public class OA2ATServlet extends AbstractAccessTokenServlet
Created by Jeff Gaynor
on 10/3/13 at 2:03 PM
caThread, ERROR_NOTIFICATION_BODY_KEY, ERROR_NOTIFICATION_SUBJECT_KEY, kpt, myproxyConnectionCache, myproxyConnectionCleanup, transactionCleanup
storeUpdatesDone
environment, initialization, PING_PARAMETER
Constructor and Description |
---|
OA2ATServlet() |
Modifier and Type | Method and Description |
---|---|
protected long |
computeRefreshLifetime(OA2ServiceTransaction st2)
The lifetime of the refresh token.
|
protected IssuerTransactionState |
doAT(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
OA2Client client) |
protected void |
doIt(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response) |
protected TransactionState |
doRefresh(OA2Client c,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response) |
protected boolean |
executeByGrant(String grantType,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Contains the tests for executing a request based on its grant type.
|
protected OA2ServiceTransaction |
getByRT(RefreshToken refreshToken) |
Client |
getClient(javax.servlet.http.HttpServletRequest request)
This finds the client identifier either as a parameter or in the authorization header and uses
that to get the client.
|
protected String |
getClientSecret(javax.servlet.http.HttpServletRequest request)
This either peels the secret off the parameter list if it is there or from the headers.
|
protected OA2TokenForge |
getTF2() |
protected Map<String,String> |
populateClaims(javax.servlet.http.HttpServletRequest request,
Map<String,String> p,
OA2ServiceTransaction st) |
void |
preprocess(TransactionState state)
Note that if you override this, you should call super, which sets some security-related headers, but touches nothing else.
|
static LinkedList<ClaimSource> |
setupClaimSources(OA2ServiceTransaction transaction,
OA2SE oa2SE) |
ServiceTransaction |
verifyAndGet(IssuerResponse iResponse)
This is called after the response is received so that the system can get the approproate
transaction.
|
protected void |
verifyClientSecret(OA2Client client,
String rawSecret) |
doDelegation, doDelegation
addNotificationListener, checkClientApproval, destroy, getAGI, getATI, getClient, getClient, getFirstParameters, getGrantIDFromRequest, getMPConnection, getMPConnection, getMyproxyConnectionCache, getMyproxyServices, getServiceEnvironment, getTransaction, getTransactionByGrantID, getTransactionStore, hasMPConnection, hasMPConnection, isEmpty, loadProperties2, newTransaction, postprocess, realStoreUpdates, removeNotificationListener, say, shutdownCleanup, storeUpdates
loadEnvironment, processStoreCheck
CONST, debug, doGet, doPing, doPost, error, getConfigurationLoader, getEnvironment, getExceptionHandler, getFirstParameterValue, getInitialization, getMyLogger, handleException, info, init, isDebugOn, printAllParameters, resetState, setConfigurationLoader, setDebugOn, setEnvironment, setExceptionHandler, setInitialization, warn
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service
public void preprocess(TransactionState state) throws Throwable
MyProxyDelegationServlet
preprocess
in interface TransactionFilter
preprocess
in class MyProxyDelegationServlet
Throwable
protected Map<String,String> populateClaims(javax.servlet.http.HttpServletRequest request, Map<String,String> p, OA2ServiceTransaction st)
protected long computeRefreshLifetime(OA2ServiceTransaction st2)
st2
- protected boolean executeByGrant(String grantType, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws Throwable
true
is the request is serviced and false otherwise.
This is invoked in the doIt(HttpServletRequest, HttpServletResponse)
method. If a grant is given'
that is not supported in this method, the servlet should reject the request, as per the OAuth 2 spec.request
- response
- Throwable
protected void doIt(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws Throwable
doIt
in class AbstractAccessTokenServlet
Throwable
protected IssuerTransactionState doAT(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, OA2Client client) throws Throwable
Throwable
protected String getClientSecret(javax.servlet.http.HttpServletRequest request)
request
- public Client getClient(javax.servlet.http.HttpServletRequest request)
getClient
in class MyProxyDelegationServlet
request
- protected OA2ServiceTransaction getByRT(RefreshToken refreshToken) throws IOException
IOException
protected OA2TokenForge getTF2()
protected TransactionState doRefresh(OA2Client c, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException
IOException
javax.servlet.ServletException
public ServiceTransaction verifyAndGet(IssuerResponse iResponse) throws IOException
MyProxyDelegationServlet
verifyAndGet
in class MyProxyDelegationServlet
IOException
public static LinkedList<ClaimSource> setupClaimSources(OA2ServiceTransaction transaction, OA2SE oa2SE)
Copyright © 2019. All Rights Reserved.