns:
      the exp claim

    • secondsSinceEpochOfAttribute

      protected Optional<Long> secondsSinceEpochOfAttribute(@NonNull String attributeName, @NonNull Authentication authentication)
      Parameters:
      attributeName - The attribute name e.g. exp nbf iat
      authentication - Authentication
      Returns:
      An empty optional if the authentication attribute is not found or it cannot be transformed to epoch seconds

    • resolveNotBefore

      protected @NonNull Optional<Long> resolveNotBefore(@NonNull Authentication authentication)
      Populates the introspection response with the nbf claim of authentication.
      Parameters:
      authentication - Authentication
      Returns:
      value for nbf claim

    • resolveIssuedAt

      protected @NonNull Optional<Long> resolveIssuedAt(@NonNull Authentication authentication)
      Populates the introspection response with the iat claim of authentication.
      Parameters:
      authentication - Authentication
      Returns:
      value for iat claim

    • toSecondsSinceEpoch

      public static long toSecondsSinceEpoch(Date date)
      Parameters:
      date - Date
      Returns:
      seconds since epoch