Package org.forgerock.openig.tools
Class InvalidCallerTokenDetectionFilter
- java.lang.Object
-
- org.forgerock.openig.tools.InvalidCallerTokenDetectionFilter
-
- All Implemented Interfaces:
Filter
public class InvalidCallerTokenDetectionFilter extends Object implements Filter
AnInvalidCallerTokenDetectionFilter
provides a mechanism that allows IG to detect an incorrect response and trigger a token refresh before making the request again with the updated token. This is a workaround to OPENAM-17888 (AM not returning the expected 401 Unauthorized when caller token is invalid)The
detector
predicate is used to find if the content of a 200 OK response is typical of the result when the caller token is invalid.
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description Promise<Response,NeverThrowsException>
filter(Context context, Request request, Handler next)
Filters the request and/or response of an exchange.static InvalidCallerTokenDetectionFilter
sessionInfoDetectionFilter(String headerName, AsyncRefreshableSupplier<SsoToken,AuthenticationException> tokenSupplier)
Returns a new detection filter suitable for use with getSessionInfo requests.
-
-
-
Method Detail
-
filter
public Promise<Response,NeverThrowsException> filter(Context context, Request request, Handler next)
Description copied from interface:Filter
Filters the request and/or response of an exchange. To pass the request to the next filter or handler in the chain, the filter callsnext.handle(context, request)
.This method may elect not to pass the request to the next filter or handler, and instead handle the request itself. It can achieve this by merely avoiding a call to
next.handle(context, request)
and creating its own response object. The filter is also at liberty to replace a response with another of its own by intercepting the response returned by the next handler.
-
sessionInfoDetectionFilter
public static InvalidCallerTokenDetectionFilter sessionInfoDetectionFilter(String headerName, AsyncRefreshableSupplier<SsoToken,AuthenticationException> tokenSupplier)
Returns a new detection filter suitable for use with getSessionInfo requests.- Parameters:
headerName
- The header to use when adding the SSO token of the callertokenSupplier
- The caller SSO token supplier- Returns:
- a new detection filter suitable for getSessionInfo type of actions.
-
-