org.springframework.security.oauth2.client.token.grant.implicit

Class ImplicitAccessTokenProvider

java.lang.Object

org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport

org.springframework.security.oauth2.client.token.grant.implicit.ImplicitAccessTokenProvider

All Implemented Interfaces:

AccessTokenProvider

public class ImplicitAccessTokenProvider
extends OAuth2AccessTokenSupport
implements AccessTokenProvider

Provider for obtaining an oauth2 access token by using implicit grant. Normally the implicit grant is used by script clients in a browser or device, but it can also be useful for native clients generally, so if those clients were written in Java this would be a nice convenience. Web application clients are also a possiblity, although the authorization code grant type is probably more common there, and requires no special customizations on the authorization server. Callers add any additional form parameters they need to the DefaultAccessTokenRequest and these will be passed onto the authorization endpoint on the server. The server then has to interpret those parameters, together with any other information available (e.g. from a cookie), and decide if a user can be authenticated and if the user has approved the grant of the access token. Only if those two conditions are met should an access token be available through this provider.

Author:

Dave Syer

Field Summary

Fields inherited from class org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport

logger

Constructor Summary

Constructors

Constructor and Description
ImplicitAccessTokenProvider()

Method Summary

Methods

Modifier and Type	Method and Description
protected org.springframework.web.client.ResponseExtractor<OAuth2AccessToken>	getResponseExtractor()
OAuth2AccessToken	obtainAccessToken(OAuth2ProtectedResourceDetails details, AccessTokenRequest request) Obtain a new access token for the specified protected resource.
OAuth2AccessToken	refreshAccessToken(OAuth2ProtectedResourceDetails resource, OAuth2RefreshToken refreshToken, AccessTokenRequest request)
boolean	supportsRefresh(OAuth2ProtectedResourceDetails resource)
boolean	supportsResource(OAuth2ProtectedResourceDetails resource) Whether this provider supports the specified resource.

Methods inherited from class org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport

getAccessTokenUri, getHttpMethod, getRequestCallback, getResponseErrorHandler, getRestTemplate, retrieveToken, setAuthenticationHandler, setInterceptors, setMessageConverters, setRequestFactory, setTokenRequestEnhancer

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ImplicitAccessTokenProvider

public ImplicitAccessTokenProvider()

Method Detail

supportsResource

public boolean supportsResource(OAuth2ProtectedResourceDetails resource)

Description copied from interface: AccessTokenProvider

Whether this provider supports the specified resource.

Specified by:

supportsResource in interface AccessTokenProvider

Parameters:

resource - The resource.

Returns:

Whether this provider supports the specified resource.

supportsRefresh

public boolean supportsRefresh(OAuth2ProtectedResourceDetails resource)

Specified by:

supportsRefresh in interface AccessTokenProvider

Parameters:

resource - The resource to check

Returns:

true if this provider can refresh an access token

refreshAccessToken

public OAuth2AccessToken refreshAccessToken(OAuth2ProtectedResourceDetails resource,
                                   OAuth2RefreshToken refreshToken,
                                   AccessTokenRequest request)
                                     throws UserRedirectRequiredException

Specified by:

refreshAccessToken in interface AccessTokenProvider

Parameters:

resource - the resource for which a token refresh is required

refreshToken - the refresh token to send

Returns:

an access token

Throws:

UserRedirectRequiredException

obtainAccessToken

public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails details,
                                  AccessTokenRequest request)
                                    throws UserRedirectRequiredException,
                                           org.springframework.security.access.AccessDeniedException,
                                           OAuth2AccessDeniedException

Description copied from interface: AccessTokenProvider

Obtain a new access token for the specified protected resource.

Specified by:

obtainAccessToken in interface AccessTokenProvider

Parameters:

details - The protected resource for which this provider is to obtain an access token.

request - The parameters of the request giving context for the token details if any.

Returns:

The access token for the specified protected resource. The return value may NOT be null.

Throws:

UserRedirectRequiredException - If the provider requires the current user to be redirected for authorization.

org.springframework.security.access.AccessDeniedException - If the user denies access to the protected resource.

OAuth2AccessDeniedException

getResponseExtractor

protected org.springframework.web.client.ResponseExtractor<OAuth2AccessToken> getResponseExtractor()

Overrides:

getResponseExtractor in class OAuth2AccessTokenSupport