org.springframework.security.oauth.provider.token
Interface OAuthProviderTokenServices

All Known Implementing Classes:
InMemoryProviderTokenServices, InMemorySelfCleaningProviderTokenServices, RandomValueProviderTokenServices

public interface OAuthProviderTokenServices

Author:
Ryan Heaton

Method Summary
 void authorizeRequestToken(String requestToken, String verifier, org.springframework.security.core.Authentication authentication)
          Authorize the specified request token with the specified authentication credentials.
 OAuthAccessProviderToken createAccessToken(String requestToken)
          Create an OAuth access token given the specified request token.
 OAuthProviderToken createUnauthorizedRequestToken(String consumerKey, String callbackUrl)
          Create an unauthorized OAuth request token.
 OAuthProviderToken getToken(String token)
          Read a token by its value.
 

Method Detail

getToken

OAuthProviderToken getToken(String token)
                            throws org.springframework.security.core.AuthenticationException
Read a token by its value.

Parameters:
token - The token value.
Returns:
The token.
Throws:
org.springframework.security.core.AuthenticationException - If the token is invalid, expired, or disabled.

createUnauthorizedRequestToken

OAuthProviderToken createUnauthorizedRequestToken(String consumerKey,
                                                  String callbackUrl)
                                                  throws org.springframework.security.core.AuthenticationException
Create an unauthorized OAuth request token.

Parameters:
consumerKey - The consumer key for which to create the token.
callbackUrl - The callback URL associated with the consumer key.
Returns:
The token.
Throws:
org.springframework.security.core.AuthenticationException - If the consumer isn't valid or otherwise isn't allowed to create a new request token.

authorizeRequestToken

void authorizeRequestToken(String requestToken,
                           String verifier,
                           org.springframework.security.core.Authentication authentication)
                           throws org.springframework.security.core.AuthenticationException
Authorize the specified request token with the specified authentication credentials. After the request token is authorized, the consumer to which that request token was issued will be able to use it to obtain an access token.

Parameters:
requestToken - The request token.
verifier - The verifier to be assigned to the request token.
authentication - The authentication credentials with which to authorize the request token. This is the authentication of the user who has signed in and is authorizing the consumer to have access to a protected resource. This same authentication can be pulled from the security context, but it's passed explicitly here to suggest to the method implementation that it needs to take into account what authorities are being granted to the consumer by the user.
Throws:
org.springframework.security.core.AuthenticationException - If the token is expired or otherwise unauthorizable, or if the authentication credentials are insufficient.

createAccessToken

OAuthAccessProviderToken createAccessToken(String requestToken)
                                           throws org.springframework.security.core.AuthenticationException
Create an OAuth access token given the specified request token. This token will be used to provide access to a protected resource. After the access token is created, the request token should be invalidated.

Parameters:
requestToken - The (presumably authorized) request token used to create the access token.
Returns:
The access token.
Throws:
org.springframework.security.core.AuthenticationException - If the request token is expired or disabled or doesn't reference the necessary authentication credentials or otherwise isn't authorized.


Copyright © 2012. All Rights Reserved.