public abstract class OAuthProviderProcessingFilter extends Object implements javax.servlet.Filter, InitializingBean, MessageSourceAware
Modifier and Type | Field and Description |
---|---|
protected MessageSourceAccessor |
messages |
static String |
OAUTH_PROCESSING_HANDLED
Attribute for indicating that OAuth processing has already occurred.
|
Constructor and Description |
---|
OAuthProviderProcessingFilter() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
protected boolean |
allowMethod(String method)
Whether to allow the specified HTTP method.
|
protected Object |
createDetails(javax.servlet.http.HttpServletRequest request,
ConsumerDetails consumerDetails)
Create the details for the authentication request.
|
void |
destroy() |
void |
doFilter(javax.servlet.ServletRequest servletRequest,
javax.servlet.ServletResponse servletResponse,
javax.servlet.FilterChain chain) |
protected void |
fail(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
org.springframework.security.core.AuthenticationException failure)
Common logic for OAuth failed.
|
OAuthProcessingFilterEntryPoint |
getAuthenticationEntryPoint()
The authentication entry point.
|
ConsumerDetailsService |
getConsumerDetailsService()
The consumer details service.
|
String |
getFilterProcessesUrl()
The URL for which this filter will be applied.
|
OAuthNonceServices |
getNonceServices()
The nonce services.
|
OAuthProviderSupport |
getProviderSupport()
The OAuth provider support.
|
OAuthSignatureMethodFactory |
getSignatureMethodFactory()
The OAuth signature method factory.
|
OAuthProviderTokenServices |
getTokenServices()
Get the OAuth token services.
|
void |
init(javax.servlet.FilterConfig ignored) |
boolean |
isIgnoreInadequateCredentials()
Whether to ignore missing OAuth credentials.
|
protected void |
onNewTimestamp()
Logic to be performed on a new timestamp.
|
protected abstract void |
onValidSignature(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain chain)
Logic executed on valid signature.
|
protected boolean |
parametersAreAdequate(Map<String,String> oauthParams)
By default, OAuth parameters are adequate if a consumer key is present.
|
protected boolean |
requiresAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain filterChain)
Whether this filter is configured to process the specified request.
|
protected void |
resetPreviousAuthentication(org.springframework.security.core.Authentication previousAuthentication) |
void |
setAllowedMethods(List<String> allowedMethods)
The allowed set of HTTP methods.
|
void |
setAuthenticationEntryPoint(OAuthProcessingFilterEntryPoint authenticationEntryPoint)
The authentication entry point.
|
void |
setConsumerDetailsService(ConsumerDetailsService consumerDetailsService)
The consumer details service.
|
void |
setFilterProcessesUrl(String filterProcessesUrl)
The URL for which this filter will be applied.
|
void |
setIgnoreMissingCredentials(boolean ignoreMissingCredentials)
Whether to ignore missing OAuth credentials.
|
void |
setMessageSource(MessageSource messageSource)
Set the message source.
|
void |
setNonceServices(OAuthNonceServices nonceServices)
The nonce services.
|
void |
setProviderSupport(OAuthProviderSupport providerSupport)
The OAuth provider support.
|
void |
setSignatureMethodFactory(OAuthSignatureMethodFactory signatureMethodFactory)
The OAuth signature method factory.
|
void |
setTokenServices(OAuthProviderTokenServices tokenServices)
The OAuth token services.
|
protected boolean |
skipProcessing(javax.servlet.http.HttpServletRequest request)
Whether to skip processing for the specified request.
|
protected void |
validateAdditionalParameters(ConsumerDetails consumerDetails,
Map<String,String> oauthParams)
Do any additional validation checks for the specified oauth params.
|
protected void |
validateOAuthParams(ConsumerDetails consumerDetails,
Map<String,String> oauthParams)
Validates the OAuth parameters for the given consumer.
|
protected void |
validateSignature(ConsumerAuthentication authentication)
Validate the signature of the request given the authentication request.
