Package org.apache.cxf.rs.security.oauth2.services

Class RedirectionBasedGrantService

    • Constructor Detail

      • RedirectionBasedGrantService

        protected RedirectionBasedGrantService​(String supportedResponseType,
                                       String supportedGrantType)

      • RedirectionBasedGrantService

        protected RedirectionBasedGrantService​(Set<String> supportedResponseTypes,
                                       String supportedGrantType)

    • Method Detail

      • authorize

        @GET
@Produces({"application/xhtml+xml","text/html","application/xml","application/json"})
public javax.ws.rs.core.Response authorize()
        Handles the initial authorization request by preparing the authorization challenge data and returning it to the user. Typically the data are expected to be presented in the HTML form
        Returns:
        the authorization data

      • authorizePost

        @POST
@Consumes("application/x-www-form-urlencoded")
@Produces({"application/xhtml+xml","text/html","application/xml","application/json"})
public javax.ws.rs.core.Response authorizePost​(javax.ws.rs.core.MultivaluedMap<String,​String> params)
        Handles the initial authorization request by preparing the authorization challenge data and returning it to the user. Typically the data are expected to be presented in the HTML form
        Returns:
        the authorization data

      • authorizeDecision

        @GET
@Path("/decision")
public javax.ws.rs.core.Response authorizeDecision()
        Processes the end user decision
        Returns:
        The grant value, authorization code or the token

      • authorizeDecisionForm

        @POST
@Path("/decision")
@Consumes("application/x-www-form-urlencoded")
public javax.ws.rs.core.Response authorizeDecisionForm​(javax.ws.rs.core.MultivaluedMap<String,​String> params)
        Processes the end user decision
        Returns:
        The grant value, authorization code or the token

      • startAuthorization

        protected javax.ws.rs.core.Response startAuthorization​(javax.ws.rs.core.MultivaluedMap<String,​String> params)
        Starts the authorization process

      • startAuthorization

        protected javax.ws.rs.core.Response startAuthorization​(javax.ws.rs.core.MultivaluedMap<String,​String> params,
                                                       UserSubject userSubject,
                                                       Client client,
                                                       String redirectUri)

      • getSupportedResponseTypes

        public Set<String> getSupportedResponseTypes()

      • recreateRedirectionStateFromParams

        protected OAuthRedirectionState recreateRedirectionStateFromParams​(javax.ws.rs.core.MultivaluedMap<String,​String> params)

      • completeAuthorization

        protected javax.ws.rs.core.Response completeAuthorization​(javax.ws.rs.core.MultivaluedMap<String,​String> params)
        Completes the authorization process

      • isRevokePreauthorizedTokenOnApproval

        public boolean isRevokePreauthorizedTokenOnApproval()

      • setRevokePreauthorizedTokenOnApproval

        public void setRevokePreauthorizedTokenOnApproval​(boolean revoke)

      • setSubjectCreator

        public void setSubjectCreator​(SubjectCreator creator)

      • createErrorResponse

        protected javax.ws.rs.core.Response createErrorResponse​(javax.ws.rs.core.MultivaluedMap<String,​String> params,
                                                        String redirectUri,
                                                        String error)

      • canAccessTokenBeReturned

        protected boolean canAccessTokenBeReturned​(String responseType)

      • createErrorResponse

        protected abstract javax.ws.rs.core.Response createErrorResponse​(String state,
                                                                 String redirectUri,
                                                                 String error)

      • getAndValidateSecurityContext

        protected SecurityContext getAndValidateSecurityContext​(javax.ws.rs.core.MultivaluedMap<String,​String> params)

      • validateRedirectUri

        protected String validateRedirectUri​(Client client,
                                     String redirectUri)

      • getClient

        protected Client getClient​(String clientId,
                           javax.ws.rs.core.MultivaluedMap<String,​String> params)
        Get the Client reference
        Parameters:
        params - request parameters
        Returns:
        Client the client reference

      • createHtmlResponse

        protected javax.ws.rs.core.Response createHtmlResponse​(Object response)

      • getSupportedGrantType

        protected String getSupportedGrantType()

      • setResourceOwnerNameProvider

        public void setResourceOwnerNameProvider​(ResourceOwnerNameProvider resourceOwnerNameProvider)

      • setPartialMatchScopeValidation

        public void setPartialMatchScopeValidation​(boolean partialMatchScopeValidation)

      • setUseAllClientScopes

        public void setUseAllClientScopes​(boolean useAllClientScopes)

      • setUseRegisteredRedirectUriIfPossible

        public void setUseRegisteredRedirectUriIfPossible​(boolean use)
        If a client does not include a redirect_uri parameter but has an exactly one pre-registered redirect_uri then use that redirect_uri
        Parameters:
        use - allows to use a single registered redirect_uri if set to true (default)

      • canSupportPublicClient

        protected abstract boolean canSupportPublicClient​(Client c)

      • canRedirectUriBeEmpty

        protected abstract boolean canRedirectUriBeEmpty​(Client c)

      • setMaxDefaultSessionInterval

        public void setMaxDefaultSessionInterval​(int maxDefaultSessionInterval)

      • setMatchRedirectUriWithApplicationUri

        public void setMatchRedirectUriWithApplicationUri​(boolean matchRedirectUriWithApplicationUri)

      • setHidePreauthorizedScopesInForm

        public void setHidePreauthorizedScopesInForm​(boolean hidePreauthorizedScopesInForm)

      • setScopesRequiringNoConsent

        public void setScopesRequiringNoConsent​(List<String> scopesRequiringNoConsent)

      • setSupportSinglePageApplications

        public void setSupportSinglePageApplications​(boolean supportSinglePageApplications)