public class AsapAuthorizer extends Object
Jwt claim) is allowed access to a resource protected by a given
AsapAuthorizationConfig.
Authorization is based on the AsapAuthorizationConfig.getRequiredIssuers() list in the config:
if the token was issued by one of those issuers, access is granted.
| Constructor and Description |
|---|
AsapAuthorizer() |
| Modifier and Type | Method and Description |
|---|---|
void |
authorize(AsapAuthorizationConfig config,
Optional<com.atlassian.asap.api.Jwt> asapJwt)
Authorizes the optional jwt token against the config.
|
boolean |
isAuthorized(AsapAuthorizationConfig config,
com.atlassian.asap.api.Jwt jwt)
Checks the list of issuers against the jwt token.
|
void |
throwIfMandatory(AsapAuthorizationConfig config)
Checks whether the AsapAuthorizationConfig is mandatory, and throws an AuthorizationFailedException if it is
|
public void authorize(AsapAuthorizationConfig config, Optional<com.atlassian.asap.api.Jwt> asapJwt)
config - asapJwt - AuthorizationFailedException - if asap isn't allowed, or the JWT token is not authorized, or jwt token is missing and ASAP is mandatorypublic boolean isAuthorized(AsapAuthorizationConfig config, com.atlassian.asap.api.Jwt jwt)
This check succeeds if ASAP is allowed, and the requiredIssuers of the config contains the issuer of the jwt token, or if asap is allowed and there are no requiredIssuers in the config
public void throwIfMandatory(AsapAuthorizationConfig config)
config - AuthorizationFailedException - if the config specifies ASAP as mandatoryCopyright © 2003–2017 Atlassian. All rights reserved.