IssuerAndSubjectWhitelistAsapAuthenticationProvider (ASAP

java.lang.Object
- com.atlassian.asap.core.server.springsecurity.AsapAuthenticationProvider
- - com.atlassian.asap.core.server.springsecurity.IssuerAndSubjectWhitelistAsapAuthenticationProvider

All Implemented Interfaces:

org.springframework.security.authentication.AuthenticationProvider
```
public class IssuerAndSubjectWhitelistAsapAuthenticationProvider
extends AsapAuthenticationProvider
```
ASAP authentication provider that grants static authorities based on whitelists of issuers and effective subjects. Valid tokens that are not included in the whitelists will be authenticated, but are not granted any authority.

See Also:

base class documentation for more

Constructor Summary

Constructors
Constructor and Description
`IssuerAndSubjectWhitelistAsapAuthenticationProvider(JwtValidator jwtValidator, Iterable<String> validIssuers, Iterable<String> validSubjects, Iterable<org.springframework.security.core.GrantedAuthority> authorities)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected Collection<org.springframework.security.core.GrantedAuthority>`	`getGrantedAuthorities(Jwt validJwt)` Subclasses should implement the strategy to grant authorities to valid JWT tokens with the given combination of issuer and effective subject.

Methods inherited from class com.atlassian.asap.core.server.springsecurity.AsapAuthenticationProvider
authenticate, effectiveSubject, getDefaultAuthorities, supports

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

IssuerAndSubjectWhitelistAsapAuthenticationProvider

public IssuerAndSubjectWhitelistAsapAuthenticationProvider(JwtValidator jwtValidator,
                                                           Iterable<String> validIssuers,
                                                           Iterable<String> validSubjects,
                                                           Iterable<org.springframework.security.core.GrantedAuthority> authorities)

Parameters:: jwtValidator - the validator of JWT tokens; validIssuers - a white list of valid issuers; validSubjects - a white list of valid subjects; authorities - the authorities granted to tokens that are included in both whitelists

Method Detail
- getGrantedAuthorities
```
protected Collection<org.springframework.security.core.GrantedAuthority> getGrantedAuthorities(Jwt validJwt)
```
  Description copied from class: AsapAuthenticationProvider
  
  Subclasses should implement the strategy to grant authorities to valid JWT tokens with the given combination of issuer and effective subject.
  
  Overrides:
  
  getGrantedAuthorities in class AsapAuthenticationProvider
  
  Returns:
  
  authorities granted to the JWT token

Class IssuerAndSubjectWhitelistAsapAuthenticationProvider

Constructor Summary

Method Summary

Methods inherited from class com.atlassian.asap.core.server.springsecurity.AsapAuthenticationProvider

Methods inherited from class java.lang.Object

Constructor Detail

IssuerAndSubjectWhitelistAsapAuthenticationProvider

Method Detail

getGrantedAuthorities