org.apache.cxf.rs.security.oauth2.provider

Class AbstractOAuthDataProvider

java.lang.Object

org.apache.cxf.rs.security.oauth2.provider.AbstractOAuthDataProvider

All Implemented Interfaces:

ClientRegistrationProvider, OAuthDataProvider

Direct Known Subclasses:

AbstractAuthorizationCodeDataProvider, AbstractCodeDataProvider, DefaultEHCacheOAuthDataProvider, DefaultEncryptingOAuthDataProvider

public abstract class AbstractOAuthDataProvider
extends Object
implements OAuthDataProvider, ClientRegistrationProvider

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	AbstractOAuthDataProvider()

Method Summary

Modifier and Type	Method and Description
void	close()
List<OAuthPermission>	convertScopeToPermissions(Client client, List<String> requestedScopes) Converts the requested scopes to the list of permissions.
ServerAccessToken	createAccessToken(AccessTokenRegistration reg) Create access token
protected ServerAccessToken	createNewAccessToken(Client client)
protected RefreshToken	createNewRefreshToken(ServerAccessToken at)
protected ServerAccessToken	doCreateAccessToken(AccessTokenRegistration atReg)
protected RefreshToken	doCreateNewRefreshToken(ServerAccessToken at)
protected ServerAccessToken	doRefreshAccessToken(Client client, RefreshToken oldRefreshToken, List<String> restrictedScopes)
List<String>	getDefaultScopes()
List<String>	getInvisibleToClientScopes()
MessageContext	getMessageContext()
Map<String,OAuthPermission>	getPermissionMap()
ServerAccessToken	getPreauthorizedToken(Client client, List<String> requestedScopes, UserSubject sub, String grantType) Get preauthorized access token
protected abstract RefreshToken	getRefreshToken(String refreshTokenKey)
List<String>	getRequiredScopes()
protected void	handleLinkedRefreshToken(ServerAccessToken accessToken)
void	init()
protected boolean	isRefreshTokenSupported(List<String> theScopes)
boolean	isSupportPreauthorizedTokens()
ServerAccessToken	refreshAccessToken(Client client, String refreshTokenKey, List<String> restrictedScopes) Refresh access token
void	removeAccessToken(ServerAccessToken token) Removes the access token The runtime will call this method if it finds that a token has expired
protected void	removeClientTokens(Client c)
protected abstract ServerAccessToken	revokeAccessToken(String accessTokenKey)
protected void	revokeAccessTokens(RefreshToken currentRefreshToken)
protected abstract RefreshToken	revokeRefreshToken(String refreshTokenKey)
void	revokeToken(Client client, String tokenKey, String tokenTypeHint) Revokes a refresh or access token
protected abstract void	saveAccessToken(ServerAccessToken serverToken)
protected abstract void	saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken)
void	setAccessTokenLifetime(long accessTokenLifetime)
void	setDefaultScopes(List<String> defaultScopes)
void	setInvisibleToClientScopes(List<String> invisibleToClientScopes)
void	setMessageContext(MessageContext messageContext)
void	setPermissionMap(Map<String,OAuthPermission> permissionMap)
void	setRecycleRefreshTokens(boolean recycleRefreshTokens)
void	setRefreshTokenLifetime(long refreshTokenLifetime)
void	setRequiredScopes(List<String> requiredScopes)
void	setSupportedScopes(Map<String,String> scopes)
void	setSupportPreauthorizedTokens(boolean supportPreauthorizedTokens)
protected void	unlinkRefreshAccessToken(RefreshToken rt, String tokenKey)
protected RefreshToken	updateRefreshToken(RefreshToken rt, ServerAccessToken at)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider

getAccessToken, getAccessTokens, getClient, getRefreshTokens

Methods inherited from interface org.apache.cxf.rs.security.oauth2.provider.ClientRegistrationProvider

getClient, getClients, removeClient, setClient

Constructor Detail

AbstractOAuthDataProvider

protected AbstractOAuthDataProvider()

Method Detail

createAccessToken

public ServerAccessToken createAccessToken(AccessTokenRegistration reg)
                                    throws OAuthServiceException

Description copied from interface: OAuthDataProvider

Create access token

Specified by:

createAccessToken in interface OAuthDataProvider

Parameters:

reg - the token registration info

Returns:

AccessToken

Throws:

OAuthServiceException

doCreateAccessToken

protected ServerAccessToken doCreateAccessToken(AccessTokenRegistration atReg)

removeAccessToken

public void removeAccessToken(ServerAccessToken token)
                       throws OAuthServiceException

Description copied from interface: OAuthDataProvider

Removes the access token The runtime will call this method if it finds that a token has expired

Specified by:

removeAccessToken in interface OAuthDataProvider

Parameters:

token - the token

Throws:

