Authorizer.java example

Explorer

restlet-framework-java-master
- build
  - tools
    - checkstyle
      - contrib
        JavadocCheckDefault.java
        bcel
        src
        checkstyle
        com
        puppycrawl
        tools
        checkstyle
        bcel
        AbstractCheckVisitor.java
        ClassFileSetCheck.java
        EmptyClassFileVisitor.java
        EmptyDeepVisitor.java
        EmptyGenericVisitor.java
        IDeepVisitor.java
        IObjectSetVisitor.java
        JavaClassWalker.java
        ReferenceVisitor.java
        VisitorSet.java
        checks
        AbstractReferenceCheck.java
        HiddenInheritedFieldCheck.java
        HiddenStaticMethodCheck.java
        UnreadFieldCheck.java
        UnreadVariableCheck.java
        UnusedMethodCheck.java
        classfile
        FieldDefinition.java
        FieldOrMethodDefinition.java
        JavaClassDefinition.java
        MethodDefinition.java
        ReferenceDAO.java
        Utils.java
        generic
        FieldOrMethodReference.java
        FieldReference.java
        GETFIELDReference.java
        GETSTATICReference.java
        InvokeReference.java
        PUTFIELDReference.java
        PUTSTATICReference.java
        Utils.java
        testinputs
        com
        puppycrawl
        tools
        checkstyle
        bcel
        checks
        InheritLibrary.java
        SubClass.java
        SuperClass.java
        tests
        com
        puppycrawl
        tools
        checkstyle
        bcel
        BcelCheckTestCase.java
        checks
        HiddenInheritedFieldTest.java
        HiddenStaticMethodTest.java
        examples
        XInclude
        NamespacesSAXParserFactoryImpl.java
        checks
        com
        mycompany
        checks
        LimitImplementationFiles.java
        MethodLimitCheck.java
        puppycrawl
        tools
        checkstyle
        checks
        xpath
        Attribute.java
        AttributeAxisIterator.java
        DocumentNavigator.java
        NodeIterator.java
        XPathCheck.java
        filters
        com
        mycompany
        filters
        FilesFilter.java
        listeners
        com
        mycompany
        listeners
        CommonsLoggingListener.java
        MailLogger.java
        VerboseListener.java
        usage
        src
        checkstyle
        com
        puppycrawl
        tools
        checkstyle
        checks
        usage
        AbstractUsageCheck.java
        OneMethodPrivateFieldCheck.java
        UnusedLocalVariableCheck.java
        UnusedParameterCheck.java
        UnusedPrivateFieldCheck.java
        UnusedPrivateMethodCheck.java
        transmogrify
        ASTManager.java
        ASTUtil.java
        AnonymousInnerClass.java
        ArrayDef.java
        ArrayLengthMember.java
        BaseScope.java
        BlockDef.java
        ClassDef.java
        ClassImportException.java
        ClassManager.java
        DefaultConstructor.java
        DefaultScope.java
        Definition.java
        DefinitionTraverser.java
        DotIterator.java
        ExternalClass.java
        ExternalConstructor.java
        ExternalDefinition.java
        ExternalMethod.java
        ExternalPackage.java
        ExternalSignature.java
        ExternalVariable.java
        IClass.java
        IDefinition.java
        IMethod.java
        IPackage.java
        ISignature.java
        IVariable.java
        InterfaceConstructor.java
        LabelDef.java
        LiteralResolver.java
        MethodDef.java
        MethodSignature.java
        MethodSpecificityComparator.java
        NullClass.java
        Occurrence.java
        PackageDef.java
        PrimitiveClasses.java
        QueryEngine.java
        Reference.java
        ReferenceCounter.java
        ReferenceThreshold.java
        ReferenceTool.java
        Resolver.java
        Scope.java
        ScopeIndex.java
        Span.java
        SymTabAST.java
        SymTabASTFactory.java
        SymTabASTIterator.java
        SymbolTable.java
        SymbolTableException.java
        TableMaker.java
        Typed.java
        UnknownClass.java
        VariableDef.java
        testinputs
        com
        puppycrawl
        tools
        checkstyle
        usage
        InputEmptyFile.java
        InputInnerUsedMethod.java
        InputOneMethodPrivateField.java
        InputUnusedField.java
        InputUnusedLocal.java
        InputUnusedMethod.java
        InputUnusedParameter.java
        tests
        com
        puppycrawl
        tools
        checkstyle
        checks
        usage
        AllTests.java
        OneMethodPrivateFieldCheckTest.java
        UnusedLocalVariableCheckTest.java
        UnusedParameterCheckTest.java
        UnusedPrivateFieldCheckTest.java
        UnusedPrivateMethodCheckTest.java
- modules

