# AuthorizationHandler.hpp

This File On Github
Ask A Question

API: latest
module: oatpp
#include "oatpp/web/server/handler/AuthorizationHandler.hpp"

# AuthorizationObject

The AuthorizationObject superclass, all AuthorizationObjects have to extend this class.

namespace oatpp { namespace web { namespace server { namespace handler { 
  class AuthorizationObject : public oatpp::base::Countable {}
}}}}

# AuthorizationHandler

Abstract Authorization Handler.

namespace oatpp { namespace web { namespace server { namespace handler { 
  class AuthorizationHandler {}
}}}}

# Typedefs

Type Name Summary
oatpp::web::server::handler::AuthorizationObject AuthorizationObject Convenience typedef for AuthorizationObject.
oatpp::data::stream::BufferOutputStream BufferOutputStream Convenience typedef for oatpp::data::stream::BufferOutputStream.
oatpp::web::protocol::http::Headers Headers Convenience typedef for oatpp::web::protocol::http::Headers.

# Methods

Return Type Name Summary
[none] AuthorizationHandler Constructor.
[none] ~AuthorizationHandler Default virtual destructor.
std::shared_ptr<AuthorizationObject> handleAuthorization Implement this method! Return nullptr if authorization should be denied.
void renderAuthenticateHeaderValue Render WWW-Authenicate header value.
void addErrorResponseHeaders Add authorization error headers to the headers map.
oatpp::String getScheme Get authorization scheme.
oatpp::String getRealm Get authorization realm.

# AuthorizationHandler::AuthorizationObject

Convenience typedef for AuthorizationObject.

typedef oatpp::web::server::handler::AuthorizationObject AuthorizationObject

# AuthorizationHandler::BufferOutputStream

Convenience typedef for oatpp::data::stream::BufferOutputStream.

typedef oatpp::data::stream::BufferOutputStream BufferOutputStream

# AuthorizationHandler::Headers

Convenience typedef for oatpp::web::protocol::http::Headers.

typedef oatpp::web::protocol::http::Headers Headers

# AuthorizationHandler::AuthorizationHandler

Constructor.

AuthorizationHandler(const oatpp::String& scheme, const oatpp::String& realm)

# AuthorizationHandler::~AuthorizationHandler

Default virtual destructor.

virtual ~AuthorizationHandler() = default

# AuthorizationHandler::handleAuthorization

Implement this method! Return nullptr if authorization should be denied.

virtual std::shared_ptr<AuthorizationObject> handleAuthorization(const oatpp::String& authorizationHeader) = 0

# AuthorizationHandler::renderAuthenticateHeaderValue

Render WWW-Authenicate header value.
Custom Authorization handlers may override this method in order to provide additional information.

virtual void renderAuthenticateHeaderValue(BufferOutputStream& stream)

# AuthorizationHandler::addErrorResponseHeaders

Add authorization error headers to the headers map.

virtual void addErrorResponseHeaders(Headers& headers)

# AuthorizationHandler::getScheme

Get authorization scheme.

  • @return

oatpp::String getScheme()

# AuthorizationHandler::getRealm

Get authorization realm.

  • @return

oatpp::String getRealm()

# DefaultBasicAuthorizationObject

Default Basic AuthorizationObject - Convenience object to enable Basic-Authorization without the need to implement anything.

namespace oatpp { namespace web { namespace server { namespace handler { 
  class DefaultBasicAuthorizationObject : public AuthorizationObject {}
}}}}

# Fields

Type Name Summary
oatpp::String userId User-Id. oatpp::String.
oatpp::String password Password. oatpp::String.

# DefaultBasicAuthorizationObject::userId

User-Id. oatpp::String.

oatpp::String userId

# DefaultBasicAuthorizationObject::password

Password. oatpp::String.

oatpp::String password

# BasicAuthorizationHandler

AuthorizationHandler for Authorization Type Basic.
See RFC 7617.
Extend this class to implement Custom Basic Authorization.

namespace oatpp { namespace web { namespace server { namespace handler { 
  class BasicAuthorizationHandler : public AuthorizationHandler {}
}}}}

# Methods

Return Type Name Summary
[none] BasicAuthorizationHandler Constructor.
std::shared_ptr<AuthorizationObject> handleAuthorization Implementation of AuthorizationHandler::handleAuthorization()
std::shared_ptr<AuthorizationObject> authorize Implement this method! Do the actual authorization here. When not implemented returns DefaultBasicAuthorizationObject.

# BasicAuthorizationHandler::BasicAuthorizationHandler

Constructor.

  • @param realm

BasicAuthorizationHandler(const oatpp::String& realm = "API")

# BasicAuthorizationHandler::handleAuthorization

Implementation of AuthorizationHandler::handleAuthorization()

std::shared_ptr<AuthorizationObject> handleAuthorization(const oatpp::String &header) override

# BasicAuthorizationHandler::authorize

Implement this method! Do the actual authorization here. When not implemented returns DefaultBasicAuthorizationObject.

virtual std::shared_ptr<AuthorizationObject> authorize(const oatpp::String& userId, const oatpp::String& password)

# DefaultBearerAuthorizationObject

Default Bearer AuthorizationObject - Convenience object to enable Bearer-Authorization without the need to implement anything.

namespace oatpp { namespace web { namespace server { namespace handler { 
  class DefaultBearerAuthorizationObject : public AuthorizationObject {}
}}}}

# Fields

Type Name Summary
oatpp::String token Token. oatpp::String.

# DefaultBearerAuthorizationObject::token

Token. oatpp::String.

oatpp::String token

# BearerAuthorizationHandler

AuthorizationHandler for Authorization Type Bearer.
See RFC 6750.
Extend this class to implement Custom Bearer Authorization.

namespace oatpp { namespace web { namespace server { namespace handler { 
  class BearerAuthorizationHandler : public AuthorizationHandler {}
}}}}

# Methods

Return Type Name Summary
[none] BearerAuthorizationHandler Constructor.
std::shared_ptr<AuthorizationObject> handleAuthorization Implementation of AuthorizationHandler::handleAuthorization()
std::shared_ptr<AuthorizationObject> authorize Implement this method! Do the actual authorization here. When not implemented returns DefaultBearerAuthorizationObject.

# BearerAuthorizationHandler::BearerAuthorizationHandler

Constructor.

  • @param realm

BearerAuthorizationHandler(const oatpp::String& realm = "API")

# BearerAuthorizationHandler::handleAuthorization

Implementation of AuthorizationHandler::handleAuthorization()

std::shared_ptr<AuthorizationObject> handleAuthorization(const oatpp::String &header) override

# BearerAuthorizationHandler::authorize

Implement this method! Do the actual authorization here. When not implemented returns DefaultBearerAuthorizationObject.

  • @param token - access token.
  • @return - std::shared_ptr to AuthorizationObject. nullptr - for "Unauthorized".

virtual std::shared_ptr<AuthorizationObject> authorize(const oatpp::String& token)