public class BearerIvoaAuthScheme extends IvoaAuthScheme
This implements the "ivoa_bearer" scheme. The bearer token is acquired from the "X-VO-Bearer" header of the login response, and is subsequently used in accordance with RFC6750 like:
Authorization: Bearer <token-text>
Note that at time of writing it is not in general safe to use this scheme because the details of token scope have not been worked out, leading to the possibility of a third-party malevolent site issuing a challenge that would result in stealing tokens.
IvoaAuthScheme.AuthReader<T>
Modifier and Type | Field and Description |
---|---|
static BearerIvoaAuthScheme |
INSTANCE
Singleton instance.
|
static java.lang.String |
SCHEME_NAME
Name and identifier for this scheme ("ivoa_bearer").
|
static java.lang.String |
TOKEN_HEADER
Name of login response header containing bearer token.
|
ACCESSURL_PARAM, STANDARDID_PARAM
Modifier and Type | Method and Description |
---|---|
ContextFactory |
createContextFactory(LoginProtocol loginProto,
java.net.URL loginUrl,
java.net.URL challengeUrl)
Creates a ContextFactory for this scheme with a given
login protocol instance.
|
createContextFactory, getName, getSuccessResponse, readAuth
public static final BearerIvoaAuthScheme INSTANCE
public static final java.lang.String SCHEME_NAME
public static final java.lang.String TOKEN_HEADER
public ContextFactory createContextFactory(LoginProtocol loginProto, java.net.URL loginUrl, java.net.URL challengeUrl)
IvoaAuthScheme
createContextFactory
in class IvoaAuthScheme
loginProto
- login protocolloginUrl
- login URLchallengeUrl
- URL from which the challenge was received