Class BaseAuthFilter
- java.lang.Object
-
- io.mosip.authentication.common.service.filter.BaseIDAFilter
-
- io.mosip.authentication.common.service.filter.BaseAuthFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
- Direct Known Subclasses:
IdAuthFilter
@Component public abstract class BaseAuthFilter extends BaseIDAFilter
The Class BaseAuthFilter - The Base Auth Filter that does all necessary authentication/authorization before allowing the request to the respective controllers.- Author:
- Manoj SP, Sanjay Murali
-
-
Field Summary
-
Fields inherited from class io.mosip.authentication.common.service.filter.BaseIDAFilter
env, keyManager, mapper
-
-
Constructor Summary
Constructors Constructor Description BaseAuthFilter()
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected voidauthenticateRequest(ResettableStreamHttpServletRequest requestWrapper)authenticateRequest method used to validate the JSON signature pay load and the certificateprotected voidconsumeRequest(ResettableStreamHttpServletRequest requestWrapper, Map<String,Object> requestBody)consumeRequest method is used to manipulate the request where the request is first reached and along this all validation are done further after successful decipher.protected voiddecipherAndValidateRequest(ResettableStreamHttpServletRequest requestWrapper, Map<String,Object> requestBody)Decipher and validate request - Method used to decipher the input stream request and validate it usingvalidateDecipheredRequest(io.mosip.authentication.common.service.filter.ResettableStreamHttpServletRequest,java.util.Map<java.lang.String,java.lang.Object>)method.protected Map<String,Object>decipherRequest(Map<String,Object> requestBody)decipherRequest method is used to get the deciphered request from the encoded and enciphered request passed by the authenticating partner.protected static Objectdecode(String stringToDecode)Decode method is used to decode the encoded string.protected StringgetPayloadFromJwsSingature(String jws)voidinit(javax.servlet.FilterConfig filterConfig)protected Map<String,Object>processDecipheredReqeuest(Map<String,Object> decipheredRequest)protected abstract voidvalidateDecipheredRequest(ResettableStreamHttpServletRequest requestWrapper, Map<String,Object> decipherRequest)validateDecipheredRequest - Method used to validate the input stream request by validating the policy, partner and MISP id of the authenticating partner once the request is decoded and deciphered.protected voidvalidateRequestHMAC(String requestHMAC, String request)validateRequestHMAC method is used to validate the HMAC of the request with the deciphered request block and requestHMAC received in the request body.protected voidverifyBioDataSignature(String jwsSignature, int index)protected booleanverifySignature(String jwsSignature, String requestData, String domain)-
Methods inherited from class io.mosip.authentication.common.service.filter.BaseIDAFilter
checkAllowedAMRForKBT, checkMispPolicyAllowed, consumeResponse, destroy, doFilter, fetchId, getRequestBody, isAMRValidationRequired, isCertificateValidationRequired, isDate, isMispPolicyValidationRequired, isSignatureVerificationRequired, isSigningRequired, isThumbprintValidationRequired, isTrustValidationRequired, needStoreAnonymousProfile, needStoreAuthTransaction, removeNullOrEmptyFieldsInResponse, validateId, validateRequest
-
-
-
-
Method Detail
-
init
public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException- Specified by:
initin interfacejavax.servlet.Filter- Overrides:
initin classBaseIDAFilter- Throws:
javax.servlet.ServletException
-
consumeRequest
protected void consumeRequest(ResettableStreamHttpServletRequest requestWrapper, Map<String,Object> requestBody) throws IdAuthenticationAppException
Description copied from class:BaseIDAFilterconsumeRequest method is used to manipulate the request where the request is first reached and along this all validation are done further after successful decipher.- Overrides:
consumeRequestin classBaseIDAFilter- Parameters:
requestWrapper-ResettableStreamHttpServletRequestrequestBody- the request body- Throws:
IdAuthenticationAppException- the id authentication app exception
-
decipherAndValidateRequest
protected void decipherAndValidateRequest(ResettableStreamHttpServletRequest requestWrapper, Map<String,Object> requestBody) throws IdAuthenticationAppException
Decipher and validate request - Method used to decipher the input stream request and validate it usingvalidateDecipheredRequest(io.mosip.authentication.common.service.filter.ResettableStreamHttpServletRequest,java.util.Map<java.lang.String,java.lang.Object>)method.- Parameters:
requestWrapper- the request wrapperrequestBody- the request body- Throws:
IdAuthenticationAppException- the id authentication app exceptionIdAuthenticationBusinessException
-
processDecipheredReqeuest
protected Map<String,Object> processDecipheredReqeuest(Map<String,Object> decipheredRequest)
-
verifyBioDataSignature
protected void verifyBioDataSignature(String jwsSignature, int index) throws IdAuthenticationAppException
- Throws:
IdAuthenticationAppException
-
verifySignature
protected boolean verifySignature(String jwsSignature, String requestData, String domain)
-
validateDecipheredRequest
protected abstract void validateDecipheredRequest(ResettableStreamHttpServletRequest requestWrapper, Map<String,Object> decipherRequest) throws IdAuthenticationAppException
validateDecipheredRequest - Method used to validate the input stream request by validating the policy, partner and MISP id of the authenticating partner once the request is decoded and deciphered.- Parameters:
requestWrapper-ResettableStreamHttpServletRequestdecipherRequest- the request got after decode and decipher the input stream- Throws:
IdAuthenticationAppException- the id authentication app exceptionIdAuthenticationBusinessException
-
authenticateRequest
protected void authenticateRequest(ResettableStreamHttpServletRequest requestWrapper) throws IdAuthenticationAppException
Description copied from class:BaseIDAFilterauthenticateRequest method used to validate the JSON signature pay load and the certificate- Specified by:
authenticateRequestin classBaseIDAFilter- Parameters:
requestWrapper-ResettableStreamHttpServletRequest- Throws:
IdAuthenticationAppException- the id authentication app exception
-
decode
protected static Object decode(String stringToDecode) throws IdAuthenticationAppException
Decode method is used to decode the encoded string.- Parameters:
stringToDecode- the encoded string- Returns:
- the object the decoded string
- Throws:
IdAuthenticationAppException- the id authentication app exception
-
decipherRequest
protected Map<String,Object> decipherRequest(Map<String,Object> requestBody) throws IdAuthenticationAppException
decipherRequest method is used to get the deciphered request from the encoded and enciphered request passed by the authenticating partner.- Parameters:
requestBody- the encoded and enciphered request body- Returns:
- the map the decoded and deciphered request body
- Throws:
IdAuthenticationAppException- the id authentication app exception
-
validateRequestHMAC
protected void validateRequestHMAC(String requestHMAC, String request) throws IdAuthenticationAppException
validateRequestHMAC method is used to validate the HMAC of the request with the deciphered request block and requestHMAC received in the request body.- Parameters:
requestHMAC- the requestHMAC received in the request bodyrequest- the generated HMAC computed once the request is decoded and deciphered- Throws:
IdAuthenticationAppException- the id authentication app exception
-
-