Package net.officefloor.web.jwt

Interface JwtHttpAccessControl<C>

All Superinterfaces:

HttpAccessControl, Serializable

public interface JwtHttpAccessControl<C>
extends HttpAccessControl

Extra JWT functions to HttpAccessControl.

Author:

Daniel Sagenschneider

Method Summary

Modifier and Type	Method	Description
C	getClaims()	Obtains the JWT claims.

Methods inherited from interface net.officefloor.web.security.HttpAccessControl

getAuthenticationScheme, getPrincipal, inRole, isAccess

Method Details

getClaims

C getClaims()

Obtains the JWT claims.

While this is available, it does reduce the re-usability of the HttpAccessControl (and resulting infrastructure built on it). Ideally, this should not be used with HttpAccessControl.inRole(String) being preferred.

However, if direct access to the claim is required, it should just be depended on as a custom access control object. For example, a ManagedObjectSource can be created to depend on the claims object and data store. This ManagedObjectSource can retrieve the user entry for the JWT claims from the data store and make available for dependency injection. This provides a re-usable application centric ManagedObjectSource that does not depend on (possibly changing) OfficeFloor enforced "standard" HttpSecurity interfaces.

Returns:

JWT claims.