org.springframework.social.connect.web

Class ProviderSignInController

java.lang.Object

org.springframework.social.connect.web.ProviderSignInController

All Implemented Interfaces:

InitializingBean

@Controller
@RequestMapping(value="/signin")
public class ProviderSignInController
extends Object
implements InitializingBean

Spring MVC Controller for handling the provider user sign-in flow.

• POST /signin/{providerId} - Initiate user sign-in with {providerId}.
• GET /signin/{providerId}?oauth_token&oauth_verifier||code - Receive {providerId} authentication callback and establish the connection.

Constructor Summary

Constructors

Constructor and Description
ProviderSignInController(ConnectionFactoryLocator connectionFactoryLocator, UsersConnectionRepository usersConnectionRepository, SignInAdapter signInAdapter) Creates a new provider sign-in controller.

Method Summary

Methods

Modifier and Type	Method and Description
void	addSignInInterceptor(ProviderSignInInterceptor<?> interceptor) Adds a ConnectInterceptor to receive callbacks during the connection process.
void	afterPropertiesSet()
RedirectView	canceledAuthorizationCallback() Process the authentication callback when neither the oauth_token or code parameter is given, likely indicating that the user denied authorization with the provider.
RedirectView	oauth1Callback(String providerId, NativeWebRequest request) Process the authentication callback from an OAuth 1 service provider.
RedirectView	oauth2Callback(String providerId, String code, NativeWebRequest request) Process the authentication callback from an OAuth 2 service provider.
RedirectView	oauth2ErrorCallback(String providerId, String error, String errorDescription, String errorUri, NativeWebRequest request) Process an error callback from an OAuth 2 authorization as described at http://tools.ietf.org/html/rfc6749#section-4.1.2.1.
void	setApplicationUrl(String applicationUrl) Configures the base secure URL for the application this controller is being used in e.g.
void	setPostSignInUrl(String postSignInUrl) Sets the default URL to redirect the user to after signing in using a provider.
void	setSessionStrategy(SessionStrategy sessionStrategy) Sets a strategy to use when persisting information that is to survive past the boundaries of a request.
void	setSignInInterceptors(List<ProviderSignInInterceptor<?>> interceptors) Configure the list of sign in interceptors that should receive callbacks during the sign in process.
void	setSignInUrl(String signInUrl) Sets the URL of the application's sign in page.
void	setSignUpUrl(String signUpUrl) Sets the URL to redirect the user to if no local user account can be mapped when signing in using a provider.
RedirectView	signIn(String providerId, NativeWebRequest request) Process a sign-in form submission by commencing the process of establishing a connection to the provider on behalf of the user.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ProviderSignInController

@Inject
public ProviderSignInController(ConnectionFactoryLocator connectionFactoryLocator,
                               UsersConnectionRepository usersConnectionRepository,
                               SignInAdapter signInAdapter)

Creates a new provider sign-in controller.

Parameters:

connectionFactoryLocator - the locator of connection factories used to support provider sign-in. Note: this reference should be a serializable proxy to a singleton-scoped target instance. This is because ProviderSignInAttempt are session-scoped objects that hold ConnectionFactoryLocator references. If these references cannot be serialized, NotSerializableExceptions can occur at runtime.

usersConnectionRepository - the global store for service provider connections across all users. Note: this reference should be a serializable proxy to a singleton-scoped target instance.

signInAdapter - handles user sign-in

Method Detail

setSignInInterceptors

public void setSignInInterceptors(List<ProviderSignInInterceptor<?>> interceptors)

Configure the list of sign in interceptors that should receive callbacks during the sign in process. Convenient when an instance of this class is configured using a tool that supports JavaBeans-based configuration.

Parameters:

interceptors - the sign in interceptors to add

setSignInUrl

public void setSignInUrl(String signInUrl)

Sets the URL of the application's sign in page. Defaults to "/signin".

Parameters:

signInUrl - the signIn URL

setSignUpUrl

public void setSignUpUrl(String signUpUrl)

Sets the URL to redirect the user to if no local user account can be mapped when signing in using a provider. Defaults to "/signup".

Parameters:

signUpUrl - the signUp URL

setPostSignInUrl

public void setPostSignInUrl(String postSignInUrl)

Sets the default URL to redirect the user to after signing in using a provider. Defaults to "/".

Parameters:

postSignInUrl - the postSignIn URL

setApplicationUrl

public void setApplicationUrl(String applicationUrl)

Configures the base secure URL for the application this controller is being used in e.g. https://myapp.com. Defaults to null. If specified, will be used to generate OAuth callback URLs. If not specified, OAuth callback URLs are generated from web request info. You may wish to set this property if requests into your application flow through a proxy to your application server. In this case, the request URI may contain a scheme, host, and/or port value that points to an internal server not appropriate for an external callback URL. If you have this problem, you can set this property to the base external URL for your application and it will be used to construct the callback URL instead.

