Class XsuaaTokenComp

java.lang.Object
com.sap.cloud.security.comp.XsuaaTokenComp
All Implemented Interfaces:
Token, Serializable, org.springframework.security.core.userdetails.UserDetails
@Deprecated public class XsuaaTokenComp extends Object implements Token
Deprecated.
use methods exposed by the Token interface.
Decorates a Token issued by xsuaa to provide compatibility methods for spring-xsuaa's Token interface.
See Also:

  • Method Details

    • createInstance

      @Deprecated public static XsuaaTokenComp createInstance(Token token)
      Deprecated.
      use methods exposed by the Token interface.
      Creates an instance.
      Parameters:
      token - a token issued by xsuaa

    • createInstance

      @Deprecated public static XsuaaTokenComp createInstance(String jwtToken)
      Deprecated.
      use methods exposed by the Token interface.
      Creates an instance.
      Parameters:
      jwtToken - the encoded access token, e.g. from the Authorization header.

    • getSubaccountId

      @Deprecated public String getSubaccountId()
      Deprecated.
      use AccessToken.getSubaccountId() instead.
      Return subaccount identifier which is in most cases same like the identity zone. DO only use this for metering purposes. DO NOT longer use this method to get the unique tenant id! For that use getZoneId().
      Specified by:
      getSubaccountId in interface Token
      Returns:
      the subaccount identifier.

    • getZoneId

      @Deprecated public String getZoneId()
      Deprecated.
      use Token.getZoneId() instead.
      Return zone identifier which should be used as tenant discriminator (tenant id). For most of the old subaccounts this matches the id returned by getSubaccountId().
      Specified by:
      getZoneId in interface Token
      Returns:
      the zone identifier.

    • getSubdomain

      @Deprecated public String getSubdomain()
      Deprecated.
      use Token.getAttributeFromClaimAsString(String, String) instead
      Returns the subdomain of the calling tenant's subaccount.
      Specified by:
      getSubdomain in interface Token
      Returns:
      the subdomain of the tenant the JWT belongs to.

    • getClientId

      @Deprecated public String getClientId()
      Deprecated.
      use Token.getClientId() instead.
      Returns the OAuth2 client identifier of the authentication token if present. Following OpenID Connect 1.0 standard specifications, client identifier is obtained from "azp" claim if present or when "azp" is not present from "aud" claim, but only in case there is one audience.
      Specified by:
      getClientId in interface Token
      Returns:
      the OAuth client ID.

    • getGrantType

      @Deprecated public String getGrantType()
      Deprecated.
      use Token.getGrantType() instead.
      Returns the OAuth2.0 grant type used for retrieving / creating this token.
      Specified by:
      getGrantType in interface Token
      Returns:
      the grant type

    • getLogonName

      @Deprecated public String getLogonName()
      Deprecated.
      use Token.getClaimAsString(String) instead.
      Returns a unique user name of a user (user_name claim), using information from the JWT. For tokens that were issued as a result of a client credentials flow, the OAuth client ID will be returned in a special format. The following information is required to uniquely identify a user:
      • user login name: name of the user in an identity provider, provided by this method.
      • origin: alias to an identity provider, see getOrigin().
      • zone id: identifier for the zone, see getZoneId().
      Specified by:
      getLogonName in interface Token
      Returns:
      unique principal name or null if it can not be determined.

    • getGivenName

      @Deprecated public String getGivenName()
      Deprecated.
      use Token.getClaimAsString(String) instead
      Returns the given name of the user if present. Will try to find it first in the ext_attr.given_name claim before trying to find a given_name claim.
      Specified by:
      getGivenName in interface Token
      Returns:
      the given name if present.

    • getFamilyName

      @Deprecated public String getFamilyName()
      Deprecated.
      use Token.getClaimAsString(String) instead
      Returns the family name of the user if present. Will try to find it first in the ext_attr.family_name claim before trying to find a family_name claim.
      Specified by:
      getFamilyName in interface Token
      Returns:
      the family name if present.

    • getEmail

      @Deprecated public String getEmail()
      Deprecated.
      use Token.getClaimAsString(String) instead
      Returns the email address of the user, if present.
      Specified by:
      getEmail in interface Token
      Returns:
      The email address if present.

    • getOrigin

      @Deprecated public String getOrigin()
      Deprecated.
      use Token.getClaimAsString(String) instead
      Returns the user origin. The origin is an alias that refers to a user store in which the user is persisted. For example, users that are authenticated by the UAA itself with a username / password combination have their origin set to the value "uaa".

      May be null in case this JWT was not created with OAuth 2.0 client credentials flow.

