Class ResourceServerFilter
- All Implemented Interfaces:
Filter
Request
that contains an OAuth 2.0 access token. This filter expects an OAuth 2.0 token to be available in the HTTP Authorization header:
Authorization: Bearer 1fc0e143-f248-4e50-9c13-1d710360cec9
It extracts the token and validate it against the AccessTokenResolver
using the provided
ResourceAccess
.
The provided ResourceAccess
must provide the scopes required by the
AccessTokenInfo
to access the protected resource.
Once the AccessTokenInfo
is validated, it is stored in an OAuth2Context
instance
which is forwarded with the Request
to the next Handler
.
The AccessTokenInfo
could be retrieved in downstream handlers with OAuth2Context.getAccessToken()
.
The realm constructor attribute specifies the name of the realm used in the authentication challenges returned back to the client in case of errors.
If a RequestAuditContext
is present, the token's audit tracking ID is added its tracking id list.
-
Constructor Summary
ConstructorDescriptionResourceServerFilter
(AccessTokenResolver resolver, Clock clock, ResourceAccess resourceAccess, String realm) Deprecated.The clock attribute is not used anymore.ResourceServerFilter
(AccessTokenResolver resolver, ResourceAccess resourceAccess, String realm) Creates a newResourceServerFilter
. -
Method Summary
-
Constructor Details
-
ResourceServerFilter
@Deprecated public ResourceServerFilter(AccessTokenResolver resolver, Clock clock, ResourceAccess resourceAccess, String realm) Deprecated.The clock attribute is not used anymore. UseResourceServerFilter(AccessTokenResolver, ResourceAccess, String)
instead. Deprecated in 25.0.0.Creates a newResourceServerFilter
.- Parameters:
resolver
- AnAccessTokenResolver
instance.clock
- AClock
instance used to check if token is expired or not.resourceAccess
- AResourceAccess
instance.realm
- Name of the realm (used in authentication challenge returned in case of error).
-
ResourceServerFilter
public ResourceServerFilter(AccessTokenResolver resolver, ResourceAccess resourceAccess, String realm) Creates a newResourceServerFilter
.- Parameters:
resolver
- AnAccessTokenResolver
instance.resourceAccess
- AResourceAccess
instance.realm
- Name of the realm (used in authentication challenge returned in case of error).
-
-
Method Details
-
filter
public Promise<Response,NeverThrowsException> filter(Context context, Request request, Handler next) Description copied from interface:Filter
Filters the request and/or response of an exchange. To pass the request to the next filter or handler in the chain, the filter callsnext.handle(context, request)
.This method may elect not to pass the request to the next filter or handler, and instead handle the request itself. It can achieve this by merely avoiding a call to
next.handle(context, request)
and creating its own response object. The filter is also at liberty to replace a response with another of its own by intercepting the response returned by the next handler.
-