public abstract class RedirectionBasedGrantService extends AbstractOAuthService
| Modifier | Constructor and Description |
|---|---|
protected |
RedirectionBasedGrantService(String supportedResponseType,
String supportedGrantType) |
| Modifier and Type | Method and Description |
|---|---|
javax.ws.rs.core.Response |
authorize()
Handles the initial authorization request by preparing
the authorization challenge data and returning it to the user.
|
javax.ws.rs.core.Response |
authorizeDecision()
Processes the end user decision
|
javax.ws.rs.core.Response |
authorizeDecisionForm(javax.ws.rs.core.MultivaluedMap<String,String> params)
Processes the end user decision
|
protected abstract boolean |
canRedirectUriBeEmpty(Client c) |
protected abstract boolean |
canSupportPublicClient(Client c) |
protected javax.ws.rs.core.Response |
completeAuthorization(javax.ws.rs.core.MultivaluedMap<String,String> params)
Completes the authorization process
|
protected OAuthAuthorizationData |
createAuthorizationData(Client client,
javax.ws.rs.core.MultivaluedMap<String,String> params,
String redirectUri,
List<OAuthPermission> perms)
Create the authorization challenge data
|
protected abstract javax.ws.rs.core.Response |
createErrorResponse(javax.ws.rs.core.MultivaluedMap<String,String> params,
String redirectUri,
String error) |
protected abstract javax.ws.rs.core.Response |
createGrant(javax.ws.rs.core.MultivaluedMap<String,String> params,
Client client,
String redirectUri,
List<String> requestedScope,
List<String> approvedScope,
UserSubject userSubject,
ServerAccessToken preAuthorizedToken) |
protected UserSubject |
createUserSubject(SecurityContext securityContext) |
protected Client |
getClient(javax.ws.rs.core.MultivaluedMap<String,String> params)
Get the
Client reference |
protected void |
personalizeData(OAuthAuthorizationData data,
UserSubject userSubject) |
void |
setPartialMatchScopeValidation(boolean partialMatchScopeValidation) |
void |
setResourceOwnerNameProvider(ResourceOwnerNameProvider resourceOwnerNameProvider) |
void |
setSessionAuthenticityTokenProvider(SessionAuthenticityTokenProvider sessionAuthenticityTokenProvider) |
void |
setSubjectCreator(SubjectCreator creator) |
void |
setUseRegisteredRedirectUriIfPossible(boolean use)
If a client does not include a redirect_uri parameter but has an exactly one
pre-registered redirect_uri then use that redirect_uri
|
protected javax.ws.rs.core.Response |
startAuthorization(javax.ws.rs.core.MultivaluedMap<String,String> params)
Starts the authorization process
|
protected String |
validateRedirectUri(Client client,
String redirectUri) |
checkTransportSecurity, getDataProvider, getMessageContext, getQueryParameters, getValidClient, getValidClient, isWriteOptionalParameters, reportInvalidRequestError, reportInvalidRequestError, reportInvalidRequestError, reportInvalidRequestError, setBlockUnsecureRequests, setDataProvider, setMessageContext, setWriteOptionalParameterspublic javax.ws.rs.core.Response authorize()
public javax.ws.rs.core.Response authorizeDecision()
public javax.ws.rs.core.Response authorizeDecisionForm(javax.ws.rs.core.MultivaluedMap<String,String> params)
protected javax.ws.rs.core.Response startAuthorization(javax.ws.rs.core.MultivaluedMap<String,String> params)
protected OAuthAuthorizationData createAuthorizationData(Client client, javax.ws.rs.core.MultivaluedMap<String,String> params, String redirectUri, List<OAuthPermission> perms)
protected void personalizeData(OAuthAuthorizationData data, UserSubject userSubject)
protected javax.ws.rs.core.Response completeAuthorization(javax.ws.rs.core.MultivaluedMap<String,String> params)
public void setSessionAuthenticityTokenProvider(SessionAuthenticityTokenProvider sessionAuthenticityTokenProvider)
public void setSubjectCreator(SubjectCreator creator)
protected UserSubject createUserSubject(SecurityContext securityContext)
protected abstract javax.ws.rs.core.Response createErrorResponse(javax.ws.rs.core.MultivaluedMap<String,String> params, String redirectUri, String error)
protected abstract javax.ws.rs.core.Response createGrant(javax.ws.rs.core.MultivaluedMap<String,String> params, Client client, String redirectUri, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken)
protected Client getClient(javax.ws.rs.core.MultivaluedMap<String,String> params)
Client referenceparams - request parameters{@link - javax.ws.rs.WebApplicationException} if no matching Client is found,
the error is returned directly to the end user without
following the redirect URI if anypublic void setResourceOwnerNameProvider(ResourceOwnerNameProvider resourceOwnerNameProvider)
public void setPartialMatchScopeValidation(boolean partialMatchScopeValidation)
public void setUseRegisteredRedirectUriIfPossible(boolean use)
use - allows to use a single registered redirect_uri if set to true (default)protected abstract boolean canSupportPublicClient(Client c)
protected abstract boolean canRedirectUriBeEmpty(Client c)
Apache CXF