1 package com.atlassian.asap.service.api;
2
3 import java.util.Optional;
4
5 import static java.util.Objects.requireNonNull;
6
7 /**
8 * Point of contact of service-to-service authentication tools.
9 *
10 * @since 2.8
11 */
12 public interface AsapService {
13 /**
14 * Creates a builder for generating an HTTP {@code Authorization} header value containing an ASAP token.
15 *
16 * @return a new authorization builder
17 */
18 AuthorizationBuilder authorizationBuilder();
19
20 /**
21 * Create a validator for verifying the contents of an HTTP {@code Authorization} header value.
22 *
23 * @return a new token validator
24 */
25 TokenValidator tokenValidator();
26
27 /**
28 * Creates a validator and populates it with the provided annotation's settings, then applies it
29 * to the given {@code Authorization} header value.
30 * <p>
31 * This convenience method creates a {@link #tokenValidator() token validator}, applies all of
32 * the settings from the annotation to it, then calls {@link TokenValidator#validate(Optional) validate}
33 * using the supplied authorization header.
34 * </p>
35 *
36 * @param annotation an {@code @AsapAuth} annotation with the settings to apply
37 * @param authHeader the {@code Authorization} header that was provided for the request
38 * @return the result of validating {@code authHeader} against the settings specified by {@code annotation}
39 */
40 default ValidationResult validate(AsapAuth annotation, Optional<String> authHeader) {
41 requireNonNull(annotation, "annotation");
42 requireNonNull(authHeader, "authHeader");
43 return tokenValidator()
44 .issuer(annotation.issuer())
45 .subject(annotation.subject())
46 .subjectImpersonation(annotation.subjectImpersonation())
47 .impersonationIssuer(annotation.impersonationIssuer())
48 .audience(annotation.audience())
49 .policy(annotation.policy())
50 .validate(authHeader);
51 }
52 }