org.springframework.security.oauth.consumer.filter
Class OAuthConsumerProcessingFilter

java.lang.Object
  extended by org.springframework.security.oauth.consumer.filter.OAuthConsumerProcessingFilter
All Implemented Interfaces:
Filter, Aware, InitializingBean, MessageSourceAware

public class OAuthConsumerProcessingFilter
extends Object
implements Filter, InitializingBean, MessageSourceAware

OAuth consumer processing filter. This filter should be applied to requests for OAuth protected resources (see OAuth Core 1.0).

When servicing a request that requires protected resources, this filter sets a request attribute (default "OAUTH_ACCESS_TOKENS") that contains the list of OAuthConsumerTokens.

Author:
Ryan Heaton, Andrew McCall

Field Summary
protected  MessageSourceAccessor messages
           
 
Constructor Summary
OAuthConsumerProcessingFilter()
           
 
Method Summary
 void afterPropertiesSet()
           
 void destroy()
           
 void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)
           
protected  Set<String> getAccessTokenDependencies(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
          Loads the access token dependencies for the given request.
 org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource getObjectDefinitionSource()
          The filter invocation definition source.
 ProtectedResourceDetailsService getProtectedResourceDetailsService()
          The protected resource details service.
 void init(FilterConfig ignored)
           
 boolean isRequireAuthenticated()
          Whether to require the current authentication to be authenticated.
 void setMessageSource(MessageSource messageSource)
          Set the message source.
 void setObjectDefinitionSource(org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource objectDefinitionSource)
          The filter invocation definition source.
 void setProtectedResourceDetailsService(ProtectedResourceDetailsService protectedResourceDetailsService)
          The protected resource details service.
 void setRequireAuthenticated(boolean requireAuthenticated)
          Whether to require the current authentication to be authenticated.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

messages

protected MessageSourceAccessor messages
Constructor Detail

OAuthConsumerProcessingFilter

public OAuthConsumerProcessingFilter()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Specified by:
afterPropertiesSet in interface InitializingBean
Throws:
Exception

init

public void init(FilterConfig ignored)
          throws ServletException
Specified by:
init in interface Filter
Throws:
ServletException

destroy

public void destroy()
Specified by:
destroy in interface Filter

doFilter

public void doFilter(ServletRequest servletRequest,
                     ServletResponse servletResponse,
                     FilterChain chain)
              throws IOException,
                     ServletException
Specified by:
doFilter in interface Filter
Throws:
IOException
ServletException

getAccessTokenDependencies

protected Set<String> getAccessTokenDependencies(HttpServletRequest request,
                                                 HttpServletResponse response,
                                                 FilterChain filterChain)
Loads the access token dependencies for the given request. This will be a set of resource ids for which an OAuth access token is required.

Parameters:
request - The request.
response - The response
filterChain - The filter chain
Returns:
The access token dependencies (could be empty).

getProtectedResourceDetailsService

public ProtectedResourceDetailsService getProtectedResourceDetailsService()
The protected resource details service.

Returns:
The protected resource details service.

setProtectedResourceDetailsService

@Autowired
public void setProtectedResourceDetailsService(ProtectedResourceDetailsService protectedResourceDetailsService)
The protected resource details service.

Parameters:
protectedResourceDetailsService - The protected resource details service.

getObjectDefinitionSource

public org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource getObjectDefinitionSource()
The filter invocation definition source.

Returns:
The filter invocation definition source.

setObjectDefinitionSource

public void setObjectDefinitionSource(org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource objectDefinitionSource)
The filter invocation definition source.

Parameters:
objectDefinitionSource - The filter invocation definition source.

setMessageSource

public void setMessageSource(MessageSource messageSource)
Set the message source.

Specified by:
setMessageSource in interface MessageSourceAware
Parameters:
messageSource - The message source.

isRequireAuthenticated

public boolean isRequireAuthenticated()
Whether to require the current authentication to be authenticated.

Returns:
Whether to require the current authentication to be authenticated.

setRequireAuthenticated

public void setRequireAuthenticated(boolean requireAuthenticated)
Whether to require the current authentication to be authenticated.

Parameters:
requireAuthenticated - Whether to require the current authentication to be authenticated.


Copyright © 2012. All Rights Reserved.