models.validators

Class JwtAuthValidator

lucee.Component
    extended by models.validators.JwtAuthValidator

Copyright since 2016 by Ortus Solutions, Corp www.ortussolutions.com --- This is a JWT authentication validator. It is in charge of validating rules and annotations against an incoming JWT token.

Class Attributes:
  • threadsafe
    •  
  • singleton
    •  
  • synchronized : false
    •  
  • accessors : false
    •  
  • persistent : false
    •  
    Property Summary
    type property default serializable required
    any cbsecurity


    • access = public
    • returntype = any
    • inject = @cbSecurity
    		 true false
    any jwtService


    • access = public
    • returntype = any
    • inject = JwtService@cbSecurity
    		 true false
    any requestService


    • access = public
    • returntype = any
    • inject = coldbox:requestService
    		 true false
    Method Summary
    struct annotationValidator(any securedValue, any controller)
         This function is called once access to a handler/action is detected.
    struct ruleValidator(any rule, any controller)
         This function is called once an incoming event matches a security rule.
    private boolean tokenHasScopes(any permission, any scopes)
         Verify if the jwt token has the appropriate scopes.
    any validateSecurity(any permissions)
         Validate Security for the jwt token called by an annotation or rule validation event.
     
    Methods inherited from class lucee.Component
    None
    Property Detail

    cbsecurity

    property any cbsecurity

    Attributes:
    access - public
    required - false
    returntype - any
    inject - @cbSecurity
    serializable - true

    jwtService

    property any jwtService

    Attributes:
    access - public
    required - false
    returntype - any
    inject - JwtService@cbSecurity
    serializable - true

    requestService

    property any requestService

    Attributes:
    access - public
    required - false
    returntype - any
    inject - coldbox:requestService
    serializable - true
    Method Detail

    annotationValidator

    public struct annotationValidator(any securedValue, any controller)

    This function is called once access to a handler/action is detected. You will receive the secured annotation value and an instance of the ColdBox Controller You must return a struct with two keys: - allow:boolean True, user can continue access, false, invalid access actions will ensue - type:string(authentication|authorization) The type of block that ocurred. Either an authentication or an authorization issue.

    Parameters:
    securedValue
    controller
    Returns:
    { allow:boolean, type:string(authentication|authorization) }

    ruleValidator

    public struct ruleValidator(any rule, any controller)

    This function is called once an incoming event matches a security rule. You will receive the security rule that matched and an instance of the ColdBox controller. allow : True, user can continue access, false, invalid access actions will ensue type : Is the issue an authentication or an authorization issue.

    Parameters:
    rule
    controller
    Returns:
    { allow:boolean, type:authentication|authorization }

    tokenHasScopes

    private boolean tokenHasScopes(any permission, any scopes)

    Verify if the jwt token has the appropriate scopes

    Parameters:
    permission - A list of permissions to validate within a token
    scopes - A space delimited string of scopes

    validateSecurity

    public any validateSecurity(any permissions)

    Validate Security for the jwt token called by an annotation or rule validation event

    Parameters:
    permissions - The permissions we want to validate in the scopes