Package dev.dokimos.server.filter

Class ApiKeyAuthenticator

java.lang.Object

dev.dokimos.server.filter.ApiKeyAuthenticator

All Implemented Interfaces:

Authenticator

@Component
public class ApiKeyAuthenticator
extends Object
implements Authenticator

Authenticator backed by two credential sources that coexist for backward compatibility: the single legacy key configured via DOKIMOS_API_KEY (which maps to Role.ADMIN), and the scoped keys stored in api_keys (each hashed, each carrying its own role and tenant).

The deployment is in authenticated mode when either a legacy key is configured or at least one enabled scoped key exists. Outside authenticated mode the behavior is unchanged from before this feature: reads and writes both pass through as the system principal. In authenticated mode reads stay open (matching the prior default that reads are always allowed) while writes require a valid Bearer credential. A presented raw key is hashed with SHA-256 and matched against enabled keys; the resolved principal carries the key's role and tenant.

Constructor Summary

Constructors

Constructor	Description
ApiKeyAuthenticator(ApiKeyProperties apiKeyProperties, ApiKeyRepository apiKeyRepository)

Method Summary

Modifier and Type	Method	Description
Optional<Principal>	authenticate(String method, String authorizationHeader)	Resolves the principal for a request based on its method and credential.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ApiKeyAuthenticator

public ApiKeyAuthenticator(ApiKeyProperties apiKeyProperties,
 ApiKeyRepository apiKeyRepository)

Method Details

authenticate

@Transactional
public Optional<Principal> authenticate(String method,
 String authorizationHeader)

Description copied from interface: Authenticator

Resolves the principal for a request based on its method and credential.

The method is honored so reads stay open in the default deployment: a read returns the system principal when no credential is presented. A write with no configured authentication also returns the system principal (open mode). Otherwise a valid Bearer credential resolves to the principal it identifies, and an invalid or missing credential on a write returns empty (rejected). Authorization of the resolved principal against the requested action is the caller's responsibility.

Specified by:

authenticate in interface Authenticator

Parameters:

method - the HTTP method

authorizationHeader - value of the Authorization header, or null when absent

Returns:

the principal for an allowed request, or empty to reject