security/oauth1-server/src/main/java/org/glassfish/jersey/server/oauth1/OAuth1Consumer.java - jersey - Git at Google

 /*
  * Copyright (c) 2010, 2018 Oracle and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at
  * http://www.eclipse.org/legal/epl-2.0.
  *
  * This Source Code may also be made available under the following Secondary
  * Licenses when the conditions for such availability set forth in the
  * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
  * version 2 with the GNU Classpath Exception, which is available at
  * https://www.gnu.org/software/classpath/license.html.
  *
  * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
  */

 package org.glassfish.jersey.server.oauth1;

 import java.security.Principal;

 /**
  * Class representing a registered consumer.
  *
  * @author Martin Matula
  */
 public interface OAuth1Consumer {
     /** Returns consumer key.
      *
      * @return consumer key
      */
     String getKey();

     /** Returns consumer secret.
      *
      * @return consumer secret
      */
     String getSecret();

     /** Returns a {@link java.security.Principal} object representing this consumer.
      * When the oauth filter verifies the request
      * and no access token is provided, this is the principal that will get set to the security context.
      * This can be used for 2-legged oauth. If the server does not allow consumers acting
      * on their own (with no access token), this method should return null.
      *
      * @return Principal corresponding to this consumer, or null if 2-legged oauth not supported (i.e. consumers can't act on their own)
      */
     Principal getPrincipal();

     /** Returns a boolean indicating whether this consumer is authorized for the
      * specified logical "role". When the oauth filter verifies the request
      * and no access token is provided (2-legged oauth), it sets the consumer object to the security context
      * which then delegates {@link javax.ws.rs.core.SecurityContext#isUserInRole(String)} to this
      * method.
      *
      * @param role a {@code String} specifying the name of the role
      *
      * @return a {@code boolean} indicating whether this token is authorized for
      * a given role
      */
     boolean isInRole(String role);
 }
	/*
	* Copyright (c) 2010, 2018 Oracle and/or its affiliates. All rights reserved.
	*
	* This program and the accompanying materials are made available under the
	* terms of the Eclipse Public License v. 2.0, which is available at
	* http://www.eclipse.org/legal/epl-2.0.
	*
	* This Source Code may also be made available under the following Secondary
	* Licenses when the conditions for such availability set forth in the
	* Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
	* version 2 with the GNU Classpath Exception, which is available at
	* https://www.gnu.org/software/classpath/license.html.
	*
	* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
	*/

	package org.glassfish.jersey.server.oauth1;

	import java.security.Principal;

	/**
	* Class representing a registered consumer.
	*
	* @author Martin Matula
	*/
	public interface OAuth1Consumer {
	/** Returns consumer key.
	*
	* @return consumer key
	*/
	String getKey();

	/** Returns consumer secret.
	*
	* @return consumer secret
	*/
	String getSecret();

	/** Returns a {@link java.security.Principal} object representing this consumer.
	* When the oauth filter verifies the request
	* and no access token is provided, this is the principal that will get set to the security context.
	* This can be used for 2-legged oauth. If the server does not allow consumers acting
	* on their own (with no access token), this method should return null.
	*
	* @return Principal corresponding to this consumer, or null if 2-legged oauth not supported (i.e. consumers can't act on their own)
	*/
	Principal getPrincipal();

	/** Returns a boolean indicating whether this consumer is authorized for the
	* specified logical "role". When the oauth filter verifies the request
	* and no access token is provided (2-legged oauth), it sets the consumer object to the security context
	* which then delegates {@link javax.ws.rs.core.SecurityContext#isUserInRole(String)} to this
	* method.
	*
	* @param role a {@code String} specifying the name of the role
	*
	* @return a {@code boolean} indicating whether this token is authorized for
	* a given role
	*/
	boolean isInRole(String role);
	}