Package com.janeirodigital.sai.authentication

Class AuthorizedSessionHelper

java.lang.Object
com.janeirodigital.sai.authentication.AuthorizedSessionHelper
public class AuthorizedSessionHelper extends Object
Assorted helper methods related to working with OAuth2 / OpenID Connect sessions, tokens, and authorization servers. Makes liberal use of the Nimbus SDK.

  • Method Details

    • getOidcIssuerForSocialAgent

      public static URI getOidcIssuerForSocialAgent(okhttp3.OkHttpClient httpClient, URI socialAgentId) throws SaiAuthenticationException
      Throws:
      SaiAuthenticationException

    • getOIDCProviderConfiguration

      public static com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata getOIDCProviderConfiguration(URI providerUri) throws SaiAuthenticationException
      Get the configuration of an OpenID Provider based on the discovery and contents of its .well-known/openid-configuration resource.
      Parameters:
      providerUri - URI of the OpenID Provider
      Returns:
      OIDCProviderMetadata
      Throws:
      SaiAuthenticationException

    • getClientIdDocument

      public static org.apache.jena.rdf.model.Resource getClientIdDocument(okhttp3.OkHttpClient httpClient, URI clientId) throws SaiAuthenticationException
      Get the client identifier document as a Jena Resource associated with the provided clientId
      Parameters:
      httpClient - OkHttpClient to perform the GET with
      clientId - URI of the client identifier to get
      Returns:
      Jena RDF Resource
      Throws:
      SaiAuthenticationException

    • getProtectedResource

      public static okhttp3.Response getProtectedResource(AuthorizedSession authorizedSession, okhttp3.OkHttpClient httpClient, URI uri, okhttp3.Headers headers) throws SaiAuthenticationException, com.janeirodigital.sai.httputils.SaiHttpException
      Gets a protected resource that requires additional Authorization headers to be added to the request.
      Parameters:
      authorizedSession - AuthorizedSession for access to protected resources
      httpClient - OkHttpClient to perform the GET with
      uri - URI of the resource to GET
      headers - Optional OkHttp Headers
      Returns:
      OkHttp Response
      Throws:
      SaiAuthenticationException
      com.janeirodigital.sai.httputils.SaiHttpException

    • getProtectedResource

      public static okhttp3.Response getProtectedResource(AuthorizedSession authorizedSession, okhttp3.OkHttpClient httpClient, URI uri) throws SaiAuthenticationException, com.janeirodigital.sai.httputils.SaiHttpException
      Calls getProtectedResource(AuthorizedSession, OkHttpClient, URI, Headers) with no additional headers provided.
      Parameters:
      authorizedSession - AuthorizedSession for access to protected resources
      httpClient - OkHttpClient to perform the GET with
      uri - URI of the resource to GET
      Returns:
      OkHttp Response
      Throws:
      SaiAuthenticationException
      com.janeirodigital.sai.httputils.SaiHttpException

    • getProtectedRdfResource

      public static okhttp3.Response getProtectedRdfResource(AuthorizedSession authorizedSession, okhttp3.OkHttpClient httpClient, URI uri, okhttp3.Headers headers) throws SaiAuthenticationException, com.janeirodigital.sai.httputils.SaiHttpException
      Gets a protected RDF resource that requires additional Authorization headers to be added to the request.
      Parameters:
      authorizedSession - AuthorizedSession for access to protected resources
      httpClient - OkHttpClient to perform the GET with
      uri - URI of the resource to GET
      headers - Optional OkHttp Headers
      Returns:
      OkHttp Response
      Throws:
      SaiAuthenticationException
      com.janeirodigital.sai.httputils.SaiHttpException

    • getProtectedRdfResource

      public static okhttp3.Response getProtectedRdfResource(AuthorizedSession authorizedSession, okhttp3.OkHttpClient httpClient, URI uri) throws SaiAuthenticationException, com.janeirodigital.sai.httputils.SaiHttpException
      Calls getProtectedRdfResource(AuthorizedSession, OkHttpClient, URI, Headers) with no additional headers provided.
      Parameters:
      authorizedSession - AuthorizedSession for access to protected resources
      httpClient - OkHttpClient to perform the GET with
      uri - URI of the resource to GET
      Returns:
      OkHttp Response
      Throws:
      SaiAuthenticationException
      com.janeirodigital.sai.httputils.SaiHttpException

    • putProtectedRdfResource

      public static okhttp3.Response putProtectedRdfResource(AuthorizedSession authorizedSession, okhttp3.OkHttpClient httpClient, URI uri, org.apache.jena.rdf.model.Resource resource, com.janeirodigital.sai.httputils.ContentType contentType, String jsonLdContext, okhttp3.Headers headers) throws SaiAuthenticationException, com.janeirodigital.sai.httputils.SaiHttpException
      Puts a protected RDF resource that requires additional Authorization headers to be added to the request.
      Parameters:
      authorizedSession - AuthorizedSession for access to protected resources
      httpClient - OkHttpClient to perform the PUT with
      uri - URI of the resource to PUT
      resource - Jena resource to PUT with
      contentType - ContentType of the request
      jsonLdContext - Optional JSON-LD context string to include
      headers - Optional OkHttp Headers
      Returns:
      OkHttp Response
      Throws:
      SaiAuthenticationException
      com.janeirodigital.sai.httputils.SaiHttpException

