com.atlassian.asap.core.server.jersey

Class WhitelistJerseyRequestAuthorizer

java.lang.Object

com.atlassian.asap.core.server.jersey.WhitelistJerseyRequestAuthorizer

All Implemented Interfaces:

JerseyRequestAuthorizer

public class WhitelistJerseyRequestAuthorizer
extends Object
implements JerseyRequestAuthorizer

Decides if a request is authorized based on whitelists for the issuer and effective subject.

Constructor Summary

Constructors

Constructor and Description
WhitelistJerseyRequestAuthorizer(Iterable<String> authorizedSubjects, Iterable<String> authorizedIssuers)

Method Summary

Modifier and Type	Method and Description
void	authorize(Jwt authenticJwt, com.sun.jersey.api.core.HttpRequestContext requestContext) Tries to authorize an authentic JWT token to perform a request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

WhitelistJerseyRequestAuthorizer

public WhitelistJerseyRequestAuthorizer(Iterable<String> authorizedSubjects,
                                        Iterable<String> authorizedIssuers)

Method Detail

authorize

public void authorize(Jwt authenticJwt,
                      com.sun.jersey.api.core.HttpRequestContext requestContext)
               throws AuthorizationFailedException

Description copied from interface: JerseyRequestAuthorizer

Tries to authorize an authentic JWT token to perform a request.

Specified by:

authorize in interface JerseyRequestAuthorizer

Parameters:

authenticJwt - an authentic JWT token

requestContext - the request that is to be authorised

Throws:

AuthorizationFailedException - if the token is not authorized for this request