Source code

001package ca.uhn.fhir.rest.client.interceptor;
002
003/*
004 * #%L
005 * HAPI FHIR - Client Framework
006 * %%
007 * Copyright (C) 2014 - 2022 Smile CDR, Inc.
008 * %%
009 * Licensed under the Apache License, Version 2.0 (the "License");
010 * you may not use this file except in compliance with the License.
011 * You may obtain a copy of the License at
012 *
013 *      http://www.apache.org/licenses/LICENSE-2.0
014 *
015 * Unless required by applicable law or agreed to in writing, software
016 * distributed under the License is distributed on an "AS IS" BASIS,
017 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
018 * See the License for the specific language governing permissions and
019 * limitations under the License.
020 * #L%
021 */
022
023import ca.uhn.fhir.rest.api.Constants;
024import ca.uhn.fhir.rest.client.api.IClientInterceptor;
025import ca.uhn.fhir.rest.client.api.IHttpRequest;
026import ca.uhn.fhir.rest.client.api.IHttpResponse;
027import ca.uhn.fhir.util.CoverageIgnore;
028import org.apache.commons.lang3.Validate;
029
030/**
031 * HTTP interceptor to be used for adding HTTP Authorization using "bearer tokens" to requests. Bearer tokens are used for protocols such as OAUTH2 (see the
032 * <a href="http://tools.ietf.org/html/rfc6750">RFC 6750</a> specification on bearer token usage for more information).
033 * <p>
034 * This interceptor adds a header resembling the following:<br>
035 * &nbsp;&nbsp;&nbsp;<code>Authorization: Bearer dsfu9sd90fwp34.erw0-reu</code><br>
036 * where the token portion (at the end of the header) is supplied by the invoking code.
037 * </p>
038 * <p>
039 * See the <a href="https://hapifhir.io/hapi-fhir/docs/interceptors/built_in_client_interceptors.html">HAPI Documentation</a> for information on how to use this class.
040 * </p>
041 */
042public class BearerTokenAuthInterceptor implements IClientInterceptor {
043
044        private String myToken;
045
046        /**
047         * Constructor. If this constructor is used, a token must be supplied later
048         */
049        @CoverageIgnore
050        public BearerTokenAuthInterceptor() {
051                // nothing
052        }
053
054        /**
055         * Constructor
056         * 
057         * @param theToken
058         *           The bearer token to use (must not be null)
059         */
060        public BearerTokenAuthInterceptor(String theToken) {
061                Validate.notNull(theToken, "theToken must not be null");
062                myToken = theToken;
063        }
064
065        /**
066         * Returns the bearer token to use
067         */
068        public String getToken() {
069                return myToken;
070        }
071
072        @Override
073        public void interceptRequest(IHttpRequest theRequest) {
074                theRequest.addHeader(Constants.HEADER_AUTHORIZATION, (Constants.HEADER_AUTHORIZATION_VALPREFIX_BEARER + myToken));
075        }
076
077        @Override
078        public void interceptResponse(IHttpResponse theResponse) {
079                // nothing
080        }
081
082        /**
083         * Sets the bearer token to use
084         */
085        public void setToken(String theToken) {
086                Validate.notNull(theToken, "theToken must not be null");
087                myToken = theToken;
088        }
089
090}