| .. | .. |
|---|
| 1 | +/* |
|---|
| 2 | +* Copyright @ 2013 CurisTEC, S.A.S. All Rights Reserved. |
|---|
| 3 | +*/ |
|---|
| 1 | 4 | package net.curisit.securis.security; |
|---|
| 2 | 5 | |
|---|
| 3 | 6 | import java.lang.annotation.ElementType; |
|---|
| .. | .. |
|---|
| 7 | 10 | |
|---|
| 8 | 11 | import net.curisit.securis.utils.TokenHelper; |
|---|
| 9 | 12 | |
|---|
| 13 | +/** |
|---|
| 14 | +* Securable |
|---|
| 15 | +* <p> |
|---|
| 16 | +* Method-level annotation to declare security requirements: |
|---|
| 17 | +* - {@link #header()} name containing the auth token (defaults to {@link TokenHelper#TOKEN_HEADER_PÀRAM}). |
|---|
| 18 | +* - {@link #roles()} required role bitmask; {@code 0} means no role restriction. |
|---|
| 19 | +* |
|---|
| 20 | +* Intended to be enforced by request filters/interceptors (e.g., RequestsInterceptor). |
|---|
| 21 | +* |
|---|
| 22 | +* @author JRA |
|---|
| 23 | +* Last reviewed by JRA on Oct 5, 2025. |
|---|
| 24 | +*/ |
|---|
| 10 | 25 | @Retention(RetentionPolicy.RUNTIME) |
|---|
| 11 | 26 | @Target(ElementType.METHOD) |
|---|
| 12 | 27 | public @interface Securable { |
|---|
| 13 | | - /** |
|---|
| 14 | | - * Name of header parameter with the auth token to validate |
|---|
| 15 | | - */ |
|---|
| 28 | + |
|---|
| 29 | + /** Header name carrying the token to validate. */ |
|---|
| 16 | 30 | String header() default TokenHelper.TOKEN_HEADER_PÀRAM; |
|---|
| 17 | 31 | |
|---|
| 18 | | - /** |
|---|
| 19 | | - * Bit mask with the rol or roles necessary to access the method |
|---|
| 20 | | - */ |
|---|
| 32 | + /** Bitmask of required roles; set 0 for public endpoints (token still may be required). */ |
|---|
| 21 | 33 | int roles() default 0; |
|---|
| 22 | 34 | } |
|---|