|
public static final String OAUTH_PROCESSING_HANDLED
protected MessageSourceAccessor messages
public void afterPropertiesSet() throws Exception
afterPropertiesSet
in interface InitializingBean
Exception
public void init(javax.servlet.FilterConfig ignored) throws javax.servlet.ServletException
init
in interface javax.servlet.Filter
javax.servlet.ServletException
public void destroy()
destroy
in interface javax.servlet.Filter
public void doFilter(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
doFilter
in interface javax.servlet.Filter
IOException
javax.servlet.ServletException
protected boolean parametersAreAdequate(Map<String,String> oauthParams)
oauthParams
- The oauth params.protected void resetPreviousAuthentication(org.springframework.security.core.Authentication previousAuthentication)
protected Object createDetails(javax.servlet.http.HttpServletRequest request, ConsumerDetails consumerDetails)
request
- The request.consumerDetails
- The consumer details.protected boolean allowMethod(String method)
method
- The HTTP method to check for allowing.protected void validateSignature(ConsumerAuthentication authentication) throws org.springframework.security.core.AuthenticationException
authentication
- The authentication request.org.springframework.security.core.AuthenticationException
protected abstract void onValidSignature(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
ConsumerAuthentication
Default implementation continues the chain.request
- The request.response
- The responsechain
- The filter chain.IOException
javax.servlet.ServletException
protected void validateOAuthParams(ConsumerDetails consumerDetails, Map<String,String> oauthParams) throws InvalidOAuthParametersException
consumerDetails
- The consumer details.oauthParams
- The OAuth parameters to validate.InvalidOAuthParametersException
- If the OAuth parameters are invalid.protected void validateAdditionalParameters(ConsumerDetails consumerDetails, Map<String,String> oauthParams)
consumerDetails
- The consumer details.oauthParams
- The params.protected void onNewTimestamp() throws org.springframework.security.core.AuthenticationException
org.springframework.security.core.AuthenticationException
- If the timestamp shouldn't be new.protected void fail(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException failure) throws IOException, javax.servlet.ServletException
request
- The request.response
- The response.failure
- The failure.IOException
- thrown when there's an underlying IO exceptionjavax.servlet.ServletException
- thrown in the case of an underlying Servlet exceptionprotected boolean requiresAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)
request
- The request.response
- The responsefilterChain
- The filter chainprotected boolean skipProcessing(javax.servlet.http.HttpServletRequest request)
request
- The request.public OAuthProcessingFilterEntryPoint getAuthenticationEntryPoint()
@Autowired(required=false) public void setAuthenticationEntryPoint(OAuthProcessingFilterEntryPoint authenticationEntryPoint)
authenticationEntryPoint
- The authentication entry point.public ConsumerDetailsService getConsumerDetailsService()
@Autowired public void setConsumerDetailsService(ConsumerDetailsService consumerDetailsService)
consumerDetailsService
- The consumer details service.public OAuthNonceServices getNonceServices()
@Autowired(required=false) public void setNonceServices(OAuthNonceServices nonceServices)
nonceServices
- The nonce services.public OAuthProviderTokenServices getTokenServices()
@Autowired public void setTokenServices(OAuthProviderTokenServices tokenServices)
tokenServices
- The OAuth token services.public String getFilterProcessesUrl()
public void setFilterProcessesUrl(String filterProcessesUrl)
filterProcessesUrl
- The URL for which this filter will be applied.public void setMessageSource(MessageSource messageSource)
setMessageSource
in interface MessageSourceAware
messageSource
- The message source.public OAuthProviderSupport getProviderSupport()
@Autowired(required=false) public void setProviderSupport(OAuthProviderSupport providerSupport)
providerSupport
- The OAuth provider support.public OAuthSignatureMethodFactory getSignatureMethodFactory()
@Autowired(required=false) public void setSignatureMethodFactory(OAuthSignatureMethodFactory signatureMethodFactory)
signatureMethodFactory
- The OAuth signature method factory.public boolean isIgnoreInadequateCredentials()
public void setIgnoreMissingCredentials(boolean ignoreMissingCredentials)
ignoreMissingCredentials
- Whether to ignore missing OAuth credentials.Copyright © 2019. All rights reserved.