org.springframework.security.oauth2.provider.endpoint

Class AuthorizationEndpoint

java.lang.Object

org.springframework.security.oauth2.provider.endpoint.AbstractEndpoint

org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint

All Implemented Interfaces:

InitializingBean

@SessionAttributes(value={"authorizationRequest","org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.ORIGINAL_AUTHORIZATION_REQUEST"})
public class AuthorizationEndpoint
extends AbstractEndpoint

Implementation of the Authorization Endpoint from the OAuth2 specification. Accepts authorization requests, and handles user approval if the grant type is authorization code. The tokens themselves are obtained from the Token Endpoint, except in the implicit grant type (where they come from the Authorization Endpoint via response_type=token.

This endpoint should be secured so that it is only accessible to fully authenticated users (as a minimum requirement) since it represents a request from a valid user to act on his or her behalf.

Author:

Dave Syer, Vladimir Kryachko

Field Summary

Fields inherited from class org.springframework.security.oauth2.provider.endpoint.AbstractEndpoint

logger

Constructor Summary

Constructors

Constructor and Description
AuthorizationEndpoint()

Method Summary

Methods

Modifier and Type	Method and Description
View	approveOrDeny(Map<String,String> approvalParameters, Map<String,?> model, SessionStatus sessionStatus, Principal principal)
ModelAndView	authorize(Map<String,Object> model, Map<String,String> parameters, SessionStatus sessionStatus, Principal principal)
ModelAndView	handleClientRegistrationException(Exception e, ServletWebRequest webRequest)
ModelAndView	handleHttpSessionRequiredException(HttpSessionRequiredException e, ServletWebRequest webRequest)
ModelAndView	handleOAuth2Exception(OAuth2Exception e, ServletWebRequest webRequest)
void	setAuthorizationCodeServices(AuthorizationCodeServices authorizationCodeServices)
void	setErrorPage(String errorPage)
void	setImplicitGrantService(ImplicitGrantService implicitGrantService)
void	setOAuth2RequestValidator(OAuth2RequestValidator oauth2RequestValidator)
void	setRedirectResolver(RedirectResolver redirectResolver)
void	setSessionAttributeStore(SessionAttributeStore sessionAttributeStore)
void	setUserApprovalHandler(UserApprovalHandler userApprovalHandler)
void	setUserApprovalPage(String userApprovalPage)

Methods inherited from class org.springframework.security.oauth2.provider.endpoint.AbstractEndpoint

afterPropertiesSet, getClientDetailsService, getDefaultOAuth2RequestFactory, getExceptionTranslator, getOAuth2RequestFactory, getTokenGranter, setClientDetailsService, setOAuth2RequestFactory, setProviderExceptionHandler, setTokenGranter

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthorizationEndpoint

public AuthorizationEndpoint()

Method Detail

setSessionAttributeStore

public void setSessionAttributeStore(SessionAttributeStore sessionAttributeStore)

setErrorPage

public void setErrorPage(String errorPage)

authorize

@RequestMapping(value="/oauth/authorize")
public ModelAndView authorize(Map<String,Object> model,
                                         @RequestParam
                                         Map<String,String> parameters,
                                         SessionStatus sessionStatus,
                                         Principal principal)

approveOrDeny

@RequestMapping(value="/oauth/authorize",
                method=POST,
                params="user_oauth_approval")
public View approveOrDeny(@RequestParam
                                                     Map<String,String> approvalParameters,
                                                     Map<String,?> model,
                                                     SessionStatus sessionStatus,
                                                     Principal principal)

setUserApprovalPage

public void setUserApprovalPage(String userApprovalPage)

setAuthorizationCodeServices

public void setAuthorizationCodeServices(AuthorizationCodeServices authorizationCodeServices)

setRedirectResolver

public void setRedirectResolver(RedirectResolver redirectResolver)

setUserApprovalHandler

public void setUserApprovalHandler(UserApprovalHandler userApprovalHandler)

setOAuth2RequestValidator

public void setOAuth2RequestValidator(OAuth2RequestValidator oauth2RequestValidator)

setImplicitGrantService

public void setImplicitGrantService(ImplicitGrantService implicitGrantService)

handleClientRegistrationException

@ExceptionHandler(value=ClientRegistrationException.class)
public ModelAndView handleClientRegistrationException(Exception e,
                                                                                                    ServletWebRequest webRequest)
                                               throws Exception

Throws:

Exception

handleOAuth2Exception

@ExceptionHandler(value=OAuth2Exception.class)
public ModelAndView handleOAuth2Exception(OAuth2Exception e,
                                                                            ServletWebRequest webRequest)
                                   throws Exception

Throws:

Exception

handleHttpSessionRequiredException

@ExceptionHandler(value=org.springframework.web.HttpSessionRequiredException.class)
public ModelAndView handleHttpSessionRequiredException(HttpSessionRequiredException e,
                                                                                                                              ServletWebRequest webRequest)
                                                throws Exception

Throws:

Exception