View Javadoc
1   package org.springframework.security.oauth2.client.token.grant.redirect;
2   
3   import org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails;
4   import org.springframework.security.oauth2.client.token.AccessTokenRequest;
5   import org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest;
6   
7   /**
8    * @author Dave Syer
9    */
10  public abstract class AbstractRedirectResourceDetails extends BaseOAuth2ProtectedResourceDetails {
11  
12  	private String preEstablishedRedirectUri;
13  
14  	private String userAuthorizationUri;
15  
16  	private boolean useCurrentUri = true;
17  
18  	/**
19  	 * Flag to signal that the current URI (if set) in the request should be used in preference to the pre-established
20  	 * redirect URI.
21  	 * 
22  	 * @param useCurrentUri the flag value to set (default true)
23  	 */
24  	public void setUseCurrentUri(boolean useCurrentUri) {
25  		this.useCurrentUri = useCurrentUri;
26  	}
27  	
28  	/**
29  	 * Flag to signal that the current URI (if set) in the request should be used in preference to the pre-established
30  	 * redirect URI.
31  	 * 
32  	 * @return the flag value
33  	 */
34  	public boolean isUseCurrentUri() {
35  		return useCurrentUri;
36  	}
37  
38  	/**
39  	 * The URI to which the user is to be redirected to authorize an access token.
40  	 * 
41  	 * @return The URI to which the user is to be redirected to authorize an access token.
42  	 */
43  	public String getUserAuthorizationUri() {
44  		return userAuthorizationUri;
45  	}
46  
47  	/**
48  	 * The URI to which the user is to be redirected to authorize an access token.
49  	 * 
50  	 * @param userAuthorizationUri The URI to which the user is to be redirected to authorize an access token.
51  	 */
52  	public void setUserAuthorizationUri(String userAuthorizationUri) {
53  		this.userAuthorizationUri = userAuthorizationUri;
54  	}
55  
56  	/**
57  	 * The redirect URI that has been pre-established with the server. If present, the redirect URI will be omitted from
58  	 * the user authorization request because the server doesn't need to know it.
59  	 * 
60  	 * @return The redirect URI that has been pre-established with the server.
61  	 */
62  	public String getPreEstablishedRedirectUri() {
63  		return preEstablishedRedirectUri;
64  	}
65  
66  	/**
67  	 * The redirect URI that has been pre-established with the server. If present, the redirect URI will be omitted from
68  	 * the user authorization request because the server doesn't need to know it.
69  	 * 
70  	 * @param preEstablishedRedirectUri The redirect URI that has been pre-established with the server.
71  	 */
72  	public void setPreEstablishedRedirectUri(String preEstablishedRedirectUri) {
73  		this.preEstablishedRedirectUri = preEstablishedRedirectUri;
74  	}
75  
76  	/**
77  	 * Extract a redirect uri from the resource and/or the current request.
78  	 * 
79  	 * @param request the current {@link DefaultAccessTokenRequest}
80  	 * @return a redirect uri if one can be established
81  	 */
82  	public String getRedirectUri(AccessTokenRequest request) {
83  
84  		String redirectUri = request.getFirst("redirect_uri");
85  
86  		if (redirectUri == null && request.getCurrentUri() != null && useCurrentUri) {
87  			redirectUri = request.getCurrentUri();
88  		}
89  
90  		if (redirectUri == null && getPreEstablishedRedirectUri() != null) {
91  			// Override the redirect_uri if it is pre-registered
92  			redirectUri = getPreEstablishedRedirectUri();
93  		}
94  
95  		return redirectUri;
96  
97  	}
98  
99  }