Class Auth0AuthenticationModule
java.lang.Object
com.kingsrook.qqq.backend.core.modules.authentication.implementations.Auth0AuthenticationModule
- All Implemented Interfaces:
QAuthenticationModuleInterface
QQQ AuthenticationModule for working with Auth0.
createSession can be called with the following fields in its context:
System-User session use-case:
1: Takes in an "accessToken" (but doesn't store a userSession record).
1b: legacy frontend use-case does the same as system-user!
Web User session use-cases:
2: creates a new session (userSession record) by taking an "accessToken"
3: looks up an existing session (userSession record) by taking a "sessionUUID"
4: takes an "apiKey" (looked up in metaData.AccessTokenTableName - refreshing accessToken with auth0 if needed).
5: takes a "basicAuthString" (encoded username:password), which make a new accessToken in auth0
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptioncreateAutomatedSessionForUser(QInstance qInstance, Serializable userId) e.g., if a scheduled job needs to run as a user (say, a report)...createSession(QInstance qInstance, Map<String, String> context) protected StringgetAccessTokenForUsernameAndPasswordFromAuth0(Auth0AuthenticationMetaData metaData, com.auth0.client.auth.AuthAPI auth, String credentials) booleanisSessionValid(QInstance instance, QSession session) org.json.JSONObjectrequestAccessTokenForClientIdAndSecretFromAuth0(Auth0AuthenticationMetaData auth0MetaData, String clientId, String clientSecret) make http request to Auth0 for a new access token for an application - e.g., with a clientId and clientSecret as paramsMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface com.kingsrook.qqq.backend.core.modules.authentication.QAuthenticationModuleInterface
getLoginRedirectUrl, usesSessionIdCookie
-
Field Details
-
ID_TOKEN_VALIDATION_INTERVAL_SECONDS
public static final int ID_TOKEN_VALIDATION_INTERVAL_SECONDS//////////////////////////////////////////////////////////////////////////////////////////////////////////- See Also:
-
ACCESS_TOKEN_KEY
- See Also:
-
API_KEY
- See Also:
-
SESSION_UUID_KEY
- See Also:
-
BASIC_AUTH_KEY
- See Also:
-
DO_STORE_USER_SESSION_KEY
- See Also:
-
-
Constructor Details
-
Auth0AuthenticationModule
public Auth0AuthenticationModule()
-
-
Method Details
-
createSession
public QSession createSession(QInstance qInstance, Map<String, String> context) throws QAuthenticationException- Specified by:
createSessionin interfaceQAuthenticationModuleInterface- Throws:
QAuthenticationException
-
getAccessTokenForUsernameAndPasswordFromAuth0
protected String getAccessTokenForUsernameAndPasswordFromAuth0(Auth0AuthenticationMetaData metaData, com.auth0.client.auth.AuthAPI auth, String credentials) throws com.auth0.exception.Auth0Exception - Throws:
com.auth0.exception.Auth0Exception
-
isSessionValid
- Specified by:
isSessionValidin interfaceQAuthenticationModuleInterface
-
requestAccessTokenForClientIdAndSecretFromAuth0
public org.json.JSONObject requestAccessTokenForClientIdAndSecretFromAuth0(Auth0AuthenticationMetaData auth0MetaData, String clientId, String clientSecret) throws AccessTokenException make http request to Auth0 for a new access token for an application - e.g., with a clientId and clientSecret as params- Throws:
AccessTokenException
-
createAutomatedSessionForUser
public QSession createAutomatedSessionForUser(QInstance qInstance, Serializable userId) throws QAuthenticationException e.g., if a scheduled job needs to run as a user (say, a report)...- Specified by:
createAutomatedSessionForUserin interfaceQAuthenticationModuleInterface- Throws:
QAuthenticationException
-