public interface User
Please consult the documentation for a detailed explanation.
Modifier and Type | Method and Description |
---|---|
JsonObject |
attributes()
Gets extra attributes of the user.
|
default Authorizations |
authorizations()
Returns user's authorizations that have been previously loaded by the providers.
|
default User |
clearCache()
Deprecated.
This method will be removed. Use
Authorizations.clear() |
default boolean |
containsKey(String key)
Checks if a value exists on the user object.
|
static User |
create(JsonObject principal)
Factory for user instances that are free form.
|
static User |
create(JsonObject principal,
JsonObject attributes)
Factory for user instances that are free form.
|
default boolean |
expired()
Flags this user object to be expired.
|
default boolean |
expired(int leeway)
Flags this user object to be expired.
|
static User |
fromName(String username)
Factory for user instances that are single string.
|
static User |
fromToken(String token)
Factory for user instances that are single string.
|
default <T> T |
get(String key)
Get a value from the user object.
|
default <T> T |
getOrDefault(String key,
T defaultValue)
Get a value from the user object.
|
default boolean |
hasAmr(String value)
The "amr" (Authentication Methods References) returns a unique list of claims as defined and
registered in the IANA "JSON Web Token Claims" registry.
|
default Future<Boolean> |
isAuthorized(Authorization authority)
Deprecated.
|
User |
isAuthorized(Authorization authority,
Handler<AsyncResult<Boolean>> resultHandler)
Deprecated.
|
default Future<Boolean> |
isAuthorized(String authority)
Deprecated.
Use typed alternative
isAuthorized(Authorization) |
default User |
isAuthorized(String authority,
Handler<AsyncResult<Boolean>> resultHandler)
Deprecated.
Use typed alternative
isAuthorized(Authorization, Handler) |
User |
merge(User other)
Merge the principal and attributes of a second user into this object properties.
|
JsonObject |
principal()
Get the underlying principal for the User.
|
void |
setAuthProvider(AuthProvider authProvider)
Deprecated.
|
default String |
subject()
The user subject.
|
static User fromName(String username)
"username"
with the name as value.username
- the value for this userstatic User fromToken(String token)
"access_token"
with the name as value.token
- the value for this userstatic User create(JsonObject principal)
principal
- the free form json principalstatic User create(JsonObject principal, JsonObject attributes)
principal
- the free form json principalattributes
- the free form json attributes that further describe the principaldefault String subject()
principal.username
- Usually for username/password or webauthn authenticationprincipal.userHandle
- Optional field for webauthnattributes.idToken.sub
- For OpenID Connect ID Tokensattributes.[rootClaim?]accessToken.sub
- For OpenID Connect/OAuth2 Access Tokensnull
.JsonObject attributes()
default boolean expired()
true
if expireddefault boolean expired(int leeway)
exp
"expiration" timestamp in seconds.iat
"issued at" in seconds.nbf
"not before" in seconds.attributes()
do not contain a key
then principal()
properties are checked.
If all of the properties are not available the user will not expire.
Implementations of this interface might relax this rule to account for a leeway to safeguard against clock drifting.
leeway
- a greater than zero leeway value.true
if expireddefault <T> T get(String key)
rootClaim
the look up will happen in the attributes[rootClaim]
attributes()
principal()
null
T
- the expected typekey
- the key to look upClassCastException
- if the value cannot be casted to T
default <T> T getOrDefault(String key, T defaultValue)
rootClaim
the look up will happen in the attributes[rootClaim]
attributes()
principal()
null
T
- the expected typekey
- the key to look updefaultValue
- default value to return if missingClassCastException
- if the value cannot be casted to T
default boolean containsKey(String key)
rootClaim
the look up will happen in the attributes[rootClaim]
attributes()
principal()
null
key
- the key to look updefault Authorizations authorizations()
@Deprecated User isAuthorized(Authorization authority, Handler<AsyncResult<Boolean>> resultHandler)
authority
- the authority - what this really means is determined by the specific implementation. It might
represent a permission to access a resource e.g. `printers:printer34` or it might represent
authority to a role in a roles based model, e.g. `role:admin`.resultHandler
- handler that will be called with an AsyncResult
containing the value
`true` if the they has the authority or `false` otherwise.@Deprecated default User isAuthorized(String authority, Handler<AsyncResult<Boolean>> resultHandler)
isAuthorized(Authorization, Handler)
authority
- the authority - what this really means is determined by the specific implementation. It might
represent a permission to access a resource e.g. `printers:printer34` or it might represent
authority to a role in a roles based model, e.g. `role:admin`.resultHandler
- handler that will be called with an AsyncResult
containing the value
`true` if the they has the authority or `false` otherwise.@Deprecated default Future<Boolean> isAuthorized(Authorization authority)
authority
- the authority - what this really means is determined by the specific implementation. It might
represent a permission to access a resource e.g. `printers:printer34` or it might represent
authority to a role in a roles based model, e.g. `role:admin`.AsyncResult
containing the value
`true` if the they has the authority or `false` otherwise.isAuthorized(Authorization, Handler)
@Deprecated default Future<Boolean> isAuthorized(String authority)
isAuthorized(Authorization)
authority
- the authority - what this really means is determined by the specific implementation. It might
represent a permission to access a resource e.g. `printers:printer34` or it might represent
authority to a role in a roles based model, e.g. `role:admin`.AsyncResult
containing the value
`true` if the they has the authority or `false` otherwise.isAuthorized(String, Handler)
@Deprecated default User clearCache()
Authorizations.clear()
JsonObject principal()
{ "username", "tim" }
@Deprecated void setAuthProvider(AuthProvider authProvider)
authProvider
- the AuthProvider - this must be the same type of AuthProvider that originally created the UserUser merge(User other)
userA = {
attributes: {
roles: [ 'read' ]
}
}
userB = {
attributes: {
roles: [ 'write' ]
}
}
When performing a merge of userA
with userB
, you will get:
userA.merge(userB);
// results in
{
attributes: {
roles: [ 'read', 'write' ]
}
}
other
- the other user to mergedefault boolean hasAmr(String value)
true
if claim is present in the principal.Copyright © 2023 Eclipse. All rights reserved.