    • putProtectedRdfResource

      public static okhttp3.Response putProtectedRdfResource(AuthorizedSession authorizedSession, okhttp3.OkHttpClient httpClient, URI uri, org.apache.jena.rdf.model.Resource resource, com.janeirodigital.sai.httputils.ContentType contentType) throws SaiAuthenticationException, com.janeirodigital.sai.httputils.SaiHttpException
      Calls putProtectedRdfResource(AuthorizedSession, OkHttpClient, URI, Resource, ContentType, String, Headers) with no additional headers provided.
      Parameters:
      authorizedSession - AuthorizedSession for access to protected resources
      httpClient - OkHttpClient to perform the PUT with
      uri - URI of the resource to PUT
      resource - Jena resource to PUT with
      contentType - ContentType of the request
      Returns:
      OkHttp Response
      Throws:
      SaiAuthenticationException
      com.janeirodigital.sai.httputils.SaiHttpException

    • putProtectedRdfResource

      public static okhttp3.Response putProtectedRdfResource(AuthorizedSession authorizedSession, okhttp3.OkHttpClient httpClient, URI uri, org.apache.jena.rdf.model.Resource resource, com.janeirodigital.sai.httputils.ContentType contentType, okhttp3.Headers headers) throws SaiAuthenticationException, com.janeirodigital.sai.httputils.SaiHttpException
      Calls putProtectedRdfResource(AuthorizedSession, OkHttpClient, URI, Resource, ContentType, String, Headers) with additional headers provided
      Parameters:
      authorizedSession - AuthorizedSession for access to protected resources
      httpClient - OkHttpClient to perform the PUT with
      uri - URI of the resource to PUT
      resource - Jena resource to PUT with
      contentType - ContentType of the request
      headers - Optional OkHttp Headers
      Returns:
      OkHttp Response
      Throws:
      SaiAuthenticationException
      com.janeirodigital.sai.httputils.SaiHttpException

    • putProtectedRdfResource

      public static okhttp3.Response putProtectedRdfResource(AuthorizedSession authorizedSession, okhttp3.OkHttpClient httpClient, URI uri, org.apache.jena.rdf.model.Resource resource, com.janeirodigital.sai.httputils.ContentType contentType, String jsonLdContext) throws SaiAuthenticationException, com.janeirodigital.sai.httputils.SaiHttpException
      Calls putProtectedRdfResource(AuthorizedSession, OkHttpClient, URI, Resource, ContentType, String, Headers) with additional headers provided
      Parameters:
      authorizedSession - AuthorizedSession for access to protected resources
      httpClient - OkHttpClient to perform the PUT with
      uri - URI of the resource to PUT
      resource - Jena resource to PUT with
      contentType - ContentType of the request
      jsonLdContext - Optional JSON-LD context string to include
      Returns:
      OkHttp Response
      Throws:
      SaiAuthenticationException
      com.janeirodigital.sai.httputils.SaiHttpException

    • deleteProtectedResource

      public static okhttp3.Response deleteProtectedResource(AuthorizedSession authorizedSession, okhttp3.OkHttpClient httpClient, URI uri, okhttp3.Headers headers) throws SaiAuthenticationException, com.janeirodigital.sai.httputils.SaiHttpException
      Deletes a protected resource that requires additional Authorization headers to be added to the request.
      Parameters:
      authorizedSession - AuthorizedSession for access to protected resources
      httpClient - OkHttpClient to perform the DELETE with
      uri - URI of the resource to DELETE
      headers - Optional OkHttp Headers
      Returns:
      OkHttp Response
      Throws:
      SaiAuthenticationException
      com.janeirodigital.sai.httputils.SaiHttpException

    • deleteProtectedResource

      public static okhttp3.Response deleteProtectedResource(AuthorizedSession authorizedSession, okhttp3.OkHttpClient httpClient, URI uri) throws SaiAuthenticationException, com.janeirodigital.sai.httputils.SaiHttpException
      Calls deleteProtectedResource(AuthorizedSession, OkHttpClient, URI, Headers) with no additional headers provided.
      Parameters:
      authorizedSession - AuthorizedSession for access to protected resources
      httpClient - OkHttpClient to perform the DELETE with
      uri - URI of the resource to DELETE
      Returns:
      OkHttp Response
      Throws:
      SaiAuthenticationException
      com.janeirodigital.sai.httputils.SaiHttpException

    • setAuthorizationHeaders

      public static okhttp3.Headers setAuthorizationHeaders(AuthorizedSession authorizedSession, com.janeirodigital.sai.httputils.HttpMethod method, URI uri, okhttp3.Headers headers) throws SaiAuthenticationException
      Sets the appropriate HTTP Authorization headers based on the characteristics of the AuthorizedSession.
      Parameters:
      authorizedSession - AuthorizedSession for access to protected resources
      method - HttpMethod of the request
      uri - Target URI of the request
      headers - Optional OkHttp Headers
      Returns:
      Populated OkHttp Headers
      Throws:
      SaiAuthenticationException

    • getAccessTokenFromRequest

      public static AccessToken getAccessTokenFromRequest(okhttp3.Request request)
      Extracts the value of an access token from the Authorization header of an HTTP request. Returns null if no Authorization header exists or the token type isn't recognized.
      Parameters:
      request - OkHttp Request
      Returns:
      Access token value or null

    • translateAccessToken

      public static AccessToken translateAccessToken(com.nimbusds.oauth2.sdk.token.AccessToken nimbusAccessToken)
      Translates a nimbus native AccessToken into the generic sai-java format
      Parameters:
      nimbusAccessToken - Nimbus AccessToken
      Returns:
      AccessToken in sai-java format

    • translateRefreshToken

      public static RefreshToken translateRefreshToken(com.nimbusds.oauth2.sdk.token.RefreshToken nimbusRefreshToken)
      Translates a nimbus native AccessToken into the generic sai-java format
      Parameters:
      nimbusRefreshToken - Nimbus RefreshToken
      Returns:
      RefreshToken in sai-java format