Package io.getlime.security.powerauth.rest.api.spring.provider

Class PowerAuthAuthenticationProvider

java.lang.Object
io.getlime.security.powerauth.rest.api.base.provider.PowerAuthAuthenticationProviderBase
io.getlime.security.powerauth.rest.api.spring.provider.PowerAuthAuthenticationProvider
@Component
public class PowerAuthAuthenticationProvider
extends PowerAuthAuthenticationProviderBase
Implementation of PowerAuth authentication provider.
Author:
Petr Dvorak, petr@wultra.com

  • Constructor Details

    • PowerAuthAuthenticationProvider

      public PowerAuthAuthenticationProvider()

  • Method Details

    • setPowerAuthClient

      @Autowired public void setPowerAuthClient​(com.wultra.security.powerauth.client.PowerAuthClient powerAuthClient)
      Set PowerAuth service client via setter injection.
      Parameters:
      powerAuthClient - PowerAuth service client.

    • authenticate

      public org.springframework.security.core.Authentication authenticate​(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException
      Authenticate user using the provided authentication.
      Parameters:
      authentication - Authentication used to verify the user.
      Returns:
      Authentication with the authenticated user details.
      Throws:
      org.springframework.security.core.AuthenticationException - In case authentication fails.

    • validateRequestSignature

      public PowerAuthApiAuthentication validateRequestSignature​(String httpMethod, byte[] httpBody, String requestUriIdentifier, String httpAuthorizationHeader, List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes, @Nullable Integer forcedSignatureVersion) throws PowerAuthAuthenticationException
      Validate the signature from the PowerAuth HTTP header against the provided HTTP method, request body and URI identifier. Make sure to accept only allowed signatures.
      Specified by:
      validateRequestSignature in class PowerAuthAuthenticationProviderBase
      Parameters:
      httpMethod - HTTP method (GET, POST, ...)
      httpBody - Body of the HTTP request.
      requestUriIdentifier - Request URI identifier.
      httpAuthorizationHeader - PowerAuth HTTP authorization header.
      allowedSignatureTypes - Allowed types of the signature.
      forcedSignatureVersion - Forced signature version, optional parameter used during upgrade.
      Returns:
      Instance of a PowerAuthApiAuthenticationImpl on successful authorization.
      Throws:
      PowerAuthAuthenticationException - In case authorization fails, exception is raised.

    • validateToken

      public PowerAuthApiAuthentication validateToken​(String tokenHeader, List<io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes> allowedSignatureTypes) throws PowerAuthAuthenticationException
      Validate token header for simple token-based authentication.
      Specified by:
      validateToken in class PowerAuthAuthenticationProviderBase
      Parameters:
      tokenHeader - Token header.
      allowedSignatureTypes - Allowed types of the signature.
      Returns:
      Authentication object in case authentication is correctly obtained.
      Throws:
      PowerAuthAuthenticationException - In case of authentication failure.