Interface AuthScheme

All Known Implementing Classes:
BasicAuthScheme, BearerIvoaAuthScheme, CookieIvoaAuthScheme, IvoaAuthScheme, X509IvoaAuthScheme

public interface AuthScheme
Represents an RFC7235 authentication scheme. It knows how to turn a particular class of authentication Challenges into an AuthContext.

Note that instances of this class may or may not map exactly to an Authentication Scheme as defined in RFC7235; a given instance may only be able to respond to a subset of challenges with a given scheme name.

Since:
15 Jun 2020
Author:
Mark Taylor
See Also:
  • Method Summary

    Modifier and Type
    Method
    Description
    Attempts to return an object that can take user input to generate an AuthContext based on a given challenge.
    Returns a human-readable name identifying the authentication scheme implemented by this object.
  • Method Details

    • getName

      String getName()
      Returns a human-readable name identifying the authentication scheme implemented by this object. The returned string is typically the auth-scheme token from an RFC7235 challenge (for instance "Basic" for Basic authentication), but a different value may be used if required to distinguish it from other instances.
      Returns:
      name for this scheme
    • createContextFactory

      ContextFactory createContextFactory(Challenge challenge, URL url) throws BadChallengeException
      Attempts to return an object that can take user input to generate an AuthContext based on a given challenge. There are three possible outcomes of this method.
      • If this scheme recognises the challenge type and expects to be able to use it to generate AuthContexts, it should return a suitable ContextFactory
      • If this scheme recognises the challenge type but something is wrong with the challenge syntax (for instance missing parameters), it should throw a BadChallengeException, preferably with an explanatory message
      • If this scheme doesn't recognise the challenge type (for instance the challenge scheme string is not that implemented by this object), it should return null

      Note that this method should just examine the syntax of the supplied challenge; it is not expected to make network connections etc to determine if context creation will be successful.

      Parameters:
      challenge - authentication challenge object
      url - URL with which the challenge is associated
      Returns:
      context factory if challenge is recognised, or null if it isn't
      Throws:
      BadChallengeException - if the challenge scheme etc indicates that it is destined for this AuthScheme, but the challenge is not of the correct form