org.springframework.security.oauth2.client.token
Class AccessTokenProviderChain

java.lang.Object
  extended by org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport
      extended by org.springframework.security.oauth2.client.token.AccessTokenProviderChain
All Implemented Interfaces:
AccessTokenProvider

public class AccessTokenProviderChain
extends OAuth2AccessTokenSupport
implements AccessTokenProvider

A chain of OAuth2 access token providers. This implementation will iterate through its chain to find the first provider that supports the resource and use it to obtain the access token. Note that the order of the chain is relevant.

Author:
Ryan Heaton, Dave Syer

Field Summary
 
Fields inherited from class org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport
logger
 
Constructor Summary
AccessTokenProviderChain(List<? extends AccessTokenProvider> chain)
           
 
Method Summary
 OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails resource, AccessTokenRequest request)
          Obtain a new access token for the specified protected resource.
protected  OAuth2AccessToken obtainNewAccessTokenInternal(OAuth2ProtectedResourceDetails details, AccessTokenRequest request)
           
 OAuth2AccessToken refreshAccessToken(OAuth2ProtectedResourceDetails resource, OAuth2RefreshToken refreshToken, AccessTokenRequest request)
          Obtain a new access token for the specified resource using the refresh token.
 void setClientTokenServices(ClientTokenServices clientTokenServices)
          Token services for long-term persistence of access tokens.
 boolean supportsRefresh(OAuth2ProtectedResourceDetails resource)
           
 boolean supportsResource(OAuth2ProtectedResourceDetails resource)
          Whether this provider supports the specified resource.
 
Methods inherited from class org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport
getAccessTokenUri, getHttpMethod, getRequestCallback, getResponseErrorHandler, getResponseExtractor, getRestTemplate, retrieveToken, setAuthenticationHandler, setMessageConverters, setRequestFactory
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AccessTokenProviderChain

public AccessTokenProviderChain(List<? extends AccessTokenProvider> chain)
Method Detail

setClientTokenServices

public void setClientTokenServices(ClientTokenServices clientTokenServices)
Token services for long-term persistence of access tokens.

Parameters:
clientTokenServices - the clientTokenServices to set

supportsResource

public boolean supportsResource(OAuth2ProtectedResourceDetails resource)
Description copied from interface: AccessTokenProvider
Whether this provider supports the specified resource.

Specified by:
supportsResource in interface AccessTokenProvider
Parameters:
resource - The resource.
Returns:
Whether this provider supports the specified resource.

supportsRefresh

public boolean supportsRefresh(OAuth2ProtectedResourceDetails resource)
Specified by:
supportsRefresh in interface AccessTokenProvider
Parameters:
resource - The resource to check
Returns:
true if this provider can refresh an access token

obtainAccessToken

public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails resource,
                                           AccessTokenRequest request)
                                    throws UserRedirectRequiredException,
                                           org.springframework.security.access.AccessDeniedException
Description copied from interface: AccessTokenProvider
Obtain a new access token for the specified protected resource.

Specified by:
obtainAccessToken in interface AccessTokenProvider
Parameters:
resource - The protected resource for which this provider is to obtain an access token.
request - The parameters of the request giving context for the token details if any.
Returns:
The access token for the specified protected resource. The return value may NOT be null.
Throws:
UserRedirectRequiredException - If the provider requires the current user to be redirected for authorization.
org.springframework.security.access.AccessDeniedException - If the user denies access to the protected resource.

obtainNewAccessTokenInternal

protected OAuth2AccessToken obtainNewAccessTokenInternal(OAuth2ProtectedResourceDetails details,
                                                         AccessTokenRequest request)
                                                  throws UserRedirectRequiredException,
                                                         org.springframework.security.access.AccessDeniedException
Throws:
UserRedirectRequiredException
org.springframework.security.access.AccessDeniedException

refreshAccessToken

public OAuth2AccessToken refreshAccessToken(OAuth2ProtectedResourceDetails resource,
                                            OAuth2RefreshToken refreshToken,
                                            AccessTokenRequest request)
                                     throws UserRedirectRequiredException
Obtain a new access token for the specified resource using the refresh token.

Specified by:
refreshAccessToken in interface AccessTokenProvider
Parameters:
resource - The resource.
refreshToken - The refresh token.
Returns:
The access token, or null if failed.
Throws:
UserRedirectRequiredException


Copyright © 2012. All Rights Reserved.