Class OAuthBearerValidatorCallback
- java.lang.Object
-
- org.apache.kafka.common.security.oauthbearer.OAuthBearerValidatorCallback
-
- All Implemented Interfaces:
javax.security.auth.callback.Callback
@Evolving public class OAuthBearerValidatorCallback extends java.lang.Object implements javax.security.auth.callback.Callback
ACallback
for use by theSaslServer
implementation when it needs to provide an OAuth 2 bearer token compact serialization for validation. Callback handlers should use theerror(String, String, String)
method to communicate errors back to the SASL Client as per RFC 6749: The OAuth 2.0 Authorization Framework and the IANA OAuth Extensions Error Registry. Callback handlers should communicate other problems by raising anIOException
.This class was introduced in 2.0.0 and, while it feels stable, it could evolve. We will try to evolve the API in a compatible manner, but we reserve the right to make breaking changes in minor releases, if necessary. We will update the
InterfaceStability
annotation and this notice once the API is considered stable.
-
-
Constructor Summary
Constructors Constructor Description OAuthBearerValidatorCallback(java.lang.String tokenValue)
Constructor
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
error(java.lang.String errorStatus, java.lang.String errorScope, java.lang.String errorOpenIDConfiguration)
Set the error values as per RFC 7628: A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth.java.lang.String
errorOpenIDConfiguration()
Return the (potentially null) error openid-configuration value as per RFC 7628: A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth.java.lang.String
errorScope()
Return the (potentially null) error scope value as per RFC 7628: A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth.java.lang.String
errorStatus()
Return the (potentially null) error status value as per RFC 7628: A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth and the IANA OAuth Extensions Error Registry.OAuthBearerToken
token()
Return the (potentially null) tokenvoid
token(OAuthBearerToken token)
Set the token.java.lang.String
tokenValue()
Return the (always non-null) token value
-
-
-
Method Detail
-
tokenValue
public java.lang.String tokenValue()
Return the (always non-null) token value- Returns:
- the (always non-null) token value
-
token
public OAuthBearerToken token()
Return the (potentially null) token- Returns:
- the (potentially null) token
-
errorStatus
public java.lang.String errorStatus()
Return the (potentially null) error status value as per RFC 7628: A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth and the IANA OAuth Extensions Error Registry.- Returns:
- the (potentially null) error status value
-
errorScope
public java.lang.String errorScope()
Return the (potentially null) error scope value as per RFC 7628: A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth.- Returns:
- the (potentially null) error scope value
-
errorOpenIDConfiguration
public java.lang.String errorOpenIDConfiguration()
Return the (potentially null) error openid-configuration value as per RFC 7628: A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth.- Returns:
- the (potentially null) error openid-configuration value
-
token
public void token(OAuthBearerToken token)
Set the token. The token value is unchanged and is expected to match the provided token's value. All error values are cleared.- Parameters:
token
- the mandatory token to set
-
error
public void error(java.lang.String errorStatus, java.lang.String errorScope, java.lang.String errorOpenIDConfiguration)
Set the error values as per RFC 7628: A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth. Any token is cleared.- Parameters:
errorStatus
- the mandatory error status value from the IANA OAuth Extensions Error Registry to seterrorScope
- the optional error scope value to seterrorOpenIDConfiguration
- the optional error openid-configuration value to set
-
-