All Downloads are FREE. Search and download functionalities are using the official Maven repository.

csip.TokenAuthentication Maven / Gradle / Ivy

Go to download

The Cloud Services Integration Platform is a SoA implementation to offer a Model-as-a-Service framework, Application Programming Interface, deployment infrastructure, and service implementations for environmental modeling.

There is a newer version: 2.6.30
Show newest version
/*
 * $Id: TokenAuthentication.java 820b0b8fd71e 2020-07-14 od $
 *
 * This file is part of the Cloud Services Integration Platform (CSIP),
 * a Model-as-a-Service framework, API and application suite.
 *
 * 2012-2020, Olaf David and others, OMSLab, Colorado State University.
 *
 * OMSLab licenses this file to you under the MIT license.
 * See the LICENSE file in the project root for more information.
 */
package csip;

/**
 *
 * @author od
 */
interface TokenAuthentication extends AutoCloseable {

  static final String AUTH_SCHEME = "Bearer";


  /**
   * Validates the token. If not valid it should throw a SecurityException.
   *
   * @param token
   * @throws SecurityException
   */
  void validate(String token) throws SecurityException;


  /**
   * Does this method require authentication?
   *
   * @return
   */
  default boolean requiresAuthentication() {
    return true;
  }


  @Override
  default void close() throws Exception {
  }


  // Check if the Authorization header is valid
  // It must not be null and must be prefixed with "Bearer" plus a whitespace
  // The authentication scheme comparison must be case-insensitive
  default boolean isTokenBasedAuthentication(String authHeader) {
    return authHeader != null && authHeader.toLowerCase()
        .startsWith(AUTH_SCHEME.toLowerCase() + " ");
  }


  // Extract the token from the Authorization header
  default String getToken(String authHeader) {
    return authHeader.substring(AUTH_SCHEME.length()).trim();
  }

  static TokenAuthentication NONE = new TokenAuthentication() {
    @Override
    public void validate(String token) throws SecurityException {
    }


    @Override
    public boolean requiresAuthentication() {
      return false;
    }

  };

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy