Package uk.ac.starlink.auth
Class BearerIvoaAuthScheme
java.lang.Object
uk.ac.starlink.auth.IvoaAuthScheme
uk.ac.starlink.auth.BearerIvoaAuthScheme
- All Implemented Interfaces:
AuthScheme
IvoaAuthScheme concrete subclass for working with bearer tokens.
This implements the "ivoa_bearer" scheme. The bearer token is acquired from the "X-VO-Bearer" header of the login response, and is subsequently used in accordance with RFC6750 like:
Authorization: Bearer <token-text>
Note that at time of writing it is not in general safe to use this scheme because the details of token scope have not been worked out, leading to the possibility of a third-party malevolent site issuing a challenge that would result in stealing tokens.
- Since:
- 10 Dec 2021
- Author:
- Mark Taylor
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from class uk.ac.starlink.auth.IvoaAuthScheme
IvoaAuthScheme.AuthReader<T>
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final BearerIvoaAuthScheme
Singleton instance.static final String
Name and identifier for this scheme ("ivoa_bearer").static final String
Name of login response header containing bearer token.Fields inherited from class uk.ac.starlink.auth.IvoaAuthScheme
ACCESSURL_PARAM, STANDARDID_PARAM
-
Method Summary
Modifier and TypeMethodDescriptioncreateContextFactory
(LoginProtocol loginProto, URL loginUrl, URL challengeUrl) Creates a ContextFactory for this scheme with a given login protocol instance.Methods inherited from class uk.ac.starlink.auth.IvoaAuthScheme
createContextFactory, getName, getSuccessResponse, readAuth
-
Field Details
-
INSTANCE
Singleton instance. -
SCHEME_NAME
Name and identifier for this scheme ("ivoa_bearer").- See Also:
-
TOKEN_HEADER
Name of login response header containing bearer token.- See Also:
-
-
Method Details
-
createContextFactory
public ContextFactory createContextFactory(LoginProtocol loginProto, URL loginUrl, URL challengeUrl) Description copied from class:IvoaAuthScheme
Creates a ContextFactory for this scheme with a given login protocol instance. The return value should generally not be null, since if it's got as far as this call, the challenge looks like it's intended for this scheme.- Specified by:
createContextFactory
in classIvoaAuthScheme
- Parameters:
loginProto
- login protocolloginUrl
- login URLchallengeUrl
- URL from which the challenge was received- Returns:
- context factory
-