001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * docs/licenses/cddl.txt 011 * or http://www.opensource.org/licenses/cddl1.php. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * docs/licenses/cddl.txt. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2018-2021 Ping Identity Corporation 026 */ 027 028package com.unboundid.directory.sdk.broker.types; 029 030import com.fasterxml.jackson.databind.JsonNode; 031import com.unboundid.directory.sdk.common.types.TokenValidationResult; 032 033import java.util.Map; 034import java.util.Optional; 035 036/** 037 * Object passed to {@link com.unboundid.directory.sdk.broker.api.Advice} 038 * implementations containing information about the policy request that 039 * triggered the return of the Advice. 040 */ 041public interface PolicyRequestDetails { 042 043 /** 044 * Get the action for which authorization was requested. 045 * 046 * @return The action string that was passed in the policy request. 047 */ 048 String getAction(); 049 050 /** 051 * Get the name of the service on whose behalf the request is being 052 * authorized. 053 * 054 * @return The service name. 055 */ 056 String getService(); 057 058 /** 059 * Get the path to the resource for which authorization was requested. 060 * 061 * @return The resource path. 062 */ 063 String getResourcePath(); 064 065 /** 066 * Get the type of resource to which authorization was requested. 067 * 068 * @return A string representing the resource type. 069 */ 070 String getResourceType(); 071 072 /** 073 * Gets the contents of the resource to which access was requested. Note that 074 * this object may not be available in all cases. 075 * 076 * @return The resource contents as a JSON node. 077 */ 078 Optional<JsonNode> getResource(); 079 080 /** 081 * Get information about the token owner. This is only available if an 082 * access token was used and a Token Resource Lookup Method successfully 083 * looked up the token subject. 084 * 085 * @return Token owner details. 086 */ 087 Optional<TokenOwnerPrincipal> getTokenOwner(); 088 089 /** 090 * Get access token details. This is only available if an access token was 091 * used and an Access Token Validator was able to validate the token. 092 * 093 * @return Access token details. 094 */ 095 Optional<TokenValidationResult> getAccessToken(); 096 097 /** 098 * Get additional policy request attributes. 099 * 100 * @return Additional policy request attributes. 101 */ 102 Map<String, String> getAttributes(); 103 104 /** 105 * Get the decision returned from the authorization request. 106 * 107 * @return PolicyDecision enum representing either Permit or Deny. 108 */ 109 PolicyDecision getDecision(); 110}