Class AuthenticationManager.CredentialCache

  • Enclosing class:
    AuthenticationManager

    public static final class AuthenticationManager.CredentialCache
    extends Object
    Encapsulates a map of server contexts to credentials that may be used to access them. This allows for reuse of Credentials against services hosted on the same server/portal. NOTE: It is imperative that this cache be cleared in between user sessions. For example, if user A logs in and accesses some resources, then logs out so that user B can log in, the credential cache should be cleared so that user B cannot inadvertently access resources that they don't have authorization for but user A did.

    Since 100.5.0, the server contexts in the credential cache are in all lower case.

    Since:
    100.0.0
    • Constructor Detail

      • CredentialCache

        public CredentialCache()
    • Method Detail

      • toJson

        public static String toJson()
        Returns a json String representation of the credential cache, allowing it to be persisted to disk and reloaded in a later session. This will allow the app to reload previous resources that required authentication, without needing the user to reenter any credentials. It is imperative that this String is encrypted before being persisted to disk, or else it may pose a security vulnerability.
        Returns:
        a json String representation of the credential cache
        Since:
        100.0.0
      • restoreFromJson

        public static void restoreFromJson​(String json)
        Restores the state of a previously persisted credential cache, overwriting any values currently in the cache. This allows the app to reload previous resources that required authentication, without needing the user to reenter any credentials.
        Parameters:
        json - the String representing the persisted state of the credential cache
        Since:
        100.0.0
      • clear

        public static void clear()
        Clears all cached credential information, including Token, PKI/Certificate and HTTP.
        Since:
        100.0.0
      • removeAndRevokeCredentialAsync

        public static ListenableFuture<Void> removeAndRevokeCredentialAsync​(Credential credential)
        Removes the given credential from the cache. If the credential is used for OAuth authentication, a request is sent to revoke its OAuth token. If the resultant Future indicates an exception occurred, the exception relates to the request to revoke the OAuth token. The credential is removed from the cache even if OAuth token revocation fails.
        Parameters:
        credential - the credential to revoke and remove from cache
        Returns:
        a ListenableFuture for tracking when the operation is done and getting the result; also allows cancellation. Calling get() on the returned future may throw an IOException if the network request fails
        Throws:
        IllegalArgumentException - if credential is null
        Since:
        100.6.0
      • removeAndRevokeAllCredentialsAsync

        public static ListenableFuture<Map<Credential,​Exception>> removeAndRevokeAllCredentialsAsync()
        Removes all credentials from the cache. If any credential is used for OAuth authentication, a request is sent to revoke its OAuth token. The resultant Future returns a Map that will be empty if no exceptions occurred. If it's not empty, each entry contains a Credential for which OAuth token revocation failed and an Exception indicating why it failed. All credentials are removed from the cache even if OAuth token revocation fails.
        Returns:
        a ListenableFuture for tracking when the operation is done and getting the result; also allows cancellation
        Since:
        100.6.0