return SUPPORTED_AUTHENTICATION_TYPE.equals(authHeaderPrefix);
}
public Response handle(Message message, ClassResourceInfo classResourceInfo) {
try {
OAuth2TokenValidationResponseDTO respDTO;
ValidationServiceClient validationServiceClient = new
ValidationServiceClient(oauthValidationEndpoint, username, password);
HttpHeaders httpHeaders = new HttpHeadersImpl(message);
String header = httpHeaders.getRequestHeaders().getFirst("Authorization");
// if the authorization token has Bearer..
if (header.startsWith("Bearer ")) {
String accessToken = header.substring(7).trim();
respDTO = validationServiceClient.validateAuthenticationRequest(accessToken); //TODO : send scope params
boolean valid = respDTO.getValid();
if (!valid) {
// authorization failure..
return Response.status(Response.Status.FORBIDDEN).build();
}
}