Package io.jmix.webdavrest.security

Class CookieAuthenticationRegistry

java.lang.Object

io.jmix.webdavrest.security.CookieAuthenticationRegistry

@Component
public class CookieAuthenticationRegistry
extends Object

Manages both types of tokens (URl, Cookie) being used for cookie auth method.

Field Summary

Fields

Modifier and Type	Field	Description
protected CookieAuthTokenObjectRepository	cookieAuthTokenObjectRepository
protected CookieAuthUrlTokenObjectRepository	cookieAuthUrlTokenObjectRepository
protected UserRepository	userRepository
protected WebdavProperties	webdavProperties

Constructor Summary

Constructors

Constructor	Description
CookieAuthenticationRegistry()

Method Summary

Modifier and Type	Method	Description
CookieAuthTokenObject	acquireCookieTokenByUrlToken(String urlTokenValue)	Generates cookie-token object based on valid URL-token value.
protected String	generateCookieTokenValue()
String	generateUrlToken()	Generates new URL-token based on currently authenticated session.
protected String	generateUrlTokenValue()
Object	getPrincipalByCookieToken(String tokenValue)	Extracts UserDetails by cookie-token value.
boolean	isCookieTokenValid(String tokenValue)	Validates cookie-token according to existence and expiration time.
boolean	isUrlTokenValid(String tokenValue)	Validates URL-token.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

userRepository

@Autowired
protected UserRepository userRepository

cookieAuthUrlTokenObjectRepository

@Autowired
protected CookieAuthUrlTokenObjectRepository cookieAuthUrlTokenObjectRepository

cookieAuthTokenObjectRepository

@Autowired
protected CookieAuthTokenObjectRepository cookieAuthTokenObjectRepository

webdavProperties

@Autowired
protected WebdavProperties webdavProperties

Constructor Details

CookieAuthenticationRegistry

public CookieAuthenticationRegistry()

Method Details

isUrlTokenValid

public boolean isUrlTokenValid(String tokenValue)

Validates URL-token. URL-token is a one-time short-term token, so it's valid if it exists.

Parameters:

tokenValue - token value extracted from request URL

Returns:

true if token is valid, false otherwise

isCookieTokenValid

public boolean isCookieTokenValid(String tokenValue)

Validates cookie-token according to existence and expiration time.

Parameters:

tokenValue - token value extracted from cookie

Returns:

true if token is valid, false otherwise

getPrincipalByCookieToken

public Object getPrincipalByCookieToken(String tokenValue)

Extracts UserDetails by cookie-token value. Username is linked with cookie-token value during its generation

Parameters:

tokenValue - token value extracted from cookie

Returns:

principal object

generateUrlToken

public String generateUrlToken()

Generates new URL-token based on currently authenticated session.

Returns:

URL-token value

acquireCookieTokenByUrlToken

public CookieAuthTokenObject acquireCookieTokenByUrlToken(String urlTokenValue)

Generates cookie-token object based on valid URL-token value. Provided URL-token will be invalidated after that.

Parameters:

urlTokenValue - token value extracted from url

Returns:

new cookie-token object.

generateUrlTokenValue

protected String generateUrlTokenValue()

generateCookieTokenValue

protected String generateCookieTokenValue()