org.springframework.security.oauth.consumer.filter
Class OAuthConsumerContextFilter

java.lang.Object
  extended by org.springframework.security.oauth.consumer.filter.OAuthConsumerContextFilter
All Implemented Interfaces:
Filter, Aware, InitializingBean, MessageSourceAware

public class OAuthConsumerContextFilter
extends Object
implements Filter, InitializingBean, MessageSourceAware

OAuth filter that establishes an OAuth security context.

Author:
Ryan Heaton

Field Summary
static String ACCESS_TOKENS_DEFAULT_ATTRIBUTE
           
protected  MessageSourceAccessor messages
           
static String OAUTH_FAILURE_KEY
           
 
Constructor Summary
OAuthConsumerContextFilter()
           
 
Method Summary
 void afterPropertiesSet()
           
protected  ProtectedResourceDetails checkForResourceThatNeedsAuthorization(Exception ex)
          Check the given exception for the resource that needs authorization.
 void destroy()
           
 void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)
           
protected  void fail(HttpServletRequest request, HttpServletResponse response, OAuthRequestFailedException failure)
          Common logic for OAuth failed.
 String getAccessTokensRequestAttribute()
          The default request attribute into which the OAuth access tokens are stored.
protected  String getCallbackURL(HttpServletRequest request)
          Get the callback URL for the specified request.
 OAuthConsumerSupport getConsumerSupport()
          The OAuth consumer support.
 org.springframework.security.web.access.AccessDeniedHandler getOAuthFailureHandler()
          The oauth failure handler.
 org.springframework.security.web.PortResolver getPortResolver()
          The port resolver.
 org.springframework.security.web.RedirectStrategy getRedirectStrategy()
          The redirect strategy.
 OAuthRememberMeServices getRememberMeServices()
          The remember-me services.
 org.springframework.security.web.util.ThrowableAnalyzer getThrowableAnalyzer()
          The throwable analyzer.
 OAuthConsumerTokenServices getTokenServices()
          The token services.
protected  String getUserAuthorizationRedirectURL(ProtectedResourceDetails details, OAuthConsumerToken requestToken, String callbackURL)
          Get the URL to which to redirect the user for authorization of protected resources.
 void init(FilterConfig ignored)
           
 void setAccessTokensRequestAttribute(String accessTokensRequestAttribute)
          The default request attribute into which the OAuth access tokens are stored.
 void setConsumerSupport(OAuthConsumerSupport consumerSupport)
          The OAuth consumer support.
 void setMessageSource(MessageSource messageSource)
          Set the message source.
 void setOAuthFailureHandler(org.springframework.security.web.access.AccessDeniedHandler OAuthFailureHandler)
          The oauth failure handler.
 void setPortResolver(org.springframework.security.web.PortResolver portResolver)
          The port resolver.
 void setRedirectStrategy(org.springframework.security.web.RedirectStrategy redirectStrategy)
          The redirect strategy.
 void setRememberMeServices(OAuthRememberMeServices rememberMeServices)
          The remember-me services.
 void setThrowableAnalyzer(org.springframework.security.web.util.ThrowableAnalyzer throwableAnalyzer)
          The throwable analyzer.
 void setTokenServices(OAuthConsumerTokenServices tokenServices)
          The token services.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ACCESS_TOKENS_DEFAULT_ATTRIBUTE

public static final String ACCESS_TOKENS_DEFAULT_ATTRIBUTE
See Also:
Constant Field Values

OAUTH_FAILURE_KEY

public static final String OAUTH_FAILURE_KEY
See Also:
Constant Field Values

messages

protected MessageSourceAccessor messages
Constructor Detail

OAuthConsumerContextFilter

public OAuthConsumerContextFilter()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Specified by:
afterPropertiesSet in interface InitializingBean
Throws:
Exception

init

public void init(FilterConfig ignored)
          throws ServletException
Specified by:
init in interface Filter
Throws:
ServletException

destroy

public void destroy()
Specified by:
destroy in interface Filter

doFilter

public void doFilter(ServletRequest servletRequest,
                     ServletResponse servletResponse,
                     FilterChain chain)
              throws IOException,
                     ServletException
Specified by:
doFilter in interface Filter
Throws:
IOException
ServletException

checkForResourceThatNeedsAuthorization

protected ProtectedResourceDetails checkForResourceThatNeedsAuthorization(Exception ex)
                                                                   throws ServletException,
                                                                          IOException
Check the given exception for the resource that needs authorization. If the exception was not thrown because a resource needed authorization, then rethrow the exception.

