Package org.oa4mp.server.loader.oauth2.claims

Class HTTPHeaderClaimsSource

java.lang.Object

org.oa4mp.server.loader.oauth2.claims.BasicClaimsSourceImpl

org.oa4mp.server.loader.oauth2.claims.HTTPHeaderClaimsSource

All Implemented Interfaces:

Serializable, org.oa4mp.delegation.server.server.claims.ClaimSource

public class HTTPHeaderClaimsSource
extends BasicClaimsSourceImpl

This is for the specific case that claims are passed through the headers. Each starts with the caput and every claim with this caput is processed (caput is removed) and added. E.g.

     OIDC_CLAIM_sub
 

sets the "sub" claim.

In short, this filters headers based on a configurable prefix.. Any prefixed header has the prefix removed and the key-value pair returned as a claim. So if there is a header

OIDC_CLAIM_my_claim = foo

Then a claim of "my_claim" with a value of "foo" will be asserted.

Caveat

This may be set in the handler attribute of the server

Created by Jeff Gaynor
on 3/15/17 at 2:41 PM

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field	Description
String	caput
static String	PREFIX_KEY	Name of the property that contains the prefix used by this source.

Fields inherited from class org.oa4mp.server.loader.oauth2.claims.BasicClaimsSourceImpl

groupHandler

Constructor Summary

Constructors

Constructor	Description
HTTPHeaderClaimsSource()
HTTPHeaderClaimsSource(org.oa4mp.delegation.server.server.claims.ClaimSourceConfiguration configuration)
HTTPHeaderClaimsSource(org.qdl_lang.variables.QDLStem stem)

Method Summary

Modifier and Type	Method	Description
void	fromQDL(org.qdl_lang.variables.QDLStem arg)
String	getCaput()
boolean	isRunOnlyAtAuthorization()	This should usually be false.
net.sf.json.JSONObject	process(net.sf.json.JSONObject claims, org.oa4mp.delegation.server.ServiceTransaction transaction)	At the most basic level, this just returns the UserInfo object passed to it.
protected net.sf.json.JSONObject	realProcessing(net.sf.json.JSONObject claims, javax.servlet.http.HttpServletRequest request, org.oa4mp.delegation.server.ServiceTransaction transaction)	This is the actual place to put your code that only processes the claim source.
void	setCaput(String caput)
org.qdl_lang.variables.QDLStem	toQDL()

Methods inherited from class org.oa4mp.server.loader.oauth2.claims.BasicClaimsSourceImpl

addToStem, getClaims, getConfiguration, getGroupHandler, getOa2SE, getOmitList, getScopes, hasConfiguration, isEnabled, process, setConfiguration, setGroupHandler, setOa2SE, setOmitList, setScopes

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

PREFIX_KEY

public static final String PREFIX_KEY

Name of the property that contains the prefix used by this source. The default is OIDC_CLAIM_ if this is not set.

See Also:

Constant Field Values

caput

public String caput

Constructor Detail

HTTPHeaderClaimsSource

public HTTPHeaderClaimsSource(org.oa4mp.delegation.server.server.claims.ClaimSourceConfiguration configuration)

HTTPHeaderClaimsSource

public HTTPHeaderClaimsSource()

HTTPHeaderClaimsSource

public HTTPHeaderClaimsSource(org.qdl_lang.variables.QDLStem stem)

Method Detail

getCaput

public String getCaput()

setCaput

public void setCaput(String caput)

realProcessing

protected net.sf.json.JSONObject realProcessing(net.sf.json.JSONObject claims,
                                                javax.servlet.http.HttpServletRequest request,
                                                org.oa4mp.delegation.server.ServiceTransaction transaction)
                                         throws org.oa4mp.delegation.server.server.UnsupportedScopeException

Description copied from class: BasicClaimsSourceImpl

This is the actual place to put your code that only processes the claim source. The BasicClaimsSourceImpl.process(JSONObject, HttpServletRequest, ServiceTransaction) calls wrap this and invoke the pre/post processor for you. Your code should take whatever metadata is for the user and add it to the claims object.

Overrides:

realProcessing in class BasicClaimsSourceImpl

Returns:

Throws:

org.oa4mp.delegation.server.server.UnsupportedScopeException

process

public net.sf.json.JSONObject process(net.sf.json.JSONObject claims,
                                      org.oa4mp.delegation.server.ServiceTransaction transaction)
                               throws org.oa4mp.delegation.server.server.UnsupportedScopeException

Description copied from class: BasicClaimsSourceImpl

At the most basic level, this just returns the UserInfo object passed to it. Override as you deem fit.

Specified by:

process in interface org.oa4mp.delegation.server.server.claims.ClaimSource

Overrides:

process in class BasicClaimsSourceImpl

Throws:

org.oa4mp.delegation.server.server.UnsupportedScopeException

isRunOnlyAtAuthorization

public boolean isRunOnlyAtAuthorization()

Description copied from class: BasicClaimsSourceImpl

This should usually be false. It is true only for those sources that can ONLY run at authorization, such as HTTPHeaderClaimsSource, where the information is simply not available in later phases.

Specified by:

isRunOnlyAtAuthorization in interface org.oa4mp.delegation.server.server.claims.ClaimSource

Overrides:

isRunOnlyAtAuthorization in class BasicClaimsSourceImpl

fromQDL

public void fromQDL(org.qdl_lang.variables.QDLStem arg)

Specified by:

fromQDL in interface org.oa4mp.delegation.server.server.claims.ClaimSource

Overrides:

fromQDL in class BasicClaimsSourceImpl

toQDL

public org.qdl_lang.variables.QDLStem toQDL()

Specified by:

toQDL in interface org.oa4mp.delegation.server.server.claims.ClaimSource

Overrides:

toQDL in class BasicClaimsSourceImpl