core / com.schibsted.account.network / AuthInterceptor / <init>

<init>

AuthInterceptor(user: User, urlWhitelist: List<String>, allowNonHttps: Boolean = false, allowNonWhitelistedDomains: Boolean = false, timeout: Long = 10_000, authChecks: Sequence<AuthCheck> = sequenceOf( checkUrlInWhitelist(urlWhitelist, allowNonWhitelistedDomains), protocolCheck(allowNonHttps) ))

Creates an interceptor which will do authenticated requests to whitelisted urls. By default, requests to non-whitelisted domains will be rejected as well as non-https requests. This can be overridden using allowNonWhitelistedDomains and allowNonHttps. Will throw an IllegalArgumentException if whitelisted domains are not over HTTPS if non-https is not allowed

Parameters

user - The user session to bind

urlWhitelist - The whitelist of URLs which be authenticated against

allowNonWhitelistedDomains - By default, all non-whitelisted domains will be rejected unless this is set to true. Please note that the auth header will not be injected for any domains not in the whitelist. Defaults to false

allowNonHttps - Whether or not non-https domains should be allowed. Defaults to false

timeout - The timeout for token refreshing