authorization/org.modelix.authorization

Package-level declarations

Types

Link copied to clipboard
class AccessTokenPrincipal(val jwt: DecodedJWT) : Principal
Link copied to clipboard
Link copied to clipboard
interface IModelixAuthorizationConfig

Reduced interface exposed to users of the plugin.

Link copied to clipboard
data class KeycloakResource(val name: String, val type: KeycloakResourceType)
Link copied to clipboard
data class KeycloakResourceType(val name: String, val scopes: Set<KeycloakScope>, val createByUser: Boolean = false)
Link copied to clipboard
data class KeycloakScope(val name: String)
Link copied to clipboard
object KeycloakUtils
Link copied to clipboard
object ModelixAuthorization : BaseRouteScopedPlugin<IModelixAuthorizationConfig, ModelixAuthorizationPluginInstance>

JWT based authorization plugin.

Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
class NoPermissionException(val user: AccessTokenPrincipal?, val resourceId: String?, val scope: String?, message: String) : RuntimeException
Link copied to clipboard
Link copied to clipboard
class UnknownPermissionException(val permissionId: String, val unknownElement: String?, cause: Exception? = null) : Exception

Properties

Link copied to clipboard

Functions

Link copied to clipboard
Link copied to clipboard
fun HTML.buildPermissionPage(evaluator: PermissionEvaluator)
fun HTML.buildPermissionPage(schemaInstance: SchemaInstance)
Link copied to clipboard
fun ApplicationCall.checkPermission(permissionToCheck: PermissionParts)
fun PipelineContext<*, ApplicationCall>.checkPermission(permissionParts: PermissionParts)
fun ApplicationCall.checkPermission(resource: KeycloakResource, scope: KeycloakScope)
Link copied to clipboard
fun createModelixAccessToken(algorithm: Algorithm, user: String, grantedPermissions: List<String>, additionalTokenContent: (JWTCreator.Builder) -> Unit = {}): String

Creates a valid JWT token that is compatible to servers with the ModelixAuthorization plugin installed.

fun createModelixAccessToken(hmac512key: String, user: String, grantedPermissions: List<String>, additionalTokenContent: (JWTCreator.Builder) -> Unit = {}): String
Link copied to clipboard
fun ApplicationCall.getBearerToken(): String?
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
fun ApplicationCall.getUserName(): String?
fun PipelineContext<Unit, ApplicationCall>.getUserName(): String?
Link copied to clipboard
fun ApplicationCall.hasPermission(permissionToCheck: PermissionParts): Boolean
Link copied to clipboard
fun Application.installAuthentication(unitTestMode: Boolean = false)
Link copied to clipboard
fun ApplicationCall.jwt(): DecodedJWT?
Link copied to clipboard
fun ApplicationCall.jwtFromHeaders(): DecodedJWT?
Link copied to clipboard
fun DecodedJWT.nullIfInvalid(): DecodedJWT?
Link copied to clipboard
fun Route.requiresDelete(resource: KeycloakResource, body: Route.() -> Unit)
Link copied to clipboard
fun Route.requiresLogin(body: Route.() -> Unit)
Link copied to clipboard
fun Route.requiresPermission(resource: KeycloakResource, permissionType: EPermissionType, body: Route.() -> Unit)
fun Route.requiresPermission(resource: KeycloakResource, scope: KeycloakScope, body: Route.() -> Unit)
Link copied to clipboard
fun Route.requiresRead(resource: KeycloakResource, body: Route.() -> Unit)
Link copied to clipboard
fun Route.requiresWrite(resource: KeycloakResource, body: Route.() -> Unit)
Link copied to clipboard