Class CookieAuthenticationRegistry

java.lang.Object
io.jmix.webdavrest.security.CookieAuthenticationRegistry

@Component public class CookieAuthenticationRegistry extends Object
Manages both types of tokens (URl, Cookie) being used for cookie auth method.
  • Field Details

  • Constructor Details

    • CookieAuthenticationRegistry

      public CookieAuthenticationRegistry()
  • Method Details

    • isUrlTokenValid

      public boolean isUrlTokenValid(String tokenValue)
      Validates URL-token. URL-token is a one-time short-term token, so it's valid if it exists.
      Parameters:
      tokenValue - token value extracted from request URL
      Returns:
      true if token is valid, false otherwise
    • isCookieTokenValid

      public boolean isCookieTokenValid(String tokenValue)
      Validates cookie-token according to existence and expiration time.
      Parameters:
      tokenValue - token value extracted from cookie
      Returns:
      true if token is valid, false otherwise
    • getPrincipalByCookieToken

      public Object getPrincipalByCookieToken(String tokenValue)
      Extracts UserDetails by cookie-token value. Username is linked with cookie-token value during its generation
      Parameters:
      tokenValue - token value extracted from cookie
      Returns:
      principal object
    • generateUrlToken

      public String generateUrlToken()
      Generates new URL-token based on currently authenticated session.
      Returns:
      URL-token value
    • acquireCookieTokenByUrlToken

      public CookieAuthTokenObject acquireCookieTokenByUrlToken(String urlTokenValue)
      Generates cookie-token object based on valid URL-token value. Provided URL-token will be invalidated after that.
      Parameters:
      urlTokenValue - token value extracted from url
      Returns:
      new cookie-token object.
    • generateUrlTokenValue

      protected String generateUrlTokenValue()
    • generateCookieTokenValue

      protected String generateCookieTokenValue()