• Home
• org.glassfish.jersey.security
• oauth1-server
• 2.37
• source code
• OAuth1Consumer.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.glassfish.jersey.server.oauth1.OAuth1Consumer Maven / Gradle / Ivy

/*
 * Copyright (c) 2010, 2018 Oracle and/or its affiliates. All rights reserved.
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Public License v. 2.0, which is available at
 * http://www.eclipse.org/legal/epl-2.0.
 *
 * This Source Code may also be made available under the following Secondary
 * Licenses when the conditions for such availability set forth in the
 * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
 * version 2 with the GNU Classpath Exception, which is available at
 * https://www.gnu.org/software/classpath/license.html.
 *
 * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
 */

package org.glassfish.jersey.server.oauth1;

import java.security.Principal;

/**
 * Class representing a registered consumer.
 *
 * @author Martin Matula
 */
public interface OAuth1Consumer {
    /** Returns consumer key.
     *
     * @return consumer key
     */
    String getKey();

    /** Returns consumer secret.
     *
     * @return consumer secret
     */
    String getSecret();

    /** Returns a {@link java.security.Principal} object representing this consumer.
     * When the oauth filter verifies the request
     * and no access token is provided, this is the principal that will get set to the security context.
     * This can be used for 2-legged oauth. If the server does not allow consumers acting
     * on their own (with no access token), this method should return null.
     *
     * @return Principal corresponding to this consumer, or null if 2-legged oauth not supported (i.e. consumers can't act on their own)
     */
    Principal getPrincipal();

    /** Returns a boolean indicating whether this consumer is authorized for the
     * specified logical "role". When the oauth filter verifies the request
     * and no access token is provided (2-legged oauth), it sets the consumer object to the security context
     * which then delegates {@link javax.ws.rs.core.SecurityContext#isUserInRole(String)} to this
     * method.
     *
     * @param role a {@code String} specifying the name of the role
     *
     * @return a {@code boolean} indicating whether this token is authorized for
     * a given role
     */
    boolean isInRole(String role);
}