org.springframework.security.oauth2.provider.approval

Class TokenStoreUserApprovalHandler

java.lang.Object

org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler

All Implemented Interfaces:

InitializingBean, UserApprovalHandler

public class TokenStoreUserApprovalHandler
extends Object
implements UserApprovalHandler, InitializingBean

A user approval handler that remembers approval decisions by consulting existing tokens.

Author:

Dave Syer

Constructor Summary

Constructors

Constructor and Description
TokenStoreUserApprovalHandler()

Method Summary

Methods

Modifier and Type	Method and Description
void	afterPropertiesSet()
AuthorizationRequest	checkForPreApproval(AuthorizationRequest authorizationRequest, org.springframework.security.core.Authentication userAuthentication) Provides a hook for allowing requests to be pre-approved (skipping the User Approval Page).
Map<String,Object>	getUserApprovalRequest(AuthorizationRequest authorizationRequest, org.springframework.security.core.Authentication userAuthentication) Generate a request for the authorization server to ask for the user's approval.
boolean	isApproved(AuthorizationRequest authorizationRequest, org.springframework.security.core.Authentication userAuthentication) Basic implementation just requires the authorization request to be explicitly approved and the user to be authenticated.
void	setApprovalParameter(String approvalParameter)
void	setClientDetailsService(ClientDetailsService clientDetailsService) Service to load client details (optional) for auto approval checks.
void	setRequestFactory(OAuth2RequestFactory requestFactory)
void	setTokenStore(TokenStore tokenStore)
AuthorizationRequest	updateAfterApproval(AuthorizationRequest authorizationRequest, org.springframework.security.core.Authentication userAuthentication) Provides an opportunity to update the authorization request after the approval parameters are set but before it is checked for approval.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

TokenStoreUserApprovalHandler

public TokenStoreUserApprovalHandler()

Method Detail

setClientDetailsService

public void setClientDetailsService(ClientDetailsService clientDetailsService)

Service to load client details (optional) for auto approval checks.

Parameters:

clientDetailsService - a client details service

setApprovalParameter

public void setApprovalParameter(String approvalParameter)

Parameters:

approvalParameter - the approvalParameter to set

setTokenStore

public void setTokenStore(TokenStore tokenStore)

Parameters:

tokenStore - the token store to set

setRequestFactory

public void setRequestFactory(OAuth2RequestFactory requestFactory)

afterPropertiesSet

public void afterPropertiesSet()

Specified by:

afterPropertiesSet in interface InitializingBean

isApproved

public boolean isApproved(AuthorizationRequest authorizationRequest,
                 org.springframework.security.core.Authentication userAuthentication)

Basic implementation just requires the authorization request to be explicitly approved and the user to be authenticated.

Specified by:

isApproved in interface UserApprovalHandler

Parameters:

authorizationRequest - The authorization request.

userAuthentication - the current user authentication

Returns:

Whether the specified request has been approved by the current user.

checkForPreApproval

public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest,
                                       org.springframework.security.core.Authentication userAuthentication)

Description copied from interface: UserApprovalHandler

Provides a hook for allowing requests to be pre-approved (skipping the User Approval Page). Some implementations may allow users to store approval decisions so that they only have to approve a site once. This method is called in the AuthorizationEndpoint before sending the user to the Approval page. If this method sets oAuth2Request.approved to true, the Approval page will be skipped.

Specified by:

checkForPreApproval in interface UserApprovalHandler

Parameters:

authorizationRequest - the authorization request.

userAuthentication - the user authentication

Returns:

the AuthorizationRequest, modified if necessary

updateAfterApproval

public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest,
                                       org.springframework.security.core.Authentication userAuthentication)

Description copied from interface: UserApprovalHandler

Provides an opportunity to update the authorization request after the approval parameters are set but before it is checked for approval. Useful in cases where the incoming approval parameters contain richer information than just true/false (e.g. some scopes are approved, and others are rejected), implementations may need to be able to modify the AuthorizationRequest before a token is generated from it.

Specified by:

updateAfterApproval in interface UserApprovalHandler

Parameters:

authorizationRequest - the authorization request.

userAuthentication - the user authentication

Returns:

the AuthorizationRequest, modified if necessary

getUserApprovalRequest

public Map<String,Object> getUserApprovalRequest(AuthorizationRequest authorizationRequest,
                                        org.springframework.security.core.Authentication userAuthentication)

Description copied from interface: UserApprovalHandler

Generate a request for the authorization server to ask for the user's approval. Typically this will be rendered into a view (HTML etc.) to prompt for the approval, so it needs to contain information about the grant (scopes and client id for instance).

Specified by:

getUserApprovalRequest in interface UserApprovalHandler

Parameters:

authorizationRequest - the authorization request

userAuthentication - the user authentication

Returns:

a model map for rendering to the user to ask for approval