Package io.jans.cedarling.binding.wrapper

Class CedarlingAdapter

  • All Implemented Interfaces:
    java.lang.AutoCloseable 
    
public class CedarlingAdapter
 implements AutoCloseable

    High-level wrapper around the Cedarling UniFFI binding.

    This adapter hides the UniFFI-generated types from application code by providing convenience methods that accept standard Java types (Map, String, JSONObject). The lower-level overloads that accept EntityData and TokenInput directly are still available for advanced use cases.

    The legacy authorize(Map<String,String> tokens, ...) method has been replaced by two dedicated methods:

    • Constructor Detail

      • CedarlingAdapter

        CedarlingAdapter()

    • Method Detail

      • authorizeMultiIssuer

         MultiIssuerAuthorizeResult authorizeMultiIssuer(Map<String, String> tokens, String action, JSONObject resource, JSONObject context)

        Authorize using JWT tokens from multiple issuers.

        This is the recommended replacement for the removed authorize(Map&lt;String,String&gt;, ...) method. Each map entry is a token mapping name (e.g. "Jans::Access_Token") to the raw JWT string.

        Parameters:
        tokens - mapping name → JWT string (must not be null; no null keys or values)
        action - Cedar action (e.g.
        resource - resource as JSONObject (must not be null)
        context - context as JSONObject (may be null; sent as empty JSON object to the engine)
        Returns:

        authorization result

      • authorizeUnsigned

         AuthorizeResult authorizeUnsigned(String principalJson, String action, JSONObject resource, JSONObject context)

        Authorize with a single principal provided as a JSON string.

        This is the simplest way to call authorizeUnsigned without importing any UniFFI types. The JSON string is converted to an EntityData internally.

        Parameters:
        principalJson - single principal as a JSON string (must not be null)
        action - Cedar action
        resource - resource as JSONObject (must not be null)
        context - context as JSONObject (may be null; sent as empty JSON object to the engine)
        Returns:

        authorization result

      • authorizeUnsignedFromJson

         AuthorizeResult authorizeUnsignedFromJson(List<String> principalsJson, String action, JSONObject resource, JSONObject context)

        Authorize with multiple principals provided as JSON strings.

        Use this when you have more than one principal and want to avoid importing UniFFI types. Each JSON string is converted to an EntityData internally.

        Parameters:
        principalsJson - principal JSON strings (must not be null; no null elements)
        action - Cedar action
        resource - resource as JSONObject (must not be null)
        context - context as JSONObject (may be null; sent as empty JSON object to the engine)
        Returns:

        authorization result

      • authorizeUnsigned

         AuthorizeResult authorizeUnsigned(List<EntityData> principals, String action, JSONObject resource, JSONObject context)

        Authorize with pre-built EntityData principals.

        Use this overload when you already have EntityData objects (e.g. from advanced integration code). A null context is sent as an empty JSON object to the engine.

        Parameters:
        resource - resource as JSONObject (must not be null)

      • pushDataCtx

         void pushDataCtx(String key, JSONObject value, Long ttlSecs)

        Push a value into the data store with an optional TTL. If the key already exists, the value will be replaced. If TTL is not provided, the default TTL from configuration is used.

        Parameters:
        key - The key for the data entry
        value - The value to store (as JSONObject)
        ttlSecs - Optional TTL in seconds (null uses default from config)

      • pushDataCtx

         void pushDataCtx(String key, String value, Long ttlSecs)

        Push a value into the data store with an optional TTL. If the key already exists, the value will be replaced. If TTL is not provided, the default TTL from configuration is used.

        Parameters:
        key - The key for the data entry
        value - The value to store (as JSON string)
        ttlSecs - Optional TTL in seconds (null uses default from config)

      • pushDataCtx

         void pushDataCtx(String key, JSONObject value)

        Push a value into the data store without TTL (uses default from config).

        Parameters:
        key - The key for the data entry
        value - The value to store (as JSONObject)

      • pushDataCtx

         void pushDataCtx(String key, String value)

        Push a value into the data store without TTL (uses default from config).

        Parameters:
        key - The key for the data entry
        value - The value to store (as JSON string)

      • getDataCtx

         Object getDataCtx(String key)

        Get a value from the data store by key. Returns null if the key doesn't exist or the entry has expired.

        Parameters:
        key - The key to retrieve
        Returns:

        The value as an Object (JSONObject, JSONArray, String, Number, Boolean, or null), or null if not found

      • getDataEntryCtx

         DataEntry getDataEntryCtx(String key)

        Get a data entry with full metadata by key. Returns null if the key doesn't exist or the entry has expired.

        Parameters:
        key - The key to retrieve
        Returns:

        A DataEntry object with metadata, or null if not found

      • removeDataCtx

         boolean removeDataCtx(String key)

        Remove a value from the data store by key.

        Parameters:
        key - The key to remove
        Returns:

        True if the key existed and was removed, False otherwise

      • clearDataCtx

         void clearDataCtx()

        Clear all entries from the data store.