Package io.vertx.reactivex.ext.auth
Class User
- java.lang.Object
-
- io.vertx.reactivex.ext.auth.User
-
-
Field Summary
Fields Modifier and Type Field Description static io.vertx.lang.rx.TypeArg<User>
__TYPE_ARG
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description JsonObject
attributes()
Gets extra attributes of the user.Authorizations
authorizations()
Returns user's authorizations that have been previously loaded by the providers.boolean
containsKey(String key)
Checks if a value exists on the user object.static User
create(JsonObject principal)
Factory for user instances that are free form.static User
create(JsonObject principal, JsonObject attributes)
Factory for user instances that are free form.boolean
equals(Object o)
boolean
expired()
Flags this user object to be expired.boolean
expired(int leeway)
Flags this user object to be expired.static User
fromName(String username)
Factory for user instances that are single string.static User
fromToken(String token)
Factory for user instances that are single string.<T> T
get(String key)
Get a value from the user object.User
getDelegate()
<T> T
getOrDefault(String key, T defaultValue)
Get a value from the user object.boolean
hasAmr(String value)
The "amr" (Authentication Methods References) returns a unique list of claims as defined and registered in the IANA "JSON Web Token Claims" registry.int
hashCode()
User
merge(User other)
Merge the principal and attributes of a second user into this object properties.static User
newInstance(User arg)
JsonObject
principal()
Get the underlying principal for the User.String
subject()
The user subject.String
toString()
-
-
-
Field Detail
-
__TYPE_ARG
public static final io.vertx.lang.rx.TypeArg<User> __TYPE_ARG
-
-
Method Detail
-
getDelegate
public User getDelegate()
-
fromName
public static User fromName(String username)
Factory for user instances that are single string. The credentials will be added to the principal of this instance. As nothing can be said about the credentials no validation will be done.Will create a principal with a property
"username"
with the name as value.- Parameters:
username
- the value for this user- Returns:
- user instance
-
fromToken
public static User fromToken(String token)
Factory for user instances that are single string. The credentials will be added to the principal of this instance. As nothing can be said about the credentials no validation will be done.Will create a principal with a property
"access_token"
with the name as value.- Parameters:
token
- the value for this user- Returns:
- user instance
-
create
public static User create(JsonObject principal)
Factory for user instances that are free form. The credentials will be added to the principal of this instance. As nothing can be said about the credentials no validation will be done.- Parameters:
principal
- the free form json principal- Returns:
- user instance
-
create
public static User create(JsonObject principal, JsonObject attributes)
Factory for user instances that are free form. The credentials will be added to the principal of this instance. As nothing can be said about the credentials no validation will be done.- Parameters:
principal
- the free form json principalattributes
- the free form json attributes that further describe the principal- Returns:
- user instance
-
subject
public String subject()
The user subject. Usually a human representation that identifies this user.The lookup for this information will take place in several places in the following order:
principal.username
- Usually for username/password or webauthn authenticationprincipal.userHandle
- Optional field for webauthnattributes.idToken.sub
- For OpenID Connect ID Tokensattributes.[rootClaim?]accessToken.sub
- For OpenID Connect/OAuth2 Access Tokens
- Returns:
- the subject for this user or
null
.
-
attributes
public JsonObject attributes()
Gets extra attributes of the user. Attributes contain any attributes related to the outcome of authenticating a user (e.g.: issued date, metadata, etc...)- Returns:
- a json object with any relevant attribute.
-
expired
public boolean expired()
Flags this user object to be expired. A User is considered expired if it contains an expiration time and the current clock time is post the expiration date.- Returns:
true
if expired
-
expired
public boolean expired(int leeway)
Flags this user object to be expired. Expiration takes 3 values in account:exp
"expiration" timestamp in seconds.iat
"issued at" in seconds.nbf
"not before" in seconds.
attributes()
do not contain a key thenprincipal()
properties are checked.If all of the properties are not available the user will not expire.
Implementations of this interface might relax this rule to account for a leeway to safeguard against clock drifting.
- Parameters:
leeway
- a greater than zero leeway value.- Returns:
true
if expired
-
get
public <T> T get(String key)
Get a value from the user object. This method will perform lookups on several places before returning a value.- If there is a
rootClaim
the look up will happen in theattributes[rootClaim]
- If exists the value will be returned from the
attributes()
- If exists the value will be returned from the
principal()
- Otherwise it will be
null
- Parameters:
key
- the key to look up- Returns:
- the value or null if missing
- If there is a
-
getOrDefault
public <T> T getOrDefault(String key, T defaultValue)
Get a value from the user object. This method will perform lookups on several places before returning a value.- If there is a
rootClaim
the look up will happen in theattributes[rootClaim]
- If exists the value will be returned from the
attributes()
- If exists the value will be returned from the
principal()
- Otherwise it will be
null
- Parameters:
key
- the key to look updefaultValue
- default value to return if missing- Returns:
- the value or null if missing
- If there is a
-
containsKey
public boolean containsKey(String key)
Checks if a value exists on the user object. This method will perform lookups on several places before returning.- If there is a
rootClaim
the look up will happen in theattributes[rootClaim]
- If exists the value will be returned from the
attributes()
- If exists the value will be returned from the
principal()
- Otherwise it will be
null
- Parameters:
key
- the key to look up- Returns:
- the value or null if missing
- If there is a
-
authorizations
public Authorizations authorizations()
Returns user's authorizations that have been previously loaded by the providers.- Returns:
- authorizations holder for the user.
-
principal
public JsonObject principal()
Get the underlying principal for the User. What this actually returns depends on the implementation. For a simple user/password based auth, it's likely to contain a JSON object with the following structure:{ "username", "tim" }
- Returns:
- JSON representation of the Principal
-
merge
public User merge(User other)
Merge the principal and attributes of a second user into this object properties.It is important to notice that the principal merges by replacing existing keys with the new values, while the attributes (as they represent decoded data) are accumulated at the root level.
This means that given:
userA = { attributes: { roles: [ 'read' ]
} userB = { attributes: { roles: [ 'write' ] } } }When performing a merge of
userA
withuserB
, you will get:userA.merge(userB); // results in { attributes: { roles: [ 'read', 'write' ]
} }- Parameters:
other
- the other user to merge- Returns:
- fluent self
-
hasAmr
public boolean hasAmr(String value)
The "amr" (Authentication Methods References) returns a unique list of claims as defined and registered in the IANA "JSON Web Token Claims" registry. The values in this collection are based on RFC8176. This information can be used to filter authenticated users by their authentication mechanism.- Parameters:
value
-- Returns:
true
if claim is present in the principal.
-
-