com.atlassian.asap.core.server.http

Class RequestAuthenticatorImpl

java.lang.Object

com.atlassian.asap.core.server.http.RequestAuthenticatorImpl

All Implemented Interfaces:

RequestAuthenticator

public class RequestAuthenticatorImpl
extends Object
implements RequestAuthenticator

Constructor Summary

Constructors

Constructor and Description
RequestAuthenticatorImpl(JwtValidator jwtValidator)

Method Summary

Modifier and Type	Method and Description
Jwt	authenticateRequest(String authorizationHeader) Authenticates a request by validating the given authorizationHeader according to the conventions.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

RequestAuthenticatorImpl

public RequestAuthenticatorImpl(JwtValidator jwtValidator)

Method Detail

authenticateRequest

public Jwt authenticateRequest(String authorizationHeader)
                        throws AuthenticationFailedException

Description copied from interface: RequestAuthenticator

Authenticates a request by validating the given authorizationHeader according to the conventions. defined in ASAP Specification

Specified by:

authenticateRequest in interface RequestAuthenticator

Parameters:

authorizationHeader - the value of the 'Authorization' header of the request to validate. This 'Authorization' header should contain a JWT with the necessary authentication information

Returns:

a valid JWT object corresponding to the claims body of the validated token

Throws:

AuthenticationFailedException - if there is a problem validating the token in the header. May be an instance of PermanentAuthenticationFailureException (eg. for an incorrect signature, or if the claims fail to pass the mandatory validations), or an instance of TransientAuthenticationFailedException (when if there is a temporary problem validating the token in the header, eg. a failure to retrieve the required public key)