Class JWTAuthPlugin

    • Constructor Detail

      • JWTAuthPlugin

        public JWTAuthPlugin()
        Initialize plugin
      • JWTAuthPlugin

        public JWTAuthPlugin​(CoreContainer coreContainer)
    • Method Detail

      • registerTokenEndpointForCsp

        protected void registerTokenEndpointForCsp()
        Record Issuer token URL as a system property so it can be picked up and sent to Admin UI as CSP
      • doAuthenticate

        public boolean doAuthenticate​(javax.servlet.http.HttpServletRequest request,
                                      javax.servlet.http.HttpServletResponse response,
                                      javax.servlet.FilterChain filterChain)
                               throws Exception
        Main authentication method that looks for correct JWT token in the Authorization header
        Specified by:
        doAuthenticate in class AuthenticationPlugin
        Throws:
        Exception
      • authenticate

        protected JWTAuthPlugin.JWTAuthenticationResponse authenticate​(String authorizationHeader)
        Testable authentication method
        Parameters:
        authorizationHeader - the http header "Authentication"
        Returns:
        AuthenticationResponse object
      • getSpec

        public org.apache.solr.common.util.ValidatingJsonMap getSpec()
        Specified by:
        getSpec in interface org.apache.solr.common.SpecProvider
      • edit

        public Map<String,​Object> edit​(Map<String,​Object> latestConf,
                                             List<org.apache.solr.common.util.CommandOperation> commands)
        Operate the commands on the latest conf and return a new conf object If there are errors in the commands , throw a SolrException. return a null if no changes are to be made as a result of this edit. It is the responsibility of the implementation to ensure that the returned config is valid . The framework does no validation of the data
        Specified by:
        edit in interface ConfigEditablePlugin
        Parameters:
        latestConf - latest version of config
        commands - the list of command operations to perform
      • generateAuthDataHeader

        protected String generateAuthDataHeader()
      • interceptInternodeRequest

        protected boolean interceptInternodeRequest​(org.apache.http.HttpRequest httpRequest,
                                                    org.apache.http.protocol.HttpContext httpContext)
        Overrides:
        interceptInternodeRequest in class AuthenticationPlugin
      • getIssuerConfigByName

        public JWTIssuerConfig getIssuerConfigByName​(String name)
        Lookup issuer config by its name
        Parameters:
        name - name property of config
        Returns:
        issuer config object or null if not found