• Home
• io.bdeploy
• api
• 7.3.6
• source code
• ApiAccessToken.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.bdeploy.common.security.ApiAccessToken Maven / Gradle / Ivy

package io.bdeploy.common.security;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.concurrent.TimeUnit;

/**
 * Represents a secure access token. Whoever has a correctly signed token of
 * this type has access to the remote API.
 * 

 * A token may be weak, in which case it allows access only to endpoints which
 * allow weak tokens explicitly.
 * 

 * This mechanism is used to provide tokens which are allowed solely for automated
 * applications like the client launcher, so it can fetch updates and applications.
 */
public class ApiAccessToken {

    public static final String SYSTEM_USER = "BDeploy System";
    public static final ScopedPermission ADMIN_PERMISSION = new ScopedPermission(ScopedPermission.Permission.ADMIN);

    String it; // issuedTo

    private final List c = new ArrayList<>(); // permissions
    private long ia; // issuedAt
    private long vu; // validUntil
    private boolean wt; // weakToken

    public String getIssuedTo() {
        return it;
    }

    public boolean isValid() {
        return vu > System.currentTimeMillis();
    }

    public boolean isWeak() {
        return wt;
    }

    public boolean isSystem() {
        return SYSTEM_USER.equals(it);
    }

    public Collection getPermissions() {
        return Collections.unmodifiableCollection(c);
    }

    public static final class Builder {

        private final ApiAccessToken token = new ApiAccessToken();

        public Builder() {
            token.ia = System.currentTimeMillis();
            token.vu = token.ia + TimeUnit.DAYS.toMillis(17800);
        }

        public Builder setIssuedTo(String name) {
            token.it = name;
            return this;
        }

        public Builder forSystem() {
            token.it = SYSTEM_USER;
            return this;
        }

        public Builder setWeak(boolean weak) {
            token.wt = weak;
            return this;
        }

        public Builder addPermission(ScopedPermission permission) {
            if (!permission.isGlobal()) {
                throw new IllegalArgumentException("Only global permissions are allowed in access tokens");
            }
            token.c.add(permission);
            return this;
        }

        public Builder addPermission(Collection permissions) {
            permissions.forEach(this::addPermission);
            return this;
        }

        public ApiAccessToken build() {
            return token;
        }

    }
}