1 package org.springframework.security.oauth2.client.token.grant.redirect;
2
3 import org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails;
4 import org.springframework.security.oauth2.client.token.AccessTokenRequest;
5 import org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest;
6
7 /**
8 * @author Dave Syer
9 */
10 public abstract class AbstractRedirectResourceDetails extends BaseOAuth2ProtectedResourceDetails {
11
12 private String preEstablishedRedirectUri;
13
14 private String userAuthorizationUri;
15
16 private boolean useCurrentUri = true;
17
18 /**
19 * Flag to signal that the current URI (if set) in the request should be used in preference to the pre-established
20 * redirect URI.
21 *
22 * @param useCurrentUri the flag value to set (default true)
23 */
24 public void setUseCurrentUri(boolean useCurrentUri) {
25 this.useCurrentUri = useCurrentUri;
26 }
27
28 /**
29 * Flag to signal that the current URI (if set) in the request should be used in preference to the pre-established
30 * redirect URI.
31 *
32 * @return the flag value
33 */
34 public boolean isUseCurrentUri() {
35 return useCurrentUri;
36 }
37
38 /**
39 * The URI to which the user is to be redirected to authorize an access token.
40 *
41 * @return The URI to which the user is to be redirected to authorize an access token.
42 */
43 public String getUserAuthorizationUri() {
44 return userAuthorizationUri;
45 }
46
47 /**
48 * The URI to which the user is to be redirected to authorize an access token.
49 *
50 * @param userAuthorizationUri The URI to which the user is to be redirected to authorize an access token.
51 */
52 public void setUserAuthorizationUri(String userAuthorizationUri) {
53 this.userAuthorizationUri = userAuthorizationUri;
54 }
55
56 /**
57 * The redirect URI that has been pre-established with the server. If present, the redirect URI will be omitted from
58 * the user authorization request because the server doesn't need to know it.
59 *
60 * @return The redirect URI that has been pre-established with the server.
61 */
62 public String getPreEstablishedRedirectUri() {
63 return preEstablishedRedirectUri;
64 }
65
66 /**
67 * The redirect URI that has been pre-established with the server. If present, the redirect URI will be omitted from
68 * the user authorization request because the server doesn't need to know it.
69 *
70 * @param preEstablishedRedirectUri The redirect URI that has been pre-established with the server.
71 */
72 public void setPreEstablishedRedirectUri(String preEstablishedRedirectUri) {
73 this.preEstablishedRedirectUri = preEstablishedRedirectUri;
74 }
75
76 /**
77 * Extract a redirect uri from the resource and/or the current request.
78 *
79 * @param request the current {@link DefaultAccessTokenRequest}
80 * @return a redirect uri if one can be established
81 */
82 public String getRedirectUri(AccessTokenRequest request) {
83
84 String redirectUri = request.getFirst("redirect_uri");
85
86 if (redirectUri == null && request.getCurrentUri() != null && useCurrentUri) {
87 redirectUri = request.getCurrentUri();
88 }
89
90 if (redirectUri == null && getPreEstablishedRedirectUri() != null) {
91 // Override the redirect_uri if it is pre-registered
92 redirectUri = getPreEstablishedRedirectUri();
93 }
94
95 return redirectUri;
96
97 }
98
99 }