/*
 * $Id$
 *
 * This file is part of the Cloud Services Integration Platform (CSIP),
 * a Model-as-a-Service framework, API and application suite.
 *
 * 2012-2022, Olaf David and others, OMSLab, Colorado State University.
 *
 * OMSLab licenses this file to you under the MIT license.
 * See the LICENSE file in the project root for more information.
 */
package csip;

/**
 *
 * @author od
 */
interface TokenAuthentication extends AutoCloseable {

  static final String AUTH_SCHEME = "Bearer";


  /**
   * Validates the token. If not valid it should throw a SecurityException.
   *
   * @param token
   * @throws SecurityException
   */
  void validate(String token) throws SecurityException;


  /**
   * Does this method require authentication?
   *
   * @return
   */
  default boolean requiresAuthentication() {
    return true;
  }


  @Override
  default void close() throws Exception {
  }


  // Check if the Authorization header is valid
  // It must not be null and must be prefixed with "Bearer" plus a whitespace
  // The authentication scheme comparison must be case-insensitive
  default boolean isTokenBasedAuthentication(String authHeader) {
    return authHeader != null && authHeader.toLowerCase()
        .startsWith(AUTH_SCHEME.toLowerCase() + " ");
  }


  // Extract the token from the Authorization header
  default String getToken(String authHeader) {
    return authHeader.substring(AUTH_SCHEME.length()).trim();
  }

  static TokenAuthentication NONE = new TokenAuthentication() {
    @Override
    public void validate(String token) throws SecurityException {
    }


    @Override
    public boolean requiresAuthentication() {
      return false;
    }

  };

}