• Home
• com.ibm.mfp
• adapter-maven-api
• 8.0.2024082809
• source code
• OAuthSecurity.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.ibm.mfp.adapter.api.OAuthSecurity Maven / Gradle / Ivy

/*
* © Copyright IBM Corp. 2016
* All Rights Reserved. US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
*/

package com.ibm.mfp.adapter.api;

import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

/**
 * This annotation is used to configure protection of Java API for RESTful Web Services (JAX-RS) adapter resources.

 * The MobileFirst security framework provides default resource protection: access to any MobileFirst adapter resources requires
 * an access token, and the framework verifies that the request is issued from an application that is registered with MobileFirst Server.

 * Use this annotation to assign custom security scopes to your resources, or to disable the default MobileFirst resource protection.

 * The annotation can be applied either to a specific resource method or to an entire resource class.
 * Method-level annotations override class-level annotations. 
 *
 * @author artem
 *         Date: 8 Aug, 2015
 */
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.METHOD, ElementType.TYPE})
public @interface OAuthSecurity {

    String DEFAULT_SCOPE = "RegisteredClient";

    /**
     * Optional. The scope that protects the resource, as a string of one or more space-separated scope elements.
     * A scope element can be a keyword that is mapped to a security check, or the name of a security check.

     * The default value of this element is "RegisteredClient", which applies the default MobileFirst resource protection.

     * When the value of the {@link #enabled} element is {@code false}, the {@code scope} element is ignored.
     * @return The protecting scope.
     */
    String scope() default DEFAULT_SCOPE;

    /**
     * Optional. The resource-protection state:
     * 

     *     
{@code true}  - The resource is protected and requires an access token. This is the default value.
     *     
{@code false} - The resource is not protected and does not require an access token.

     *                         When this value is set, the {@link #scope} element is ignored.
     *     
     * 
     * @return {@code true} if the resource is protected, or {@code false} if it is not protected.
     */
    boolean enabled() default true;
}