PowerAuthAuthenticationProvider (powerauth-restful-security 0.12.0 API)

java.lang.Object
- io.getlime.rest.api.security.provider.PowerAuthAuthenticationProvider

All Implemented Interfaces:

org.springframework.security.authentication.AuthenticationProvider
```
@Component
public class PowerAuthAuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider
```
Implementation of PowerAuth authentication provider.

Author:

Petr Dvorak

Constructor Summary

Constructors
Constructor and Description

PowerAuthAuthenticationProvider()

Constructors
Constructor and Description
`PowerAuthAuthenticationProvider()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`org.springframework.security.core.Authentication`	`authenticate(org.springframework.security.core.Authentication authentication)`
`boolean`	`supports(Class<?> authentication)`
`PowerAuthApiAuthentication`	`validateRequestSignature(javax.servlet.http.HttpServletRequest servletRequest, String requestUriIdentifier, String httpAuthorizationHeader)` The same as {`validateRequestSignature(HttpServletRequest, String, String, List)` but uses default accepted signature type (2FA or 3FA).
`PowerAuthApiAuthentication`	`validateRequestSignature(javax.servlet.http.HttpServletRequest servletRequest, String requestUriIdentifier, String httpAuthorizationHeader, List<PowerAuthSignatureTypes> allowedSignatureTypes)` Validate a request signature, make sure only supported signature types are used.
`PowerAuthApiAuthentication`	`validateRequestSignature(String httpMethod, byte[] httpBody, String requestUriIdentifier, String httpAuthorizationHeader)` The same as {`validateRequestSignature(String, byte[], String, String, List)` but uses default accepted signature type (2FA or 3FA).
`PowerAuthApiAuthentication`	`validateRequestSignature(String httpMethod, byte[] httpBody, String requestUriIdentifier, String httpAuthorizationHeader, List<PowerAuthSignatureTypes> allowedSignatureTypes)` Validate the signature from the PowerAuth 2.0 HTTP header against the provided HTTP method, request body and URI identifier.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- PowerAuthAuthenticationProvider
```
public PowerAuthAuthenticationProvider()
```

Method Detail

authenticate

public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication)
                                                              throws org.springframework.security.core.AuthenticationException

Specified by:: authenticate in interface org.springframework.security.authentication.AuthenticationProvider
Throws:: org.springframework.security.core.AuthenticationException

supports
```
public boolean supports(Class<?> authentication)
```
Specified by:

supports in interface org.springframework.security.authentication.AuthenticationProvider

validateRequestSignature

public PowerAuthApiAuthentication validateRequestSignature(String httpMethod,
                                                           byte[] httpBody,
                                                           String requestUriIdentifier,
                                                           String httpAuthorizationHeader,
                                                           List<PowerAuthSignatureTypes> allowedSignatureTypes)
                                                    throws Exception

Validate the signature from the PowerAuth 2.0 HTTP header against the provided HTTP method, request body and URI identifier. Make sure to accept only allowed signatures.

Parameters:: httpMethod - HTTP method (GET, POST, ...); httpBody - Body of the HTTP request.; requestUriIdentifier - Request URI identifier.; httpAuthorizationHeader - PowerAuth 2.0 HTTP authorization header.; allowedSignatureTypes - Allowed types of the signature.
Returns:: Instance of a PowerAuthApiAuthentication on successful authorization.
Throws:: Exception - In case authorization fails, exception is raised.

validateRequestSignature

public PowerAuthApiAuthentication validateRequestSignature(String httpMethod,
                                                           byte[] httpBody,
                                                           String requestUriIdentifier,
                                                           String httpAuthorizationHeader)
                                                    throws Exception

The same as {validateRequestSignature(String, byte[], String, String, List) but uses default accepted signature type (2FA or 3FA).

Parameters:: httpMethod - HTTP method (GET, POST, ...); httpBody - Request body; requestUriIdentifier - Request URI identifier.; httpAuthorizationHeader - PowerAuth 2.0 HTTP authorization header.
Returns:: Instance of a PowerAuthApiAuthentication on successful authorization.
Throws:: Exception - In case authorization fails, exception is raised.

validateRequestSignature

public PowerAuthApiAuthentication validateRequestSignature(javax.servlet.http.HttpServletRequest servletRequest,
                                                           String requestUriIdentifier,
                                                           String httpAuthorizationHeader,
                                                           List<PowerAuthSignatureTypes> allowedSignatureTypes)
                                                    throws Exception

Validate a request signature, make sure only supported signature types are used.

Parameters:: servletRequest - HTTPServletRequest with signed data.; requestUriIdentifier - Request URI identifier.; httpAuthorizationHeader - PowerAuth 2.0 HTTP authorization header.; allowedSignatureTypes - Allowed types of signatures.
Returns:: Instance of a PowerAuthApiAuthentication on successful authorization.
Throws:: Exception - In case authorization fails, exception is raised.

validateRequestSignature

public PowerAuthApiAuthentication validateRequestSignature(javax.servlet.http.HttpServletRequest servletRequest,
                                                           String requestUriIdentifier,
                                                           String httpAuthorizationHeader)
                                                    throws Exception

The same as {validateRequestSignature(HttpServletRequest, String, String, List) but uses default accepted signature type (2FA or 3FA).

Parameters:: servletRequest - HTTPServletRequest with signed data.; requestUriIdentifier - Request URI identifier.; httpAuthorizationHeader - PowerAuth 2.0 HTTP authorization header.
Returns:: Instance of a PowerAuthApiAuthentication on successful authorization.
Throws:: Exception - In case authorization fails, exception is raised.

Class PowerAuthAuthenticationProvider

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

PowerAuthAuthenticationProvider

Method Detail

authenticate

supports

validateRequestSignature

validateRequestSignature

validateRequestSignature

validateRequestSignature