Class SURL
- java.lang.Object
-
- net.sourceforge.plantuml.security.SURL
-
public class SURL extends java.lang.Object
Secure replacement for java.net.URL.This class should be used instead of java.net.URL.
This class does some control access and manages access-tokens via URL. If a URL contains a access-token, similar to a user prefix, SURL loads the authorization config for this user-token and passes the credentials to the host.
Example:
SURL url = SURL.create ("https://jenkins-access@jenkins.mycompany.com/api/json")
Thejenkins-access
will checked against the Security context access token configuration. If a configuration exists for this token name, the token will be removed from the URL and the credentials will be added to the headers. If the token is not found, the URL remains as it is and no separate authentication will be performed.TODO: Some methods should be moved to a HttpClient implementation, because SURL is not the valid class to manage it.
TODO: BAD_HOSTS implementation should be reviewed and moved to HttpClient implementation with a circuit-breaker.
TODO: Token expiration with refresh should be implemented in future.
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
WITHOUT_AUTHENTICATION
Indicates, that we have no authentication to access the URL.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static SURL
create(java.lang.String url)
Create a secure URL from a String.static SURL
create(java.net.URL url)
Create a secure URL from ajava.net.URL
object.byte[]
getBytes()
Reads from an endpoint (with configured credentials and proxy) the response as blob.byte[]
getBytesOnPost(java.net.Proxy proxy, SecurityAuthentication authentication, java.lang.String data, java.util.Map<java.lang.String,java.lang.Object> headers)
Post to an endpoint with a given authentication and proxy the response as blob.boolean
isAuthorizationConfigured()
Informs, if SecurityCredentials are configured for this connection.java.io.InputStream
openStream()
java.awt.image.BufferedImage
readRasterImageFromURL()
java.lang.String
toString()
-
-
-
Field Detail
-
WITHOUT_AUTHENTICATION
public static final java.lang.String WITHOUT_AUTHENTICATION
Indicates, that we have no authentication to access the URL.- See Also:
- Constant Field Values
-
-
Method Detail
-
create
public static SURL create(java.lang.String url)
Create a secure URL from a String.The url must be http or https. Return null in case of error or if
url
is null- Parameters:
url
- plain url starting by http:// or https//- Returns:
- the secure URL or null
-
create
public static SURL create(java.net.URL url) throws java.net.MalformedURLException
Create a secure URL from ajava.net.URL
object.It takes into account credentials.
- Parameters:
url
-- Returns:
- the secure URL
- Throws:
java.net.MalformedURLException
- ifurl
is null
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
getBytes
public byte[] getBytes()
Reads from an endpoint (with configured credentials and proxy) the response as blob.This method allows access to an endpoint, with a configured SecurityCredentials object. The credentials will load on the fly and authentication fetched from an authentication-manager. Caching of tokens is not supported.
authors: Alain Corbiere, Aljoscha Rittner
- Returns:
- data loaded data from endpoint
-
getBytesOnPost
public byte[] getBytesOnPost(java.net.Proxy proxy, SecurityAuthentication authentication, java.lang.String data, java.util.Map<java.lang.String,java.lang.Object> headers)
Post to an endpoint with a given authentication and proxy the response as blob.This method allows a parametrized access to an endpoint, without a configured SecurityCredentials object. This is useful to access internally identity providers (IDP), or authorization servers (to request access tokens).
This method don't use the "bad-host" functionality, because the access to infrastructure services should not be obfuscated by some internal management.
Please don't use this method directly from DSL scripts.
- Parameters:
authentication
- authentication object data. Caller is responsible to erase credentialsproxy
- proxy configurationdata
- content to postheaders
- headers, if needed- Returns:
- loaded data from endpoint
-
openStream
public java.io.InputStream openStream()
-
readRasterImageFromURL
public java.awt.image.BufferedImage readRasterImageFromURL()
-
isAuthorizationConfigured
public boolean isAuthorizationConfigured()
Informs, if SecurityCredentials are configured for this connection.- Returns:
- true, if credentials will be used for a connection
-
-