Class SURL


  • public class SURL
    extends java.lang.Object
    Secure replacement for java.net.URL.

    This class should be used instead of java.net.URL.

    This class does some control access and manages access-tokens via URL. If a URL contains a access-token, similar to a user prefix, SURL loads the authorization config for this user-token and passes the credentials to the host.

    Example:

         SURL url = SURL.create ("https://jenkins-access@jenkins.mycompany.com/api/json")
     
    The jenkins-access will checked against the Security context access token configuration. If a configuration exists for this token name, the token will be removed from the URL and the credentials will be added to the headers. If the token is not found, the URL remains as it is and no separate authentication will be performed.

    TODO: Some methods should be moved to a HttpClient implementation, because SURL is not the valid class to manage it.
    TODO: BAD_HOSTS implementation should be reviewed and moved to HttpClient implementation with a circuit-breaker.
    TODO: Token expiration with refresh should be implemented in future.

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String WITHOUT_AUTHENTICATION
      Indicates, that we have no authentication to access the URL.
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static SURL create​(java.lang.String url)
      Create a secure URL from a String.
      static SURL create​(java.net.URL url)
      Create a secure URL from a java.net.URL object.
      byte[] getBytes()
      Reads from an endpoint (with configured credentials and proxy) the response as blob.
      byte[] getBytesOnPost​(java.net.Proxy proxy, SecurityAuthentication authentication, java.lang.String data, java.util.Map<java.lang.String,​java.lang.Object> headers)
      Post to an endpoint with a given authentication and proxy the response as blob.
      boolean isAuthorizationConfigured()
      Informs, if SecurityCredentials are configured for this connection.
      java.io.InputStream openStream()  
      java.awt.image.BufferedImage readRasterImageFromURL()  
      java.lang.String toString()  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
    • Field Detail

      • WITHOUT_AUTHENTICATION

        public static final java.lang.String WITHOUT_AUTHENTICATION
        Indicates, that we have no authentication to access the URL.
        See Also:
        Constant Field Values
    • Method Detail

      • create

        public static SURL create​(java.lang.String url)
        Create a secure URL from a String.

        The url must be http or https. Return null in case of error or if url is null

        Parameters:
        url - plain url starting by http:// or https//
        Returns:
        the secure URL or null
      • create

        public static SURL create​(java.net.URL url)
                           throws java.net.MalformedURLException
        Create a secure URL from a java.net.URL object.

        It takes into account credentials.

        Parameters:
        url -
        Returns:
        the secure URL
        Throws:
        java.net.MalformedURLException - if url is null
      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object
      • getBytes

        public byte[] getBytes()
        Reads from an endpoint (with configured credentials and proxy) the response as blob.

        This method allows access to an endpoint, with a configured SecurityCredentials object. The credentials will load on the fly and authentication fetched from an authentication-manager. Caching of tokens is not supported.

        authors: Alain Corbiere, Aljoscha Rittner

        Returns:
        data loaded data from endpoint
      • getBytesOnPost

        public byte[] getBytesOnPost​(java.net.Proxy proxy,
                                     SecurityAuthentication authentication,
                                     java.lang.String data,
                                     java.util.Map<java.lang.String,​java.lang.Object> headers)
        Post to an endpoint with a given authentication and proxy the response as blob.

        This method allows a parametrized access to an endpoint, without a configured SecurityCredentials object. This is useful to access internally identity providers (IDP), or authorization servers (to request access tokens).

        This method don't use the "bad-host" functionality, because the access to infrastructure services should not be obfuscated by some internal management.

        Please don't use this method directly from DSL scripts.

        Parameters:
        authentication - authentication object data. Caller is responsible to erase credentials
        proxy - proxy configuration
        data - content to post
        headers - headers, if needed
        Returns:
        loaded data from endpoint
      • openStream

        public java.io.InputStream openStream()
      • readRasterImageFromURL

        public java.awt.image.BufferedImage readRasterImageFromURL()
      • isAuthorizationConfigured

        public boolean isAuthorizationConfigured()
        Informs, if SecurityCredentials are configured for this connection.
        Returns:
        true, if credentials will be used for a connection