@Extensible @BrokerExtension @DirectoryServerExtension @SynchronizationServerExtension(appliesToLocalContent=true, appliesToSynchronizedContent=false) @MetricsEngineExtension @DirectoryProxyServerExtension(appliesToLocalContent=true, appliesToRemoteContent=true) @ThreadSafety(level=INTERFACE_THREADSAFE) public abstract class AccessTokenValidator extends java.lang.Object implements UnboundIDExtension, Configurable, ExampleUsageProvider
dsconfig create-token-validator \ ---validator-name "{name}" \ --type third-party \ --set "extension-class:{class-name}" \ --set "extension-argument:{name=value}"where "{name}" is the name to use for the Access Token Validator instance, "{class-name}" is the fully-qualified name of the Java class that extends
com.unboundid.directory.sdk.common.api.AccessTokenValidator
,
and "{name=value}" represents name-value pairs for any arguments to
provide to the Access Token Validator. If multiple arguments should be
provided to the extension, then the
"--set extension-argument:{name=value}
" option should be
provided multiple times.Constructor and Description |
---|
AccessTokenValidator()
Creates a new instance of this Access Token Validator.
|
Modifier and Type | Method and Description |
---|---|
void |
defineConfigArguments(ArgumentParser parser)
Updates the provided argument parser to define any configuration arguments
which may be used by this extension.
|
void |
finalizeTokenValidator()
Performs any cleanup which may be necessary when this token validator
is to be taken out of service.
|
java.util.Map<java.util.List<java.lang.String>,java.lang.String> |
getExamplesArgumentSets()
Retrieves a map containing examples of configurations that may be used for
this extension.
|
abstract java.lang.String[] |
getExtensionDescription()
Retrieves a human-readable description for this extension.
|
abstract java.lang.String |
getExtensionName()
Retrieves a human-readable name for this extension.
|
void |
initializeTokenValidator(ServerContext serverContext,
AccessTokenValidatorConfig config,
ArgumentParser parser)
Initializes this access token validator.
|
abstract TokenValidationResult |
validate(java.lang.String encodedAccessToken)
Validate the provided access token.
|
public AccessTokenValidator()
initializeTokenValidator(com.unboundid.directory.sdk.common.types.ServerContext, com.unboundid.directory.sdk.common.config.AccessTokenValidatorConfig, com.unboundid.util.args.ArgumentParser)
method.public abstract java.lang.String getExtensionName()
getExtensionName
in interface UnboundIDExtension
public abstract java.lang.String[] getExtensionDescription()
getExtensionDescription
in interface UnboundIDExtension
null
or an empty array if no description should be available.public java.util.Map<java.util.List<java.lang.String>,java.lang.String> getExamplesArgumentSets()
getExamplesArgumentSets
in interface ExampleUsageProvider
null
or empty if there should
not be any example argument sets.public void defineConfigArguments(ArgumentParser parser) throws ArgumentException
defineConfigArguments
in interface Configurable
parser
- The argument parser to be updated with the configuration
arguments which may be used by this extension.ArgumentException
- If a problem is encountered while updating the
provided argument parser.public void initializeTokenValidator(ServerContext serverContext, AccessTokenValidatorConfig config, ArgumentParser parser) throws java.lang.Exception
serverContext
- A handle to the server context for the server in
which this extension is running.config
- The general configuration for this token validator.parser
- The argument parser which has been initialized from
the configuration for this token validator.java.lang.Exception
- If a problem occurs while initializing this
token validator.public void finalizeTokenValidator()
public abstract TokenValidationResult validate(java.lang.String encodedAccessToken) throws java.lang.Exception
encodedAccessToken
- access token string as it is received from the
requesting client.active
field of the TokenValidationResult must be
set by the validator.
The decision as to whether an access token is accepted or not is made by
the servlet hosting the token validator.
If the token cannot be introspected by the Access Token Validator it must
return null to allow other validators to have a chance to process the
token.java.lang.Exception
- if an error occurs during the processing of a token
that can be introspected by the validator. Exceptions should only be
thrown for unexpected internal errors. Sensitive information should not
be included in the exception message as the message may be returned to
the client application that has passed the token.