Package io.getlime.security.powerauth.rest.api.base.provider

Class PowerAuthAuthenticationProviderBase

java.lang.Object

io.getlime.security.powerauth.rest.api.base.provider.PowerAuthAuthenticationProviderBase

public abstract class PowerAuthAuthenticationProviderBase
extends java.lang.Object

Abstract class for PowerAuth authentication provider.

Author:

Petr Dvorak, petr@wultra.com

Constructor Summary

Constructors

Constructor	Description
PowerAuthAuthenticationProviderBase()

Method Summary

Modifier and Type	Method	Description
byte[]	extractRequestBodyBytes(javax.servlet.http.HttpServletRequest servletRequest)	Extract request body bytes from HTTP servlet request.
PowerAuthApiAuthentication	validateRequestSignature(java.lang.String httpMethod, byte[] httpBody, java.lang.String requestUriIdentifier, java.lang.String httpAuthorizationHeader)	The same as {validateRequestSignature(String, byte[], String, String, List, Integer) but uses default accepted signature type (2FA or 3FA) and does not specify forced signature version.
abstract PowerAuthApiAuthentication	validateRequestSignature(java.lang.String httpMethod, byte[] httpBody, java.lang.String requestUriIdentifier, java.lang.String httpAuthorizationHeader, java.util.List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes, java.lang.Integer forcedSignatureVersion)	Validate the signature from the PowerAuth HTTP header against the provided HTTP method, request body and URI identifier.
PowerAuthApiAuthentication	validateRequestSignature(javax.servlet.http.HttpServletRequest servletRequest, java.lang.String requestUriIdentifier, java.lang.String httpAuthorizationHeader)	The same as {validateRequestSignature(HttpServletRequest, String, String, List, Integer) but uses default accepted signature type (2FA or 3FA) and does not specify forced signature version.
PowerAuthApiAuthentication	validateRequestSignature(javax.servlet.http.HttpServletRequest servletRequest, java.lang.String requestUriIdentifier, java.lang.String httpAuthorizationHeader, java.util.List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes)	Validate a request signature, make sure only supported signature types are used, do not use forced signature version during upgrade.
PowerAuthApiAuthentication	validateRequestSignature(javax.servlet.http.HttpServletRequest servletRequest, java.lang.String requestUriIdentifier, java.lang.String httpAuthorizationHeader, java.util.List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes, java.lang.Integer forcedSignatureVersion)	Validate a request signature, make sure only supported signature types are used and allow specification of forced signature version.
PowerAuthApiAuthentication	validateToken(java.lang.String tokenHeader)	Validate the token digest from PowerAuth authentication header.
abstract PowerAuthApiAuthentication	validateToken(java.lang.String httpAuthorizationHeader, java.util.List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes)	Validate the token digest from PowerAuth authentication header.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

PowerAuthAuthenticationProviderBase

public PowerAuthAuthenticationProviderBase()

Method Details

validateRequestSignature

public abstract PowerAuthApiAuthentication validateRequestSignature(java.lang.String httpMethod,
byte[] httpBody,
java.lang.String requestUriIdentifier,
java.lang.String httpAuthorizationHeader,
java.util.List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes,
@Nullable
java.lang.Integer forcedSignatureVersion)
                                                             throws PowerAuthAuthenticationException

Validate the signature from the PowerAuth HTTP header against the provided HTTP method, request body and URI identifier. Make sure to accept only allowed signatures.

Parameters:

httpMethod - HTTP method (GET, POST, ...)

httpBody - Body of the HTTP request.

requestUriIdentifier - Request URI identifier.

httpAuthorizationHeader - PowerAuth HTTP authorization header.

allowedSignatureTypes - Allowed types of the signature.

forcedSignatureVersion - Forced signature version during upgrade.

Returns:

Instance of a PowerAuthApiAuthentication on successful authorization.

Throws:

PowerAuthAuthenticationException - In case authorization fails, exception is raised.

validateToken

public abstract PowerAuthApiAuthentication validateToken(java.lang.String httpAuthorizationHeader,
java.util.List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes)
                                                  throws PowerAuthAuthenticationException

Validate the token digest from PowerAuth authentication header.

Parameters:

httpAuthorizationHeader - HTTP header with token digest.

allowedSignatureTypes - Allowed types of the signature.

