• Home
• com.canoo.dolphin-platform
• dolphin-platform-security-client
• 1.0.0.CR5
• source code
• KeycloakRequestHandler.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.canoo.dp.impl.security.KeycloakRequestHandler Maven / Gradle / Ivy

/*
 * Copyright 2015-2018 Canoo Engineering AG.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.canoo.dp.impl.security;

import com.canoo.dp.impl.platform.core.Assert;
import com.canoo.platform.client.security.Security;
import com.canoo.platform.core.DolphinRuntimeException;
import com.canoo.platform.core.http.HttpURLConnectionHandler;
import org.apiguardian.api.API;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.net.HttpURLConnection;

import static com.canoo.dp.impl.security.SecurityHttpHeader.AUTHORIZATION_HEADER;
import static com.canoo.dp.impl.security.SecurityHttpHeader.BEARER;
import static org.apiguardian.api.API.Status.INTERNAL;

@API(since = "0.19.0", status = INTERNAL)
public class KeycloakRequestHandler implements HttpURLConnectionHandler {

    private static final Logger LOG = LoggerFactory.getLogger(KeycloakRequestHandler.class);

    private final Security security;

    public KeycloakRequestHandler(final Security security) {
        this.security = Assert.requireNonNull(security, "security");
    }

    @Override
    public void handle(HttpURLConnection connection) {
        //No redirect, can not be handled in Java
        connection.setRequestProperty(SecurityHttpHeader.BEARER_ONLY_HEADER, "true");
        String accessToken = security.getAccessToken();
        if(accessToken != null && !accessToken.isEmpty()) {
            LOG.debug("Adding security access token to request");
            connection.setRequestProperty(AUTHORIZATION_HEADER, BEARER + accessToken);
        }
    }
}