com.atlassian.confluence.rpc.auth
Class TokenAuthenticationInvocationHandler

java.lang.Object
  com.atlassian.confluence.rpc.auth.TokenAuthenticationInvocationHandler

All Implemented Interfaces:

InvocationHandler

public class TokenAuthenticationInvocationHandler
extends Object
implements InvocationHandler

An interceptor to handle token based authentication and login/logout.

For login and logout method calls on the target object, invokes TokenAuthenticationManager.login(String, String) or TokenAuthenticationManager.logout(String) instead.

For all other methods, uses the first argument as a token to look up an authenticated user in the TokenAuthenticationManager and set the AuthenticatedUserThreadLocal before executing the method.

Constructor Summary

TokenAuthenticationInvocationHandler()

Method Summary

protected com.atlassian.user.User	getAuthenticatedUser(String token) Determines which user is performing the request.
Object	invoke(Object proxy, Method method, Object[] args)
protected Object	invokeAuthenticatedMethod(com.atlassian.user.User user, Method method, Object[] args) Sets the authenticated user to the provided user before calling the method and restores the original user afterwards.
static Object	makeAuthenticatingProxy(Object rpcService, Class publishedInterface)
void	setTokenAuthenticationManager(TokenAuthenticationManager tokenAuthenticationManager)
void	setWrappedObject(Object wrappedObject)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

TokenAuthenticationInvocationHandler

public TokenAuthenticationInvocationHandler()

Method Detail

makeAuthenticatingProxy

public static Object makeAuthenticatingProxy(Object rpcService,
                                             Class publishedInterface)

invoke

public Object invoke(Object proxy,
                     Method method,
                     Object[] args)
              throws Throwable

Specified by:

invoke in interface InvocationHandler

Throws:

Throwable

invokeAuthenticatedMethod

protected Object invokeAuthenticatedMethod(com.atlassian.user.User user,
                                           Method method,
                                           Object[] args)
                                    throws Throwable

Sets the authenticated user to the provided user before calling the method and restores the original user afterwards.

Parameters:

user - the user who is executing the method

method - the method to execute

args - any arguments to the method

Returns:

the result of executing the method

Throws:

Throwable - rethrows any exception thrown by the invoked method

See Also:

AuthenticatedUserThreadLocal

getAuthenticatedUser

protected com.atlassian.user.User getAuthenticatedUser(String token)
                                                throws InvalidSessionException,
                                                       NotPermittedException

Determines which user is performing the request. It attempts, in order:

1. a non-anonymous user registered against provided token, if it is not blank
2. a non-anonymous user authenticated by the normal security filters
3. finally, the default is the anonymous user.

Returns the authenticated user.

Parameters:

token - the authentication token

Returns:

an authenticated user

Throws:

InvalidSessionException - if the provided token is invalid

NotPermittedException - if we need to fall back to the anonymous user, but anonymous access to the remote API is disabled

setWrappedObject

public void setWrappedObject(Object wrappedObject)

setTokenAuthenticationManager

public void setTokenAuthenticationManager(TokenAuthenticationManager tokenAuthenticationManager)