PowerAuthAuthenticationProvider (powerauth-restful-security-spring-annotation 0.24.0 API)

java.lang.Object
- io.getlime.security.powerauth.rest.api.base.provider.PowerAuthAuthenticationProviderBase
- - io.getlime.security.powerauth.rest.api.spring.provider.PowerAuthAuthenticationProvider

@Component
public class PowerAuthAuthenticationProvider
extends PowerAuthAuthenticationProviderBase

Implementation of PowerAuth authentication provider.

Author:: Petr Dvorak, petr@wultra.com

Constructor Summary

Constructors
Constructor and Description

PowerAuthAuthenticationProvider()

Constructors
Constructor and Description
`PowerAuthAuthenticationProvider()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`org.springframework.security.core.Authentication`	`authenticate(org.springframework.security.core.Authentication authentication)`
`void`	`setApplicationConfiguration(PowerAuthApplicationConfiguration applicationConfiguration)`
`void`	`setPowerAuthClient(io.getlime.security.powerauth.soap.spring.client.PowerAuthServiceClient powerAuthClient)`
`PowerAuthApiAuthentication`	`validateRequestSignature(String httpMethod, byte[] httpBody, String requestUriIdentifier, String httpAuthorizationHeader, List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes, Integer forcedSignatureVersion)` Validate the signature from the PowerAuth HTTP header against the provided HTTP method, request body and URI identifier.
`PowerAuthApiAuthentication`	`validateToken(String tokenHeader, List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes)`

Methods inherited from class io.getlime.security.powerauth.rest.api.base.provider.PowerAuthAuthenticationProviderBase
extractRequestBodyBytes, validateRequestSignature, validateRequestSignature, validateRequestSignature, validateRequestSignature, validateToken

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- PowerAuthAuthenticationProvider
```
public PowerAuthAuthenticationProvider()
```

Method Detail

setPowerAuthClient

@Autowired
public void setPowerAuthClient(io.getlime.security.powerauth.soap.spring.client.PowerAuthServiceClient powerAuthClient)

setApplicationConfiguration

@Autowired(required=false)
public void setApplicationConfiguration(PowerAuthApplicationConfiguration applicationConfiguration)

authenticate

public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication)
                                                              throws org.springframework.security.core.AuthenticationException

Throws:: org.springframework.security.core.AuthenticationException

validateRequestSignature

public PowerAuthApiAuthentication validateRequestSignature(String httpMethod,
                                                           byte[] httpBody,
                                                           String requestUriIdentifier,
                                                           String httpAuthorizationHeader,
                                                           List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes,
                                                           @Nullable
                                                           Integer forcedSignatureVersion)
                                                    throws PowerAuthAuthenticationException

Validate the signature from the PowerAuth HTTP header against the provided HTTP method, request body and URI identifier. Make sure to accept only allowed signatures.

Specified by:: validateRequestSignature in class PowerAuthAuthenticationProviderBase
Parameters:: httpMethod - HTTP method (GET, POST, ...); httpBody - Body of the HTTP request.; requestUriIdentifier - Request URI identifier.; httpAuthorizationHeader - PowerAuth HTTP authorization header.; allowedSignatureTypes - Allowed types of the signature.; forcedSignatureVersion - Forced signature version, optional parameter used during upgrade.
Returns:: Instance of a PowerAuthApiAuthenticationImpl on successful authorization.
Throws:: PowerAuthAuthenticationException - In case authorization fails, exception is raised.

validateToken

public PowerAuthApiAuthentication validateToken(String tokenHeader,
                                                List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes)
                                         throws PowerAuthAuthenticationException

Specified by:: validateToken in class PowerAuthAuthenticationProviderBase
Throws:: PowerAuthAuthenticationException

Class PowerAuthAuthenticationProvider

Constructor Summary

Method Summary

Methods inherited from class io.getlime.security.powerauth.rest.api.base.provider.PowerAuthAuthenticationProviderBase

Methods inherited from class java.lang.Object

Constructor Detail