View Javadoc

1   /*
2    * Copyright 2002-2011 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.springframework.security.oauth.examples.sparklr.oauth;
18  
19  import java.util.Collection;
20  
21  import org.springframework.security.core.Authentication;
22  import org.springframework.security.oauth2.provider.AuthorizationRequest;
23  import org.springframework.security.oauth2.provider.ClientDetails;
24  import org.springframework.security.oauth2.provider.ClientDetailsService;
25  import org.springframework.security.oauth2.provider.ClientRegistrationException;
26  import org.springframework.security.oauth2.provider.approval.ApprovalStoreUserApprovalHandler;
27  
28  /**
29   * @author Dave Syer
30   * 
31   */
32  public class SparklrUserApprovalHandler extends ApprovalStoreUserApprovalHandler {
33  
34  	private boolean useApprovalStore = true;
35  
36  	private ClientDetailsService clientDetailsService;
37  
38  	/**
39  	 * Service to load client details (optional) for auto approval checks.
40  	 * 
41  	 * @param clientDetailsService a client details service
42  	 */
43  	public void setClientDetailsService(ClientDetailsService clientDetailsService) {
44  		this.clientDetailsService = clientDetailsService;
45  		super.setClientDetailsService(clientDetailsService);
46  	}
47  
48  	/**
49  	 * @param useApprovalStore the useTokenServices to set
50  	 */
51  	public void setUseApprovalStore(boolean useApprovalStore) {
52  		this.useApprovalStore = useApprovalStore;
53  	}
54  
55  	/**
56  	 * Allows automatic approval for a white list of clients in the implicit grant case.
57  	 * 
58  	 * @param authorizationRequest The authorization request.
59  	 * @param userAuthentication the current user authentication
60  	 * 
61  	 * @return An updated request if it has already been approved by the current user.
62  	 */
63  	@Override
64  	public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest,
65  			Authentication userAuthentication) {
66  
67  		boolean approved = false;
68  		// If we are allowed to check existing approvals this will short circuit the decision
69  		if (useApprovalStore) {
70  			authorizationRequest = super.checkForPreApproval(authorizationRequest, userAuthentication);
71  			approved = authorizationRequest.isApproved();
72  		}
73  		else {
74  			if (clientDetailsService != null) {
75  				Collection<String> requestedScopes = authorizationRequest.getScope();
76  				try {
77  					ClientDetails client = clientDetailsService
78  							.loadClientByClientId(authorizationRequest.getClientId());
79  					for (String scope : requestedScopes) {
80  						if (client.isAutoApprove(scope) || client.isAutoApprove("all")) {
81  							approved = true;
82  							break;
83  						}
84  					}
85  				}
86  				catch (ClientRegistrationException e) {
87  				}
88  			}
89  		}
90  		authorizationRequest.setApproved(approved);
91  
92  		return authorizationRequest;
93  
94  	}
95  
96  }