/**
 * Copyright 2005-2014 Restlet
 * 
 * The contents of this file are subject to the terms of one of the following
 * open source licenses: Apache 2.0 or or EPL 1.0 (the "Licenses"). You can
 * select the license that you prefer but you may not use this file except in
 * compliance with one of these Licenses.
 * 
 * You can obtain a copy of the Apache 2.0 license at
 * http://www.opensource.org/licenses/apache-2.0
 * 
 * You can obtain a copy of the EPL 1.0 license at
 * http://www.opensource.org/licenses/eclipse-1.0
 * 
 * See the Licenses for the specific language governing permissions and
 * limitations under the Licenses.
 * 
 * Alternatively, you can obtain a royalty free commercial license with less
 * limitations, transferable or non-transferable, directly at
 * http://restlet.com/products/restlet-framework
 * 
 * Restlet is a registered trademark of Restlet S.A.S.
 */

package org.restlet.security;

import org.restlet.Request;
import org.restlet.Response;
import org.restlet.Restlet;
import org.restlet.data.ClientInfo;
import org.restlet.data.Status;
import org.restlet.resource.ServerResource;
import org.restlet.routing.Filter;

/**
 * Filter authorizing inbound request. It can be attached to protect a set of
 * downstream {@link Restlet} and {@link ServerResource} objects.
 * 
 * @see <a href="http://wiki.restlet.org/docs_2.2/113-restlet.html">User Guide -
 *      Authorization</a>
 * @author Jerome Louvel
 */
public abstract class Authorizer extends Filter {

    /** Authorizer returning true all the time. */
    public static final Authorizer ALWAYS = new Authorizer() {
        @Override
        public boolean authorize(Request request, Response response) {
            return true;
        }
    };

    /**
     * Authorizer returning true for all authenticated requests. For
     * unauthenticated requests, it sets the response's status to
     * {@link Status#CLIENT_ERROR_UNAUTHORIZED} instead of the default
     * {@link Status#CLIENT_ERROR_FORBIDDEN}.
     * 
     * @see ClientInfo#isAuthenticated()
     */
    public static final Authorizer AUTHENTICATED = new Authorizer() {
        @Override
        public boolean authorize(Request request, Response response) {
            return request.getClientInfo().isAuthenticated();
        }

        @Override
        protected int unauthorized(Request request, Response response) {
            response.setStatus(Status.CLIENT_ERROR_UNAUTHORIZED);
            return STOP;
        }
    };

    /** Authorizer returning false all the time. */
    public static final Authorizer NEVER = new Authorizer() {
        @Override
        public boolean authorize(Request request, Response response) {
            return false;
        }
    };

    /** The identifier unique within an application. */
    private volatile String identifier;

    /**
     * Default constructor.
     */
    public Authorizer() {
    }

    /**
     * Constructor.
     * 
     * @param identifier
     *            The identifier unique within an application.
     */
    public Authorizer(String identifier) {
        this.identifier = identifier;
    }

    /**
     * Attempts to authorize the request.
     * 
     * @param request
     *            The request sent.
     * @param response
     *            The response to update.
     * @return True if the authorization succeeded.
     */
    protected abstract boolean authorize(Request request, Response response);

    /**
     * Invoked upon successful authorization. Returns {@link Filter#CONTINUE} by
     * default.
     * 
     * @param request
     *            The request sent.
     * @param response
     *            The response to update.
     * @return The filter continuation code.
     */
    protected int authorized(Request request, Response response) {
        return CONTINUE;
    }

    @Override
    protected int beforeHandle(Request request, Response response) {
        if (authorize(request, response)) {
            return authorized(request, response);
        }

        return unauthorized(request, response);
    }

    /**
     * Returns the identifier unique within an application.
     * 
     * @return The identifier unique within an application.
     */
    public String getIdentifier() {
        return identifier;
    }

    /**
     * Sets the identifier unique within an application.
     * 
     * @param identifier
     *            The identifier unique within an application.
     */
    public void setIdentifier(String identifier) {
        this.identifier = identifier;
    }

    /**
     * Invoked upon failed authorization. Sets the status to
     * {@link Status#CLIENT_ERROR_FORBIDDEN} and returns {@link Filter#STOP} by
     * default.
     * 
     * @param request
     *            The request sent.
     * @param response
     *            The response to update.
     * @return The filter continuation code.
     */
    protected int unauthorized(Request request, Response response) {
        response.setStatus(Status.CLIENT_ERROR_FORBIDDEN);
        return STOP;
    }

}