@FunctionalInterface public interface OAuth2RBAC
isAuthorized
method to verify authorities. For provides that do not
export the permissions/roles in the token, this interface allows you to communicate with 3rd party services
such as graph APIs to collect the required data.
The contract is that once an authority is checked for a given user, it's value is cached during the execution
of the request. If a user is stored to a persistent storage, or the token is introspected, the cache is cleared
and a new call will be handled to the implementation.Modifier and Type | Method and Description |
---|---|
void |
isAuthorized(AccessToken user,
String authority,
Handler<AsyncResult<Boolean>> handler)
This method should verify if the user has the given authority and return either a boolean value or an error.
|
void isAuthorized(AccessToken user, String authority, Handler<AsyncResult<Boolean>> handler)
user
- the given user to assert onauthority
- the authority to lookuphandler
- the result handler.Copyright © 2023 Eclipse. All rights reserved.