Returns:

Instance of a PowerAuthApiAuthentication on successful authorization.

Throws:

PowerAuthAuthenticationException - In case authorization fails, exception is raised.

validateRequestSignature

public PowerAuthApiAuthentication validateRequestSignature(java.lang.String httpMethod,
byte[] httpBody,
java.lang.String requestUriIdentifier,
java.lang.String httpAuthorizationHeader)
                                                    throws PowerAuthAuthenticationException

The same as {validateRequestSignature(String, byte[], String, String, List, Integer) but uses default accepted signature type (2FA or 3FA) and does not specify forced signature version.

Parameters:

httpMethod - HTTP method (GET, POST, ...)

httpBody - Request body

requestUriIdentifier - Request URI identifier.

httpAuthorizationHeader - PowerAuth HTTP authorization header.

Returns:

Instance of a PowerAuthApiAuthentication on successful authorization.

Throws:

PowerAuthAuthenticationException - In case authorization fails, exception is raised.

validateRequestSignature

public PowerAuthApiAuthentication validateRequestSignature(javax.servlet.http.HttpServletRequest servletRequest,
java.lang.String requestUriIdentifier,
java.lang.String httpAuthorizationHeader,
java.util.List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes)
                                                    throws PowerAuthAuthenticationException

Validate a request signature, make sure only supported signature types are used, do not use forced signature version during upgrade.

Parameters:

servletRequest - HTTPServletRequest with signed data.

requestUriIdentifier - Request URI identifier.

httpAuthorizationHeader - PowerAuth HTTP authorization header.

allowedSignatureTypes - Allowed types of signatures.

Returns:

Instance of a PowerAuthApiAuthentication on successful authorization.

Throws:

PowerAuthAuthenticationException - In case authorization fails, exception is raised.

validateRequestSignature

public PowerAuthApiAuthentication validateRequestSignature(javax.servlet.http.HttpServletRequest servletRequest,
java.lang.String requestUriIdentifier,
java.lang.String httpAuthorizationHeader,
java.util.List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes,
@Nullable
java.lang.Integer forcedSignatureVersion)
                                                    throws PowerAuthAuthenticationException

Validate a request signature, make sure only supported signature types are used and allow specification of forced signature version.

Parameters:

servletRequest - HTTPServletRequest with signed data.

requestUriIdentifier - Request URI identifier.

httpAuthorizationHeader - PowerAuth HTTP authorization header.

allowedSignatureTypes - Allowed types of signatures.

forcedSignatureVersion - Forced signature version during upgrade.

Returns:

Instance of a PowerAuthApiAuthentication on successful authorization.

Throws:

PowerAuthAuthenticationException - In case authorization fails, exception is raised.

validateRequestSignature

public PowerAuthApiAuthentication validateRequestSignature(javax.servlet.http.HttpServletRequest servletRequest,
java.lang.String requestUriIdentifier,
java.lang.String httpAuthorizationHeader)
                                                    throws PowerAuthAuthenticationException

The same as {validateRequestSignature(HttpServletRequest, String, String, List, Integer) but uses default accepted signature type (2FA or 3FA) and does not specify forced signature version.

Parameters:

servletRequest - HTTPServletRequest with signed data.

requestUriIdentifier - Request URI identifier.

httpAuthorizationHeader - PowerAuth HTTP authorization header.

Returns:

Instance of a PowerAuthApiAuthentication on successful authorization.

Throws:

PowerAuthAuthenticationException - In case authorization fails, exception is raised.

validateToken

public PowerAuthApiAuthentication validateToken(java.lang.String tokenHeader)
                                         throws PowerAuthAuthenticationException

Validate the token digest from PowerAuth authentication header.

Parameters:

tokenHeader - HTTP header with token digest.

Returns:

Instance of a PowerAuthApiAuthentication on successful authorization.

Throws:

PowerAuthAuthenticationException - In case authorization fails, exception is raised.

extractRequestBodyBytes

public byte[] extractRequestBodyBytes(javax.servlet.http.HttpServletRequest servletRequest)
                               throws PowerAuthAuthenticationException

Extract request body bytes from HTTP servlet request. In case the data was transparently decrypted, use the decrypted request data.

Parameters:

servletRequest - HTTP servlet request.

Returns:

Request body bytes.

Throws:

PowerAuthAuthenticationException - In case request body is invalid.