org.wildfly.swarm.microprofile.jwtauth.deployment.auth

Class JWTAuthMechanism

java.lang.Object

org.wildfly.swarm.microprofile.jwtauth.deployment.auth.JWTAuthMechanism

All Implemented Interfaces:

io.undertow.security.api.AuthenticationMechanism

public class JWTAuthMechanism
extends Object
implements io.undertow.security.api.AuthenticationMechanism

An AuthenticationMechanism that validates a caller based on a MicroProfile JWT bearer token

Nested Class Summary

Nested classes/interfaces inherited from interface io.undertow.security.api.AuthenticationMechanism

io.undertow.security.api.AuthenticationMechanism.AuthenticationMechanismOutcome, io.undertow.security.api.AuthenticationMechanism.ChallengeResult

Constructor Summary

Constructors

Constructor and Description
JWTAuthMechanism(JWTAuthContextInfo authContextInfo)

Method Summary

Modifier and Type	Method and Description
io.undertow.security.api.AuthenticationMechanism.AuthenticationMechanismOutcome	authenticate(io.undertow.server.HttpServerExchange exchange, io.undertow.security.api.SecurityContext securityContext) Extract the Authorization header and validate the bearer token if it exists.
protected org.jboss.security.identity.RoleGroup	extract(Subject subject) Extract the Roles group and return it as a RoleGroup
io.undertow.security.api.AuthenticationMechanism.ChallengeResult	sendChallenge(io.undertow.server.HttpServerExchange exchange, io.undertow.security.api.SecurityContext securityContext)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JWTAuthMechanism

public JWTAuthMechanism(JWTAuthContextInfo authContextInfo)

Method Detail

authenticate

public io.undertow.security.api.AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(io.undertow.server.HttpServerExchange exchange,
                                                                                                    io.undertow.security.api.SecurityContext securityContext)

Extract the Authorization header and validate the bearer token if it exists. If it does, and is validated, this builds the org.jboss.security.SecurityContext authenticated Subject that drives the container APIs as well as the authorization layers.

Specified by:

authenticate in interface io.undertow.security.api.AuthenticationMechanism

Parameters:

exchange - - the http request exchange object

securityContext - - the current security context that

Returns:

one of AUTHENTICATED, NOT_AUTHENTICATED or NOT_ATTEMPTED depending on the header and authentication outcome.

sendChallenge

public io.undertow.security.api.AuthenticationMechanism.ChallengeResult sendChallenge(io.undertow.server.HttpServerExchange exchange,
                                                                                      io.undertow.security.api.SecurityContext securityContext)

Specified by:

sendChallenge in interface io.undertow.security.api.AuthenticationMechanism

extract

protected org.jboss.security.identity.RoleGroup extract(Subject subject)

Extract the Roles group and return it as a RoleGroup

Parameters:

subject - authenticated subject

Returns:

RoleGroup from "Roles"