View Javadoc
1   /*
2    * Copyright 2008 Web Cohesion
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.springframework.security.oauth.provider.token;
18  
19  import org.springframework.security.core.Authentication;
20  import org.springframework.security.core.AuthenticationException;
21  
22  /**
23   * @author Ryan Heaton
24   */
25  public interface OAuthProviderTokenServices {
26  
27    /**
28     * Read a token by its value.
29     *
30     * @param token The token value.
31     * @return The token.
32     * @throws AuthenticationException If the token is invalid, expired, or disabled.
33     */
34    OAuthProviderToken getToken(String token) throws AuthenticationException;
35  
36    /**
37     * Create an unauthorized OAuth request token.
38     *
39     * @param consumerKey The consumer key for which to create the token.
40     * @param callbackUrl The callback URL associated with the consumer key.
41     * @return The token.
42     * @throws AuthenticationException If the consumer isn't valid or otherwise isn't allowed to create a new request token.
43     */
44    OAuthProviderToken createUnauthorizedRequestToken(String consumerKey, String callbackUrl) throws AuthenticationException;
45  
46    /**
47     * Authorize the specified request token with the specified authentication credentials. After the
48     * request token is authorized, the consumer to which that request token was issued will be able
49     * to use it to obtain an access token.
50     *
51     * @param requestToken The request token.
52     * @param verifier The verifier to be assigned to the request token.
53     * @param authentication The authentication credentials with which to authorize the request token. This is the
54     * authentication of the <i>user</i> who has signed in and is authorizing the consumer to have access to a
55     * protected resource. This same authentication can be pulled from the security context, but it's passed explicitly
56     * here to suggest to the method implementation that it needs to take into account what authorities are being
57     * granted to the consumer by the user.
58     * @throws AuthenticationException If the token is expired or otherwise unauthorizable, or if the
59     * authentication credentials are insufficient.
60     */
61    void authorizeRequestToken(String requestToken, String verifier, Authentication authentication) throws AuthenticationException;
62  
63    /**
64     * Create an OAuth access token given the specified request token. This token will be used to provide
65     * access to a protected resource. After the access token is created, the request token should be invalidated.
66     *
67     * @param requestToken The (presumably authorized) request token used to create the access token.
68     * @return The access token.
69     * @throws AuthenticationException If the request token is expired or disabled or doesn't reference the necessary authentication
70     *                                 credentials or otherwise isn't authorized.
71     */
72    OAuthAccessProviderToken createAccessToken(String requestToken) throws AuthenticationException;
73  
74  }