All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.bdeploy.common.security.ApiAccessToken Maven / Gradle / Ivy

Go to download

Public API including dependencies, ready to be used for integrations and plugins.

There is a newer version: 7.4.0
Show newest version
package io.bdeploy.common.security;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.concurrent.TimeUnit;

/**
 * Represents a secure access token. Whoever has a correctly signed token of
 * this type has access to the remote API.
 * 

* A token may be weak, in which case it allows access only to endpoints which * allow weak tokens explicitly. *

* This mechanism is used to provide tokens which are allowed solely for automated * applications like the client launcher, so it can fetch updates and applications. */ public class ApiAccessToken { public static final String SYSTEM_USER = "BDeploy System"; public static final ScopedPermission ADMIN_PERMISSION = new ScopedPermission(ScopedPermission.Permission.ADMIN); String it; // issuedTo private final List c = new ArrayList<>(); // permissions private long ia; // issuedAt private long vu; // validUntil private boolean wt; // weakToken public String getIssuedTo() { return it; } public boolean isValid() { return vu > System.currentTimeMillis(); } public boolean isWeak() { return wt; } public boolean isSystem() { return SYSTEM_USER.equals(it); } public Collection getPermissions() { return Collections.unmodifiableCollection(c); } public static final class Builder { private final ApiAccessToken token = new ApiAccessToken(); public Builder() { token.ia = System.currentTimeMillis(); token.vu = token.ia + TimeUnit.DAYS.toMillis(17800); } public Builder setIssuedTo(String name) { token.it = name; return this; } public Builder forSystem() { token.it = SYSTEM_USER; return this; } public Builder setWeak(boolean weak) { token.wt = weak; return this; } public Builder addPermission(ScopedPermission permission) { if (!permission.isGlobal()) { throw new IllegalArgumentException("Only global permissions are allowed in access tokens"); } token.c.add(permission); return this; } public Builder addPermission(Collection permissions) { permissions.forEach(this::addPermission); return this; } public ApiAccessToken build() { return token; } } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy