Package org.alfresco.repo.security.authentication.identityservice

Record Class UserToken

java.lang.Object
java.lang.Record
org.alfresco.repo.security.authentication.identityservice.UserToken
All Implemented Interfaces:
Serializable
public record UserToken(String normalizedUsername, String tokenString) extends Record implements Serializable
Result of a successful user authentication against the Identity Service.

Carries the normalized principal name (the canonical user identifier resolved by the IdP, which may differ from the credentials supplied by the caller) and the access-token string returned by the IdP. The token is exposed so that components (e.g., a caching UserTokenProvider) can re-validate it locally without contacting the IdP again.

Bearer-credential handling: tokenString() returns a bearer credential. Callers MUST NOT log, persist, or replicate it across processes. toString() is deliberately overridden to omit the token (the record-default would echo every component) so that accidental logger.debug(token) calls cannot leak the credential.

See Also:

  • Constructor Summary

    Constructors
    Constructor
    Description
    UserToken(String normalizedUsername, String tokenString)
    Creates an instance of a UserToken record class.

  • Method Summary

    Modifier and Type
    Method
    Description
    final boolean
    equals(Object o)
    Indicates whether some other object is "equal to" this one.
    final int
    hashCode()
    Returns a hash code value for this object.
    String
    normalizedUsername()
    Returns the value of the normalizedUsername record component.
    String
    tokenString()
    Returns the value of the tokenString record component.
    String
    toString()
    Overrides the record-generated toString() to suppress the bearer token.

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

  • Constructor Details

    • UserToken

      public UserToken(String normalizedUsername, String tokenString)
      Creates an instance of a UserToken record class.
      Parameters:
      normalizedUsername - the value for the normalizedUsername record component
      tokenString - the value for the tokenString record component

  • Method Details

    • toString

      public String toString()
      Overrides the record-generated toString() to suppress the bearer token. Only the principal name is exposed so accidental log/print statements cannot leak the credential.
      Specified by:
      toString in class Record

    • hashCode

      public final int hashCode()
      Returns a hash code value for this object. The value is derived from the hash code of each of the record components.
      Specified by:
      hashCode in class Record
      Returns:
      a hash code value for this object

    • equals

      public final boolean equals(Object o)
      Indicates whether some other object is "equal to" this one. The objects are equal if the other object is of the same class and if all the record components are equal. All components in this record class are compared with Objects::equals(Object,Object).
      Specified by:
      equals in class Record
      Parameters:
      o - the object with which to compare
      Returns:
      true if this object is the same as the o argument; false otherwise.

    • normalizedUsername

      public String normalizedUsername()
      Returns the value of the normalizedUsername record component.
      Returns:
      the value of the normalizedUsername record component

    • tokenString

      public String tokenString()
      Returns the value of the tokenString record component.
      Returns:
      the value of the tokenString record component