Parameters:
ex - The exception.
Returns:
The resource that needed authorization (never null).
Throws:
ServletException
IOException

getCallbackURL

protected String getCallbackURL(HttpServletRequest request)
Get the callback URL for the specified request.

Parameters:
request - The request.
Returns:
The callback URL.

getUserAuthorizationRedirectURL

protected String getUserAuthorizationRedirectURL(ProtectedResourceDetails details,
                                                 OAuthConsumerToken requestToken,
                                                 String callbackURL)
Get the URL to which to redirect the user for authorization of protected resources.

Parameters:
details - The resource for which to get the authorization url.
requestToken - The request token.
callbackURL - The callback URL.
Returns:
The URL.

fail

protected void fail(HttpServletRequest request,
                    HttpServletResponse response,
                    OAuthRequestFailedException failure)
             throws IOException,
                    ServletException
Common logic for OAuth failed. (Note that the default logic doesn't pass the failure through so as to not mess with the current authentication.)

Parameters:
request - The request.
response - The response.
failure - The failure.
Throws:
IOException
ServletException

getOAuthFailureHandler

public org.springframework.security.web.access.AccessDeniedHandler getOAuthFailureHandler()
The oauth failure handler.

Returns:
The oauth failure handler.

setOAuthFailureHandler

public void setOAuthFailureHandler(org.springframework.security.web.access.AccessDeniedHandler OAuthFailureHandler)
The oauth failure handler.

Parameters:
OAuthFailureHandler - The oauth failure handler.

getTokenServices

public OAuthConsumerTokenServices getTokenServices()
The token services.

Returns:
The token services.

setTokenServices

public void setTokenServices(OAuthConsumerTokenServices tokenServices)
The token services.

Parameters:
tokenServices - The token services.

setMessageSource

public void setMessageSource(MessageSource messageSource)
Set the message source.

Specified by:
setMessageSource in interface MessageSourceAware
Parameters:
messageSource - The message source.

getConsumerSupport

public OAuthConsumerSupport getConsumerSupport()
The OAuth consumer support.

Returns:
The OAuth consumer support.

setConsumerSupport

@Autowired
public void setConsumerSupport(OAuthConsumerSupport consumerSupport)
The OAuth consumer support.

Parameters:
consumerSupport - The OAuth consumer support.

getAccessTokensRequestAttribute

public String getAccessTokensRequestAttribute()
The default request attribute into which the OAuth access tokens are stored.

Returns:
The default request attribute into which the OAuth access tokens are stored.

setAccessTokensRequestAttribute

public void setAccessTokensRequestAttribute(String accessTokensRequestAttribute)
The default request attribute into which the OAuth access tokens are stored.

Parameters:
accessTokensRequestAttribute - The default request attribute into which the OAuth access tokens are stored.

getPortResolver

public org.springframework.security.web.PortResolver getPortResolver()
The port resolver.

Returns:
The port resolver.

setPortResolver

@Autowired(required=false)
public void setPortResolver(org.springframework.security.web.PortResolver portResolver)
The port resolver.

Parameters:
portResolver - The port resolver.

getRememberMeServices

public OAuthRememberMeServices getRememberMeServices()
The remember-me services.

Returns:
The remember-me services.

setRememberMeServices

public void setRememberMeServices(OAuthRememberMeServices rememberMeServices)
The remember-me services.

Parameters:
rememberMeServices - The remember-me services.

getThrowableAnalyzer

public org.springframework.security.web.util.ThrowableAnalyzer getThrowableAnalyzer()
The throwable analyzer.

Returns:
The throwable analyzer.

setThrowableAnalyzer

public void setThrowableAnalyzer(org.springframework.security.web.util.ThrowableAnalyzer throwableAnalyzer)
The throwable analyzer.

Parameters:
throwableAnalyzer - The throwable analyzer.

getRedirectStrategy

public org.springframework.security.web.RedirectStrategy getRedirectStrategy()
The redirect strategy.

Returns:
The redirect strategy.

setRedirectStrategy

public void setRedirectStrategy(org.springframework.security.web.RedirectStrategy redirectStrategy)
The redirect strategy.

Parameters:
redirectStrategy - The redirect strategy.


Copyright © 2012. All Rights Reserved.