Module aeonics.core
Package aeonics.entity.security

Class Token

  • All Implemented Interfaces:
    Exportable
    public class Token
extends java.lang.Object
implements Exportable
    Tokens play a role in the definition of the Security. They can be used to represent a time-based access for a list of Policy scopes.

    Entities should only use tokens to perform security checks in order to identify whether or not a user is allowed to perform an action. This ensures that the current access (i.e. scope) is effectively granted.

    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected long epoch
      The start of validity point in time
      protected java.util.Set<java.lang.String> scopes
      List of scopes of this token
      protected java.lang.String user
      The linked user id
      protected long validity
      The validity from epoch in ms.
      protected java.lang.String value
      the public cryptographically secure and universally unique token value

    • Constructor Summary

      Constructors 
      Constructor Description
      Token​(Data data)
      Restores a token from its export() form.
      Token​(User.Type user, long validity, long epoch, java.lang.String... scope)
      Creates a new token.
      Token​(User.Type user, long validity, long epoch, java.lang.String value, java.lang.String... scope)
      Creates a new token.
      Token​(User.Type user, long validity, java.lang.String... scope)
      Creates a new token.
      Token​(User.Type user, java.lang.String... scope)
      Creates a new token.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void addScope​(java.lang.String scope)
      Adds the specified scope to this token
      Data export()
      Renders this class instance to a simple data structure for rendering client-side.
      boolean inScope​(java.lang.String scope)
      Returns whether or not this token applies to the specified scope
      boolean isFor​(java.lang.String user)
      Returns true if the User linked to this token matches the provided identifier.
      boolean isValid()
      Returns whether or not this token is valid at the current moment in time
      long notAfter()
      Returns the end of validity of this token as a timestamp in ms
      long notBefore()
      Returns the start of validity of this token as a timestamp in ms
      void removeScope​(java.lang.String scope)
      Removes the specified scope from this token
      void reset()
      Resets the start of validity of this token to now
      User.Type user()
      Returns the User linked to this token.
      java.lang.String value()
      Returns the public cryptographically secure and universally unique value of this token.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • value

        protected java.lang.String value
        the public cryptographically secure and universally unique token value

      • user

        protected java.lang.String user
        The linked user id

      • epoch

        protected long epoch
        The start of validity point in time

      • validity

        protected long validity
        The validity from epoch in ms. A validity <= 0 means unlimited.

      • scopes

        protected java.util.Set<java.lang.String> scopes
        List of scopes of this token

    • Constructor Detail

      • Token

        public Token​(User.Type user,
             java.lang.String... scope)
        Creates a new token. The start of validity is now and the token is valid for 1 hour. The token value is a Security.randomHash().
        Parameters:
        user - the linked user, must not be null
        scope - all applicable scopes

      • Token

        public Token​(User.Type user,
             long validity,
             java.lang.String... scope)
        Creates a new token. The start of validity is now. The token value is a Security.randomHash().
        Parameters:
        user - the linked user, must not be null
        validity - the validity period in ms. A value <0 meand unlimited.
        scope - all applicable scopes

      • Token

        public Token​(User.Type user,
             long validity,
             long epoch,
             java.lang.String... scope)
        Creates a new token. The token value is a Security.randomHash().
        Parameters:
        user - the linked user, must not be null
        validity - the validity period in ms. A value <0 meand unlimited.
        epoch - the start of validity as a timestamp in ms
        scope - all applicable scopes

      • Token

        public Token​(User.Type user,
             long validity,
             long epoch,
             java.lang.String value,
             java.lang.String... scope)
        Creates a new token.
        Parameters:
        user - the linked user, must not be null
        validity - the validity period in ms. A value <0 meand unlimited.
        epoch - the start of validity as a timestamp in ms
        value - the opaque token value
        scope - all applicable scopes

      • Token

        public Token​(Data data)
        Restores a token from its export() form.
        Parameters:
        data - the exported data

    • Method Detail

      • value

        public java.lang.String value()
        Returns the public cryptographically secure and universally unique value of this token. The value itself is considered meaningless and opaque.
        Returns:
        the public cryptographically secure and universally unique value of this token

      • user

        public User.Type user()
        Returns the User linked to this token.
        Returns:
        the Provider linked to this token, it may be null if the user does not exist in the registry

      • isFor

        public boolean isFor​(java.lang.String user)
        Returns true if the User linked to this token matches the provided identifier.
        Parameters:
        user - the user to check
        Returns:
        true if the User linked to this token matches the provided identifier

      • notBefore

        public long notBefore()
        Returns the start of validity of this token as a timestamp in ms
        Returns:
        the start of validity of this token as a timestamp in ms

      • notAfter

        public long notAfter()
        Returns the end of validity of this token as a timestamp in ms
        Returns:
        the end of validity of this token as a timestamp in ms

      • isValid

        public boolean isValid()
        Returns whether or not this token is valid at the current moment in time
        Returns:
        true if this token is valid at the current moment in time

      • reset

        public void reset()
        Resets the start of validity of this token to now

      • inScope

        public boolean inScope​(java.lang.String scope)
        Returns whether or not this token applies to the specified scope
        Parameters:
        scope - the scope to check
        Returns:
        true if this token applies to the specified scope

      • addScope

        public void addScope​(java.lang.String scope)
        Adds the specified scope to this token
        Parameters:
        scope - the scope to add

      • removeScope

        public void removeScope​(java.lang.String scope)
        Removes the specified scope from this token
        Parameters:
        scope - the scope to remove

      • export

        public Data export()
        Description copied from interface: Exportable
        Renders this class instance to a simple data structure for rendering client-side.
        Specified by:
        export in interface Exportable
        Returns:
        a public data representation of this class instance