All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.streamnative.pulsar.handlers.kop.security.oauth.KopOAuthBearerValidatorCallback Maven / Gradle / Ivy

The newest version!
/**
 * Copyright (c) 2019 - 2024 StreamNative, Inc.. All Rights Reserved.
 */
/**
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package io.streamnative.pulsar.handlers.kop.security.oauth;

import java.util.Objects;
import javax.security.auth.callback.Callback;
import org.apache.kafka.common.annotation.InterfaceStability;


/**
 * Copied from {@link org.apache.kafka.common.security.oauthbearer.OAuthBearerValidatorCallback}.
 *
 * A {@code Callback} for use by the {@code SaslServer} implementation when it
 * needs to provide an OAuth 2 bearer token compact serialization for
 * validation. Callback handlers should use the
 * {@link #error(String, String, String)} method to communicate errors back to
 * the SASL Client as per
 * RFC 6749: The OAuth
 * 2.0 Authorization Framework and the IANA
 * OAuth Extensions Error Registry. Callback handlers should communicate
 * other problems by raising an {@code IOException}.
 * 

* This class was introduced in 2.0.0 and, while it feels stable, it could * evolve. We will try to evolve the API in a compatible manner, but we reserve * the right to make breaking changes in minor releases, if necessary. We will * update the {@code InterfaceStability} annotation and this notice once the API * is considered stable. */ @InterfaceStability.Evolving public class KopOAuthBearerValidatorCallback implements Callback { private final String tokenValue; private KopOAuthBearerToken token = null; private String errorStatus = null; private String errorScope = null; private String errorOpenIDConfiguration = null; /** * Constructor. * * @param tokenValue * the mandatory/non-blank token value */ public KopOAuthBearerValidatorCallback(String tokenValue) { if (Objects.requireNonNull(tokenValue).isEmpty()) { throw new IllegalArgumentException("token value must not be empty"); } this.tokenValue = tokenValue; } /** * Return the (always non-null) token value. * * @return the (always non-null) token value */ public String tokenValue() { return tokenValue; } /** * Return the (potentially null) token. * * @return the (potentially null) token */ public KopOAuthBearerToken token() { return token; } /** * Return the (potentially null) error status value as per * RFC 7628: A Set * of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth * and the IANA * OAuth Extensions Error Registry. * * @return the (potentially null) error status value */ public String errorStatus() { return errorStatus; } /** * Return the (potentially null) error scope value as per * RFC 7628: A Set * of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth. * * @return the (potentially null) error scope value */ public String errorScope() { return errorScope; } /** * Return the (potentially null) error openid-configuration value as per * RFC 7628: A Set * of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth. * * @return the (potentially null) error openid-configuration value */ public String errorOpenIDConfiguration() { return errorOpenIDConfiguration; } /** * Set the token. The token value is unchanged and is expected to match the * provided token's value. All error values are cleared. * * @param token * the mandatory token to set */ public void token(KopOAuthBearerToken token) { this.token = Objects.requireNonNull(token); this.errorStatus = null; this.errorScope = null; this.errorOpenIDConfiguration = null; } /** * Set the error values as per * RFC 7628: A Set * of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth. * Any token is cleared. * * @param errorStatus * the mandatory error status value from the IANA * OAuth Extensions Error Registry to set * @param errorScope * the optional error scope value to set * @param errorOpenIDConfiguration * the optional error openid-configuration value to set */ public void error(String errorStatus, String errorScope, String errorOpenIDConfiguration) { if (Objects.requireNonNull(errorStatus).isEmpty()) { throw new IllegalArgumentException("error status must not be empty"); } this.errorStatus = errorStatus; this.errorScope = errorScope; this.errorOpenIDConfiguration = errorOpenIDConfiguration; this.token = null; } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy