AbstractFederationClient (Oracle Cloud Infrastructure Java SDK

java.lang.Object
- com.oracle.bmc.auth.internal.AbstractFederationClient

All Implemented Interfaces:

FederationClient, ProvidesConfigurableRefresh

Direct Known Subclasses:

ResourcePrincipalsFederationClient, ResourcePrincipalsV3FederationClient, ResourcePrincipalV2FederationClient
```
public abstract class AbstractFederationClient
extends Object
implements FederationClient, ProvidesConfigurableRefresh
```
This class gets a security token from the auth service by signing the request with a PKI issued leaf certificate, passing along a temporary public key that is bounded to the the security token, and the leaf certificate.

Field Summary

Fields
Modifier and Type	Field and Description
`protected List<ClientConfigurator>`	`additionalClientConfigurator`
`protected OciCircuitBreaker`	`circuitBreaker`
`protected ClientConfigurator`	`clientConfigurator`
`protected com.oracle.bmc.http.client.HttpClient`	`federationClient`
`protected com.oracle.bmc.http.client.HttpClient`	`resourcePrincipalTokenClient`
`protected SessionKeySupplier`	`sessionKeySupplier`

Constructor Summary

Constructors
Constructor and Description
`AbstractFederationClient(String resourcePrincipalTokenEndpoint, String federationEndpoint, SessionKeySupplier sessionKeySupplier, BasicAuthenticationDetailsProvider basicAuthenticationDetailsProvider, ClientConfigurator clientConfigurator, CircuitBreakerConfiguration circuitBreakerConfiguration)` Constructor of AbstractFederationClient.
`AbstractFederationClient(String resourcePrincipalTokenEndpoint, String federationEndpoint, SessionKeySupplier sessionKeySupplier, BasicAuthenticationDetailsProvider basicAuthenticationDetailsProvider, ClientConfigurator clientConfigurator, CircuitBreakerConfiguration circuitBreakerConfiguration, List<ClientConfigurator> additionalCLientConfigurators)` Constructor of AbstractFederationClient.
`AbstractFederationClient(String resourcePrincipalTokenUrl, String resourcePrincipalTokenEndpoint, String federationEndpoint, SessionKeySupplier sessionKeySupplier, BasicAuthenticationDetailsProvider basicAuthenticationDetailsProvider, ClientConfigurator clientConfigurator, CircuitBreakerConfiguration circuitBreakerConfiguration, List<ClientConfigurator> additionalCLientConfigurators)` Constructor of AbstractFederationClient.

Method Summary

All Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method and Description
`String`	`getSecurityToken()` Gets a security token from the federation endpoint.
`protected SecurityTokenAdapter`	`getSecurityTokenAdapter()` Get securityTokenAdapter
`protected abstract SecurityTokenAdapter`	`getSecurityTokenFromServer()` Gets a security token from the federation server
`String`	`getStringClaim(String key)` Get a claim embedded in the security token.
`protected com.oracle.bmc.http.client.HttpClient`	`makeClient(String endpoint, RequestSigner requestSigner)`
`protected ClientCall<?,com.oracle.bmc.auth.internal.GetResourcePrincipalTokenResponse.ResponseWrapper,?>`	`prepareRptCall()`
`String`	`refreshAndGetSecurityToken()` Gets a security token from the federation endpoint.
`String`	`refreshAndGetSecurityTokenIfExpiringWithin(Duration time)` Gets a security token from the federation endpoint.
`String`	`refreshAndGetSecurityTokenIfExpiringWithin(Duration time, boolean refreshKeys)` Gets a security token from the federation endpoint if the security token expires within the provided duration and allows to enable/disable refresh of keys.
`protected String`	`refreshAndGetSecurityTokenInner(boolean doFinalTokenValidityCheck, Optional<Duration> time, boolean refreshKeys)`
`protected SecurityTokenAdapter`	`requestSessionToken(GetResourcePrincipalSessionTokenRequest getResourcePrincipalSessionTokenRequest)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

sessionKeySupplier

protected final SessionKeySupplier sessionKeySupplier

clientConfigurator

protected final ClientConfigurator clientConfigurator

additionalClientConfigurator

protected final List<ClientConfigurator> additionalClientConfigurator

circuitBreaker

protected final OciCircuitBreaker circuitBreaker

resourcePrincipalTokenClient

protected final com.oracle.bmc.http.client.HttpClient resourcePrincipalTokenClient

federationClient

protected final com.oracle.bmc.http.client.HttpClient federationClient

Constructor Detail

AbstractFederationClient

public AbstractFederationClient(String resourcePrincipalTokenEndpoint,
                                String federationEndpoint,
                                SessionKeySupplier sessionKeySupplier,
                                BasicAuthenticationDetailsProvider basicAuthenticationDetailsProvider,
                                ClientConfigurator clientConfigurator,
                                CircuitBreakerConfiguration circuitBreakerConfiguration)

Constructor of AbstractFederationClient.

Parameters:: resourcePrincipalTokenEndpoint - the endpoint that can provide the resource principal token.; federationEndpoint - the endpoint that can provide the resource principal session token.; sessionKeySupplier - the session key supplier.; basicAuthenticationDetailsProvider - the instance principals authentication details provider.; clientConfigurator - the reset client configurator.

AbstractFederationClient

public AbstractFederationClient(String resourcePrincipalTokenEndpoint,
                                String federationEndpoint,
                                SessionKeySupplier sessionKeySupplier,
                                BasicAuthenticationDetailsProvider basicAuthenticationDetailsProvider,
                                ClientConfigurator clientConfigurator,
                                CircuitBreakerConfiguration circuitBreakerConfiguration,
                                List<ClientConfigurator> additionalCLientConfigurators)

Constructor of AbstractFederationClient.

Parameters:: resourcePrincipalTokenEndpoint - the endpoint that can provide the resource principal token.; federationEndpoint - the endpoint that can provide the resource principal session token.; sessionKeySupplier - the session key supplier.; basicAuthenticationDetailsProvider - the instance principals authentication details provider.; clientConfigurator - the reset client configurator.

AbstractFederationClient

public AbstractFederationClient(String resourcePrincipalTokenUrl,
                                String resourcePrincipalTokenEndpoint,
                                String federationEndpoint,
                                SessionKeySupplier sessionKeySupplier,
                                BasicAuthenticationDetailsProvider basicAuthenticationDetailsProvider,
                                ClientConfigurator clientConfigurator,
                                CircuitBreakerConfiguration circuitBreakerConfiguration,
                                List<ClientConfigurator> additionalCLientConfigurators)

Constructor of AbstractFederationClient.

Parameters:: resourcePrincipalTokenUrl - the complete url that can provide the resource principal token.; resourcePrincipalTokenEndpoint - the endpoint that can provide the resource principal token.; federationEndpoint - the endpoint that can provide the resource principal session token.; sessionKeySupplier - the session key supplier.; basicAuthenticationDetailsProvider - the instance principals authentication details provider.; clientConfigurator - the reset client configurator.

Method Detail
- makeClient
```
protected com.oracle.bmc.http.client.HttpClient makeClient(String endpoint,
                                                           RequestSigner requestSigner)
```
- getSecurityToken
```
public String getSecurityToken()
```
  Gets a security token from the federation endpoint. May use a cached token if it judged to still be valid.
  
  Specified by:
  
  getSecurityToken in interface FederationClient
  
  Returns:
  
  A security token that can be used to authenticate requests.
- refreshAndGetSecurityToken
```
public String refreshAndGetSecurityToken()
```
  Gets a security token from the federation endpoint. This will always retrieve a new token from the federation endpoint and does not use a cached token.
  
  Specified by:
  
  refreshAndGetSecurityToken in interface FederationClient
  
  Returns:
  
  A security token that can be used to authenticate requests.
- refreshAndGetSecurityTokenIfExpiringWithin
```
public String refreshAndGetSecurityTokenIfExpiringWithin(Duration time,
                                                         boolean refreshKeys)
```
  Gets a security token from the federation endpoint if the security token expires within the provided duration and allows to enable/disable refresh of keys. This will always retrieve a new token from the federation endpoint and does not use a cached token.
  
  Specified by:
  
  refreshAndGetSecurityTokenIfExpiringWithin in interface ProvidesConfigurableRefresh
  
  Parameters:
  
  time - the duration to check
  
  refreshKeys - boolean value to enable/disable refresh of keys
  
  Returns:
  
  A security token that can be used to authenticate requests.
- refreshAndGetSecurityTokenIfExpiringWithin
```
public String refreshAndGetSecurityTokenIfExpiringWithin(Duration time)
```
  Gets a security token from the federation endpoint. This will always retrieve a new token from the federation endpoint and does not use a cached token.
  
  Specified by:
  
  refreshAndGetSecurityTokenIfExpiringWithin in interface ProvidesConfigurableRefresh
  
  Parameters:
  
  time - the duration to check
  
  Returns:
  
  A security token that can be used to authenticate requests.
- refreshAndGetSecurityTokenInner
```
protected String refreshAndGetSecurityTokenInner(boolean doFinalTokenValidityCheck,
                                                 Optional<Duration> time,
                                                 boolean refreshKeys)
```
- getSecurityTokenFromServer
```
protected abstract SecurityTokenAdapter getSecurityTokenFromServer()
```
  Gets a security token from the federation server
  
  Returns:
  
  the security token, which is basically a JWT token string
- getStringClaim
```
public String getStringClaim(String key)
```
  Get a claim embedded in the security token. May use the cached token if it is judged to still be valid.
  
  Specified by:
  
  getStringClaim in interface FederationClient
- requestSessionToken
```
protected SecurityTokenAdapter requestSessionToken(GetResourcePrincipalSessionTokenRequest getResourcePrincipalSessionTokenRequest)
```
- prepareRptCall
```
protected ClientCall<?,com.oracle.bmc.auth.internal.GetResourcePrincipalTokenResponse.ResponseWrapper,?> prepareRptCall()
```
- getSecurityTokenAdapter
```
protected SecurityTokenAdapter getSecurityTokenAdapter()
```
  Get securityTokenAdapter
  
  Returns:
  
  securityTokenAdapter

Class AbstractFederationClient

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

sessionKeySupplier

clientConfigurator

additionalClientConfigurator

circuitBreaker

resourcePrincipalTokenClient

federationClient

Constructor Detail

AbstractFederationClient

AbstractFederationClient

AbstractFederationClient

Method Detail

makeClient

getSecurityToken

refreshAndGetSecurityToken

refreshAndGetSecurityTokenIfExpiringWithin

refreshAndGetSecurityTokenIfExpiringWithin

refreshAndGetSecurityTokenInner

getSecurityTokenFromServer

getStringClaim

requestSessionToken

prepareRptCall

getSecurityTokenAdapter