public class RevocationServlet extends MyProxyDelegationServlet
Note that according to this spec., revoking one of these implies revoking everything associated with it so that a user may, in effect, performa alogout at some other service. This means in our case that we just remove the transaction associated with the access token or the refresh token. If not token is found, that is considered a benign condition.
Also note that there is no designated endpoint for this, so we can stick it anywhere. Generally I propose revoke/ as the endpoint for the service.
Created by Jeff Gaynor
on 4/8/19 at 5:05 PM
Modifier and Type | Field and Description |
---|---|
static String |
ACCESS_TOKEN_HINT |
static String |
REFRESH_TOKEN_HINT |
static String |
REVOCATION_TOKEN |
static String |
TOKEN_TYPE_HINT |
caThread, ERROR_NOTIFICATION_BODY_KEY, ERROR_NOTIFICATION_SUBJECT_KEY, kpt, myproxyConnectionCache, myproxyConnectionCleanup, transactionCleanup
storeUpdatesDone
environment, initialization, PING_PARAMETER
Constructor and Description |
---|
RevocationServlet() |
Modifier and Type | Method and Description |
---|---|
protected void |
doError()
There is exactly one error allowed in the spec for all failures.
|
protected void |
doIt(javax.servlet.http.HttpServletRequest httpServletRequest,
javax.servlet.http.HttpServletResponse httpServletResponse) |
protected void |
doOK(javax.servlet.http.HttpServletResponse resp) |
ServiceTransaction |
verifyAndGet(IssuerResponse iResponse)
This is called after the response is received so that the system can get the approproate
transaction.
|
addNotificationListener, checkClientApproval, destroy, getAGI, getATI, getClient, getClient, getClient, getFirstParameters, getGrantIDFromRequest, getMPConnection, getMPConnection, getMyproxyConnectionCache, getMyproxyServices, getServiceEnvironment, getTransaction, getTransactionByGrantID, getTransactionStore, hasMPConnection, hasMPConnection, isEmpty, loadProperties2, newTransaction, postprocess, preprocess, realStoreUpdates, removeNotificationListener, say, shutdownCleanup, storeUpdates
loadEnvironment, processStoreCheck
CONST, debug, doGet, doPing, doPost, error, getConfigurationLoader, getEnvironment, getExceptionHandler, getFirstParameterValue, getInitialization, getMyLogger, handleException, info, init, isDebugOn, printAllParameters, resetState, setConfigurationLoader, setDebugOn, setEnvironment, setExceptionHandler, setInitialization, warn
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service
public static String REFRESH_TOKEN_HINT
public static String ACCESS_TOKEN_HINT
public static String TOKEN_TYPE_HINT
public static String REVOCATION_TOKEN
public ServiceTransaction verifyAndGet(IssuerResponse iResponse) throws IOException
MyProxyDelegationServlet
verifyAndGet
in class MyProxyDelegationServlet
IOException
protected void doError()
protected void doOK(javax.servlet.http.HttpServletResponse resp)
protected void doIt(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse) throws Throwable
doIt
in class AbstractServlet
Throwable
Copyright © 2019. All Rights Reserved.