org.springframework.security.oauth2.provider.endpoint
Class AuthorizationEndpoint

java.lang.Object
  extended by org.springframework.security.oauth2.provider.endpoint.AbstractEndpoint
      extended by org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint
All Implemented Interfaces:
InitializingBean

@SessionAttributes(value="authorizationRequest")
@RequestMapping(value="/oauth/authorize")
public class AuthorizationEndpoint
extends AbstractEndpoint
implements InitializingBean

Implementation of the Authorization Endpoint from the OAuth2 specification. Accepts authorization requests, and handles user approval if the grant type is authorization code. The tokens themselves are obtained from the Token Endpoint, except in the implicit grant type (where they come from the Authorization Endpoint via response_type=token.

This endpoint should be secured so that it is only accessible to fully authenticated users (as a minimum requirement) since it represents a request from a valid user to act on his or her behalf.

Author:
Dave Syer, Vladimir Kryachko

Field Summary
 
Fields inherited from class org.springframework.security.oauth2.provider.endpoint.AbstractEndpoint
logger
 
Constructor Summary
AuthorizationEndpoint()
           
 
Method Summary
 void afterPropertiesSet()
           
 View approveOrDeny(Map<String,String> approvalParameters, Map<String,?> model, SessionStatus sessionStatus, Principal principal)
           
 ModelAndView authorize(Map<String,Object> model, String responseType, Map<String,String> parameters, SessionStatus sessionStatus, Principal principal)
           
 ModelAndView handleHttpSessionRequiredException(HttpSessionRequiredException e, ServletWebRequest webRequest)
           
 ModelAndView handleNoSuchClientException(Exception e, ServletWebRequest webRequest)
           
 ModelAndView handleOAuth2Exception(OAuth2Exception e, ServletWebRequest webRequest)
           
 void setAuthorizationCodeServices(AuthorizationCodeServices authorizationCodeServices)
           
 void setErrorPage(String errorPage)
           
 void setRedirectResolver(RedirectResolver redirectResolver)
           
 void setSessionAttributeStore(SessionAttributeStore sessionAttributeStore)
           
 void setUserApprovalHandler(UserApprovalHandler userApprovalHandler)
           
 void setUserApprovalPage(String userApprovalPage)
           
 
Methods inherited from class org.springframework.security.oauth2.provider.endpoint.AbstractEndpoint
getAuthorizationRequestManager, getClientDetailsService, getDefaultAuthorizationRequestManager, getExceptionTranslator, getTokenGranter, setAuthorizationRequestManager, setClientDetailsService, setProviderExceptionHandler, setTokenGranter
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AuthorizationEndpoint

public AuthorizationEndpoint()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Specified by:
afterPropertiesSet in interface InitializingBean
Overrides:
afterPropertiesSet in class AbstractEndpoint
Throws:
Exception

setSessionAttributeStore

public void setSessionAttributeStore(SessionAttributeStore sessionAttributeStore)

setErrorPage

public void setErrorPage(String errorPage)

authorize

@RequestMapping
public ModelAndView authorize(Map<String,Object> model,
                                             @RequestParam(value="response_type",required=false,defaultValue="none")
                                             String responseType,
                                             @RequestParam
                                             Map<String,String> parameters,
                                             SessionStatus sessionStatus,
                                             Principal principal)

approveOrDeny

@RequestMapping(method=POST,
                params="user_oauth_approval")
public View approveOrDeny(@RequestParam
                                                         Map<String,String> approvalParameters,
                                                         Map<String,?> model,
                                                         SessionStatus sessionStatus,
                                                         Principal principal)

setUserApprovalPage

public void setUserApprovalPage(String userApprovalPage)

setAuthorizationCodeServices

public void setAuthorizationCodeServices(AuthorizationCodeServices authorizationCodeServices)

setRedirectResolver

public void setRedirectResolver(RedirectResolver redirectResolver)

setUserApprovalHandler

public void setUserApprovalHandler(UserApprovalHandler userApprovalHandler)

handleNoSuchClientException

@ExceptionHandler(value=NoSuchClientException.class)
public ModelAndView handleNoSuchClientException(Exception e,
                                                                                                 ServletWebRequest webRequest)
                                         throws Exception
Throws:
Exception

handleOAuth2Exception

@ExceptionHandler(value=OAuth2Exception.class)
public ModelAndView handleOAuth2Exception(OAuth2Exception e,
                                                                                     ServletWebRequest webRequest)
                                   throws Exception
Throws:
Exception

handleHttpSessionRequiredException

@ExceptionHandler(value=org.springframework.web.HttpSessionRequiredException.class)
public ModelAndView handleHttpSessionRequiredException(HttpSessionRequiredException e,
                                                                                                                                       ServletWebRequest webRequest)
                                                throws Exception
Throws:
Exception


Copyright © 2012. All Rights Reserved.