Source code

001package ca.uhn.fhir.rest.client.interceptor;
002
003/*
004 * #%L
005 * HAPI FHIR - Core Library
006 * %%
007 * Copyright (C) 2014 - 2016 University Health Network
008 * %%
009 * Licensed under the Apache License, Version 2.0 (the "License");
010 * you may not use this file except in compliance with the License.
011 * You may obtain a copy of the License at
012 * 
013 *      http://www.apache.org/licenses/LICENSE-2.0
014 * 
015 * Unless required by applicable law or agreed to in writing, software
016 * distributed under the License is distributed on an "AS IS" BASIS,
017 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
018 * See the License for the specific language governing permissions and
019 * limitations under the License.
020 * #L%
021 */
022
023import org.apache.commons.lang3.Validate;
024import org.apache.http.HttpResponse;
025import org.apache.http.client.methods.HttpRequestBase;
026
027import ca.uhn.fhir.rest.client.IClientInterceptor;
028import ca.uhn.fhir.rest.server.Constants;
029import ca.uhn.fhir.util.CoverageIgnore;
030
031/**
032 * HTTP interceptor to be used for adding HTTP Authorization using "bearer tokens" to requests. Bearer tokens are used for protocols such as OAUTH2 (see the
033 * <a href="http://tools.ietf.org/html/rfc6750">RFC 6750</a> specification on bearer token usage for more information).
034 * <p>
035 * This interceptor adds a header resembling the following:<br>
036 * &nbsp;&nbsp;&nbsp;<code>Authorization: Bearer dsfu9sd90fwp34.erw0-reu</code><br>
037 * where the token portion (at the end of the header) is supplied by the invoking code.
038 * </p>
039 * <p>
040 * See the <a href="http://jamesagnew.github.io/hapi-fhir/doc_rest_client_interceptor.html#Security_HTTP_Bearer_Token_Authorization">HAPI Documentation</a> for information on how to use this class.
041 * </p>
042 */
043public class BearerTokenAuthInterceptor implements IClientInterceptor {
044
045        private String myToken;
046
047        /**
048         * Constructor. If this constructor is used, a token must be supplied later
049         */
050        @CoverageIgnore
051        public BearerTokenAuthInterceptor() {
052                // nothing
053        }
054
055        /**
056         * Constructor
057         * 
058         * @param theToken
059         *           The bearer token to use (must not be null)
060         */
061        public BearerTokenAuthInterceptor(String theToken) {
062                Validate.notNull("theToken must not be null");
063                myToken = theToken;
064        }
065
066        /**
067         * Returns the bearer token to use
068         */
069        public String getToken() {
070                return myToken;
071        }
072
073        @Override
074        public void interceptRequest(HttpRequestBase theRequest) {
075                theRequest.addHeader(Constants.HEADER_AUTHORIZATION, (Constants.HEADER_AUTHORIZATION_VALPREFIX_BEARER + myToken));
076        }
077
078        @Override
079        public void interceptResponse(HttpResponse theResponse) {
080                // nothing
081        }
082
083        /**
084         * Sets the bearer token to use
085         */
086        public void setToken(String theToken) {
087                myToken = theToken;
088        }
089
090}