OAuthServiceException

refreshAccessToken

public ServerAccessToken refreshAccessToken(Client client,
                                            String refreshTokenKey,
                                            List<String> restrictedScopes)
                                     throws OAuthServiceException

Description copied from interface: OAuthDataProvider

Refresh access token

Specified by:

refreshAccessToken in interface OAuthDataProvider

Parameters:

client - the client

refreshTokenKey - refresh token key

restrictedScopes - the scopes requested by the client

Returns:

AccessToken

Throws:

OAuthServiceException

revokeToken

public void revokeToken(Client client,
                        String tokenKey,
                        String tokenTypeHint)
                 throws OAuthServiceException

Description copied from interface: OAuthDataProvider

Revokes a refresh or access token

Specified by:

revokeToken in interface OAuthDataProvider

tokenTypeHint - can be access_token or refresh_token or null

Throws:

OAuthServiceException

handleLinkedRefreshToken

protected void handleLinkedRefreshToken(ServerAccessToken accessToken)

revokeAccessTokens

protected void revokeAccessTokens(RefreshToken currentRefreshToken)

unlinkRefreshAccessToken

protected void unlinkRefreshAccessToken(RefreshToken rt,
                                        String tokenKey)

convertScopeToPermissions

public List<OAuthPermission> convertScopeToPermissions(Client client,
                                                       List<String> requestedScopes)

Description copied from interface: OAuthDataProvider

Converts the requested scopes to the list of permissions. The scopes are extracted from OAuth2 'scope' property which if set may contain one or more space separated scope values

Specified by:

convertScopeToPermissions in interface OAuthDataProvider

requestedScopes - the scopes

Returns:

list of permissions

getPreauthorizedToken

public ServerAccessToken getPreauthorizedToken(Client client,
                                               List<String> requestedScopes,
                                               UserSubject sub,
                                               String grantType)
                                        throws OAuthServiceException

Description copied from interface: OAuthDataProvider

Get preauthorized access token

Specified by:

getPreauthorizedToken in interface OAuthDataProvider

Parameters:

client - Client

requestedScopes - the scopes requested by the client

sub - End User subject

Returns:

AccessToken access token

Throws:

OAuthServiceException

isRefreshTokenSupported

protected boolean isRefreshTokenSupported(List<String> theScopes)

createNewAccessToken

protected ServerAccessToken createNewAccessToken(Client client)

updateRefreshToken

protected RefreshToken updateRefreshToken(RefreshToken rt,
                                          ServerAccessToken at)

createNewRefreshToken

protected RefreshToken createNewRefreshToken(ServerAccessToken at)

doCreateNewRefreshToken

protected RefreshToken doCreateNewRefreshToken(ServerAccessToken at)

doRefreshAccessToken

protected ServerAccessToken doRefreshAccessToken(Client client,
                                                 RefreshToken oldRefreshToken,
                                                 List<String> restrictedScopes)

setAccessTokenLifetime

public void setAccessTokenLifetime(long accessTokenLifetime)

setRefreshTokenLifetime

public void setRefreshTokenLifetime(long refreshTokenLifetime)

setRecycleRefreshTokens

public void setRecycleRefreshTokens(boolean recycleRefreshTokens)

init

public void init()

close

public void close()

getPermissionMap

public Map<String,OAuthPermission> getPermissionMap()

setPermissionMap

public void setPermissionMap(Map<String,OAuthPermission> permissionMap)

setSupportedScopes

public void setSupportedScopes(Map<String,String> scopes)

getMessageContext

public MessageContext getMessageContext()

setMessageContext

public void setMessageContext(MessageContext messageContext)

removeClientTokens

protected void removeClientTokens(Client c)

saveAccessToken

protected abstract void saveAccessToken(ServerAccessToken serverToken)

saveRefreshToken

protected abstract void saveRefreshToken(ServerAccessToken at,
                                         RefreshToken refreshToken)

revokeAccessToken

protected abstract ServerAccessToken revokeAccessToken(String accessTokenKey)

revokeRefreshToken

protected abstract RefreshToken revokeRefreshToken(String refreshTokenKey)

getRefreshToken

protected abstract RefreshToken getRefreshToken(String refreshTokenKey)

getDefaultScopes

public List<String> getDefaultScopes()

setDefaultScopes

public void setDefaultScopes(List<String> defaultScopes)

getRequiredScopes

public List<String> getRequiredScopes()

setRequiredScopes

public void setRequiredScopes(List<String> requiredScopes)

getInvisibleToClientScopes

public List<String> getInvisibleToClientScopes()

setInvisibleToClientScopes

public void setInvisibleToClientScopes(List<String> invisibleToClientScopes)

isSupportPreauthorizedTokens

public boolean isSupportPreauthorizedTokens()

setSupportPreauthorizedTokens

public void setSupportPreauthorizedTokens(boolean supportPreauthorizedTokens)