Parameters:

applicationUrl - the application URL value

setSessionStrategy

public void setSessionStrategy(SessionStrategy sessionStrategy)

Sets a strategy to use when persisting information that is to survive past the boundaries of a request. The default strategy is to set the data as attributes in the HTTP Session.

Parameters:

sessionStrategy - the session strategy.

addSignInInterceptor

public void addSignInInterceptor(ProviderSignInInterceptor<?> interceptor)

Adds a ConnectInterceptor to receive callbacks during the connection process. Useful for programmatic configuration.

Parameters:

interceptor - the connect interceptor to add

signIn

@RequestMapping(value="/{providerId}",
                method=POST)
public RedirectView signIn(@PathVariable
                                                String providerId,
                                                NativeWebRequest request)

Process a sign-in form submission by commencing the process of establishing a connection to the provider on behalf of the user. For OAuth1, fetches a new request token from the provider, temporarily stores it in the session, then redirects the user to the provider's site for authentication authorization. For OAuth2, redirects the user to the provider's site for authentication authorization.

Parameters:

providerId - the provider ID to authorize against

request - the request

Returns:

a RedirectView to the provider's authorization page or to the application's signin page if there is an error

oauth1Callback

@RequestMapping(value="/{providerId}",
                method=GET,
                params="oauth_token")
public RedirectView oauth1Callback(@PathVariable
                                                             String providerId,
                                                             NativeWebRequest request)

Process the authentication callback from an OAuth 1 service provider. Called after the member authorizes the authentication, generally done once by having he or she click "Allow" in their web browser at the provider's site. Handles the provider sign-in callback by first determining if a local user account is associated with the connected provider account. If so, signs the local user in by delegating to SignInAdapter.signIn(String, Connection, NativeWebRequest) If not, redirects the user to a signup page to create a new account with ProviderSignInAttempt context exposed in the HttpSession.

Parameters:

providerId - the provider ID to authorize against

request - the request

Returns:

a RedirectView to the provider's authorization page or to the application's signin page if there is an error

See Also:

ProviderSignInAttempt, ProviderSignInUtils

oauth2Callback

@RequestMapping(value="/{providerId}",
                method=GET,
                params="code")
public RedirectView oauth2Callback(@PathVariable
                                                             String providerId,
                                                             @RequestParam(value="code")
                                                             String code,
                                                             NativeWebRequest request)

Process the authentication callback from an OAuth 2 service provider. Called after the user authorizes the authentication, generally done once by having he or she click "Allow" in their web browser at the provider's site. Handles the provider sign-in callback by first determining if a local user account is associated with the connected provider account. If so, signs the local user in by delegating to SignInAdapter.signIn(String, Connection, NativeWebRequest). If not, redirects the user to a signup page to create a new account with ProviderSignInAttempt context exposed in the HttpSession.

Parameters:

providerId - the provider ID to authorize against

code - the OAuth 2 authorization code

request - the web request

Returns:

A RedirectView to the target page or the signInUrl if an error occurs

See Also:

ProviderSignInAttempt, ProviderSignInUtils

oauth2ErrorCallback

@RequestMapping(value="/{providerId}",
                method=GET,
                params="error")
public RedirectView oauth2ErrorCallback(@PathVariable
                                                                  String providerId,
                                                                  @RequestParam(value="error")
                                                                  String error,
                                                                  @RequestParam(value="error_description",required=false)
                                                                  String errorDescription,
                                                                  @RequestParam(value="error_uri",required=false)
                                                                  String errorUri,
                                                                  NativeWebRequest request)

Process an error callback from an OAuth 2 authorization as described at http://tools.ietf.org/html/rfc6749#section-4.1.2.1. Called after upon redirect from an OAuth 2 provider when there is some sort of error during authorization, typically because the user denied authorization. Simply carries the error parameters through to the sign-in page.

Parameters:

providerId - The Provider ID

error - An error parameter sent on the redirect from the provider

errorDescription - An optional error description sent from the provider

errorUri - An optional error URI sent from the provider

request - The web request

Returns:

a RedirectView to the signInUrl

canceledAuthorizationCallback

@RequestMapping(value="/{providerId}",
                method=GET)
public RedirectView canceledAuthorizationCallback()

Process the authentication callback when neither the oauth_token or code parameter is given, likely indicating that the user denied authorization with the provider. Redirects to application's sign in URL, as set in the signInUrl property.

Returns:

A RedirectView to the sign in URL

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception

Specified by:

afterPropertiesSet in interface InitializingBean

Throws:

Exception