      Specified by:
      getOrigin in interface Token
      Returns:
      the user origin if present.

    • getXSUserAttribute

      @Deprecated public String[] getXSUserAttribute(String attributeName)
      Deprecated.
      use Token.getAttributeFromClaimAsStringList(String, String) (String)} instead
      Returns the value of an attribute from the 'xs.user.attributes' claim.
      Specified by:
      getXSUserAttribute in interface Token
      Parameters:
      attributeName - name of the attribute inside 'xs.user.attributes'.
      Returns:
      the attribute values array or null if there exists no such attribute.

    • getAdditionalAuthAttribute

      @Deprecated public String getAdditionalAuthAttribute(String attributeName)
      Deprecated.
      use Token.getAttributeFromClaimAsString(String, String) instead
      Additional custom authentication attributes included by the OAuth client component. Note: this is data controlled by the requester of a token. Might be not trustworthy.
      Specified by:
      getAdditionalAuthAttribute in interface Token
      Parameters:
      attributeName - name of the authentication attribute
      Returns:
      additional attribute value if present.

    • getCloneServiceInstanceId

      @Deprecated public String getCloneServiceInstanceId()
      Deprecated.
      use Token.getAttributeFromClaimAsString(String, String) instead
      Returns the XSUAA clone instance ID, if present. This will only be set for tokens that were issued by an XSUAA with plan broker. Contains the service instance id if present.
      Specified by:
      getCloneServiceInstanceId in interface Token
      Returns:
      the XSUAA clone service instance id if present.

    • getAppToken

      @Deprecated public String getAppToken()
      Deprecated.
      use Token.getTokenValue() instead
      Get the encoded authentication token, e.g. for token forwarding to another app.

      Never expose this token via log or via HTTP.

      Specified by:
      getAppToken in interface Token
      Returns:
      token

    • getScopes

      @Deprecated public Collection<String> getScopes()
      Deprecated.
      use Token.getClaimAsStringList(String) instead
      Returns list of scopes with appId prefix, e.g. "<my-app!t123>.Display".
      Specified by:
      getScopes in interface Token
      Returns:
      all scopes

    • getAuthorities

      @Deprecated public Collection<? extends org.springframework.security.core.GrantedAuthority> getAuthorities()
      Deprecated.
      Specified by:
      getAuthorities in interface Token
      Specified by:
      getAuthorities in interface org.springframework.security.core.userdetails.UserDetails
      Throws:
      UnsupportedOperationException - in any case

    • getPassword

      @Deprecated public String getPassword()
      Deprecated.
      Specified by:
      getPassword in interface org.springframework.security.core.userdetails.UserDetails
      Throws:
      UnsupportedOperationException - in any case

    • getExpiration

      @Deprecated public Instant getExpiration()
      Deprecated.
      use Token.getExpiration() instead
      Returns the moment in time when the token is expired.
      Specified by:
      getExpiration in interface Token
      Returns:
      the expiration point in time if present.

    • getExpirationDate

      @Deprecated public Date getExpirationDate()
      Deprecated.
      use Token.getExpiration() instead
      Returns the moment in time when the token is expired.
      Returns:
      the expiration point in time if present.

    • getUsername

      @Deprecated public String getUsername()
      Deprecated.
      use Token.getPrincipal().getName() instead
      Returns the username used to authenticate the user. See import org.springframework.security.core.userdetails.UserDetails#getUsername()
      Specified by:
      getUsername in interface org.springframework.security.core.userdetails.UserDetails
      Returns:
      the username

    • isAccountNonExpired

      @Deprecated public boolean isAccountNonExpired()
      Deprecated.
      Specified by:
      isAccountNonExpired in interface org.springframework.security.core.userdetails.UserDetails

    • isAccountNonLocked

      @Deprecated public boolean isAccountNonLocked()
      Deprecated.
      Specified by:
      isAccountNonLocked in interface org.springframework.security.core.userdetails.UserDetails

    • isCredentialsNonExpired

      @Deprecated public boolean isCredentialsNonExpired()
      Deprecated.
      Specified by:
      isCredentialsNonExpired in interface org.springframework.security.core.userdetails.UserDetails

    • isEnabled

      @Deprecated public boolean isEnabled()
      Deprecated.
      Specified by:
      isEnabled in interface org.springframework.security.core.userdetails.UserDetails

    • toString

      @Deprecated public String toString()
      Deprecated.
      use Token.getPrincipal().getName() instead
      Returns the user name for token.
      Overrides:
      toString in class Object
      Returns:
      the user name.