UserApprovalHandler (OAuth for Spring Security 2.4.0.BUILD-SNAPSHOT API)

All Known Implementing Classes:

ApprovalStoreUserApprovalHandler, DefaultUserApprovalHandler, TokenStoreUserApprovalHandler
```
public interface UserApprovalHandler
```
Basic interface for determining whether a given client authentication request has been approved by the current user.

Author:

Ryan Heaton, Dave Syer, Amanda Anganes

Method Summary

Methods
Modifier and Type	Method and Description
`AuthorizationRequest`	`checkForPreApproval(AuthorizationRequest authorizationRequest, org.springframework.security.core.Authentication userAuthentication)` Provides a hook for allowing requests to be pre-approved (skipping the User Approval Page).
`Map<String,Object>`	`getUserApprovalRequest(AuthorizationRequest authorizationRequest, org.springframework.security.core.Authentication userAuthentication)` Generate a request for the authorization server to ask for the user's approval.
`boolean`	`isApproved(AuthorizationRequest authorizationRequest, org.springframework.security.core.Authentication userAuthentication)` Tests whether the specified authorization request has been approved by the current user (if there is one).
`AuthorizationRequest`	`updateAfterApproval(AuthorizationRequest authorizationRequest, org.springframework.security.core.Authentication userAuthentication)` Provides an opportunity to update the authorization request after the `approval parameters` are set but before it is checked for approval.

- Method Detail
  - isApproved
```
boolean isApproved(AuthorizationRequest authorizationRequest,
                 org.springframework.security.core.Authentication userAuthentication)
```
    Tests whether the specified authorization request has been approved by the current user (if there is one).
    
    Parameters:
    authorizationRequest - the authorization request.
    userAuthentication - the user authentication for the current user.
    
    Returns:
    true if the request has been approved, false otherwise
  - checkForPreApproval
```
AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest,
                                       org.springframework.security.core.Authentication userAuthentication)
```
    Provides a hook for allowing requests to be pre-approved (skipping the User Approval Page). Some implementations may allow users to store approval decisions so that they only have to approve a site once. This method is called in the AuthorizationEndpoint before sending the user to the Approval page. If this method sets oAuth2Request.approved to true, the Approval page will be skipped.
    
    Parameters:
    authorizationRequest - the authorization request.
    userAuthentication - the user authentication
    
    Returns:
    the AuthorizationRequest, modified if necessary
  - updateAfterApproval
```
AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest,
                                       org.springframework.security.core.Authentication userAuthentication)
```
    Provides an opportunity to update the authorization request after the approval parameters are set but before it is checked for approval. Useful in cases where the incoming approval parameters contain richer information than just true/false (e.g. some scopes are approved, and others are rejected), implementations may need to be able to modify the AuthorizationRequest before a token is generated from it.
    
    Parameters:
    authorizationRequest - the authorization request.
    userAuthentication - the user authentication
    
    Returns:
    the AuthorizationRequest, modified if necessary
  - getUserApprovalRequest
```
Map<String,Object> getUserApprovalRequest(AuthorizationRequest authorizationRequest,
                                        org.springframework.security.core.Authentication userAuthentication)
```
    Generate a request for the authorization server to ask for the user's approval. Typically this will be rendered into a view (HTML etc.) to prompt for the approval, so it needs to contain information about the grant (scopes and client id for instance).
    
    Parameters:
    authorizationRequest - the authorization request
    userAuthentication - the user authentication
    
    Returns:
    a model map for rendering to the user to ask for approval

Interface UserApprovalHandler

Method Summary

Method Detail

isApproved

checkForPreApproval

updateAfterApproval

getUserApprovalRequest