google.registry.request.auth.AuthResult.java Source code

Java tutorial

  1. HOME
  2. Java
  3. google.registry.request.auth.AuthResult.java

Introduction

Here is the source code for google.registry.request.auth.AuthResult.java

Source

// Copyright 2017 The Nomulus Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package google.registry.request.auth;

import static com.google.common.base.Preconditions.checkNotNull;

import com.google.auto.value.AutoValue;
import com.google.common.base.Optional;
import javax.annotation.Nullable;

/**
 * Results of authentication for a given HTTP request, as emitted by an
 * {@link AuthenticationMechanism}.
 */
@AutoValue
public abstract class AuthResult {

    public abstract AuthLevel authLevel();

    /** Information about the authenticated user, if there is one. */
    public abstract Optional<UserAuthInfo> userAuthInfo();

    public boolean isAuthenticated() {
        return authLevel() != AuthLevel.NONE;
    }

    static AuthResult create(AuthLevel authLevel) {
        return new AutoValue_AuthResult(authLevel, Optional.<UserAuthInfo>absent());
    }

    static AuthResult create(AuthLevel authLevel, @Nullable UserAuthInfo userAuthInfo) {
        if (authLevel == AuthLevel.USER) {
            checkNotNull(userAuthInfo);
        }
        return new AutoValue_AuthResult(authLevel, Optional.fromNullable(userAuthInfo));
    }

    /**
     * No authentication was made.
     *
     * <p>In the authentication step, this means that none of the configured authentication methods
     * were able to authenticate the user. But the authorization settings may be such that it's
     * perfectly fine not to be authenticated. The {@link RequestAuthenticator#authorize} method
     * returns NOT_AUTHENTICATED in this case, as opposed to absent() if authentication failed and was
     * required. So as a return from an authorization check, this can be treated as a success.
     */
    public static final AuthResult NOT_AUTHENTICATED = AuthResult.create(AuthLevel.NONE);
}