Files
user-management/src/main/java/com/cleverthis/authservice/service/IdentityManagerService.java
T
Abed c488de8f2b
Unit test coverage / gradle-test (push) Failing after 1m32s
CI for publishing docker image / build-and-publish (push) Failing after 1m38s
Unit test coverage / gradle-test (pull_request) Failing after 1m0s
Implement New User Registration in auth-service #8
2025-05-27 01:50:29 +02:00

68 lines
3.0 KiB
Java

package com.cleverthis.authservice.service;
import com.cleverthis.authservice.dto.RegistrationRequest;
import com.cleverthis.authservice.dto.TokenResponse;
import com.cleverthis.authservice.dto.VerificationResponse;
import reactor.core.publisher.Mono; // Using Mono for asynchronous operations with WebClient
/**
* Interface defining operations for interacting with an identity provider. This abstraction allows
* swapping the underlying implementation (e.g., Keycloak, Okta) without changing the controller
* logic.
*/
public interface IdentityManagerService {
/**
* Authenticates a user using username and password (Resource Owner Password Credentials Grant).
*
* @param username The user's username.
* @param password The user's password.
* @return A Mono emitting the TokenResponse upon successful authentication. Emits an error
* (e.g., AuthenticationException) if authentication fails.
*/
Mono<TokenResponse> login(String username, String password);
/**
* Verifies the validity of an access token and retrieves associated user information.
*
* @param accessToken The access token (without "Bearer " prefix).
* @return A Mono emitting the VerificationResponse containing token details and user info.
* Emits an error if the token is invalid, expired, or introspection fails.
*/
Mono<VerificationResponse> verifyToken(String accessToken);
/**
* Logs out a user session by revoking the refresh token.
*
* @param refreshToken The refresh token associated with the user session.
* @return A Mono completing successfully upon successful logout/revocation. Emits an error if
* revocation fails.
*/
Mono<Void> logout(String refreshToken);
/**
* Checks if a user has a specific client role for a target service (Keycloak client).
*
* @param userSub The subject (ID) of the user.
* @param targetServiceClientId The public client ID of the target service/application
* in Keycloak.
* @param requiredRoleName The name of the client role to check for.
* @return A Mono emitting true if the user has the role, false otherwise. Emits an error if the
* check cannot be performed (e.g., Keycloak unavailable).
*/
Mono<Boolean> checkUserClientRolePermission(String userSub, String targetServiceClientId,
String requiredRoleName);
/**
* Registers a new user in the identity provider.
* The user is typically created with emailVerified set to false.
* The implementation is responsible for initiating the email verification process
* (e.g., generating a token, triggering an email).
*
* @param registrationRequest DTO containing user registration details.
* @return A Mono completing successfully if registration initiation is successful.
* Emits an error (e.g., UserAlreadyExistsException) if registration fails.
*/
Mono<Void> registerUser(RegistrationRequest registrationRequest);
}