Package com.sodius.oslc.server.oauth

Class OAuthServer

  • public abstract class OAuthServer
extends Object
    The central place for OAuth capabilities provided on server side.

    This class is recommended to be used in conjunction with OAuthFilter.

    Since:
    1.3.0
    See Also:
    OAuthFilter

    • Constructor Detail

      • OAuthServer

        protected OAuthServer​(ServletContext context)
        Creates a new instance of the specified servlet context.
        Parameters:
        context - the servlet context.

    • Method Detail

      • getInstance

        @Deprecated(since="3.8.0",
            forRemoval=false)
public static OAuthServer getInstance​(ServletContext context)
        Deprecated.
        use getInstance(), the servlet context does not bring value here
        Returns the singleton instance configured for the specified servlet context. This method can safely be called once OAuthFilter has been initialized or setInstance(OAuthServer) was called.
        Parameters:
        context - the servlet context.
        Returns:
        the singleton OAuth Server.
        Throws:
        WebApplicationException - if OAuthServer was not initialized by OAuthFilter

      • setInstance

        public static void setInstance​(OAuthServer oauthServer)
        Replaces the current server instance with the given one.

        This initialization is performed by the OAuthFilter. This method shall be called explicitly only in the event the initialization is to perform before OAuthFilter is even executed.

        Parameters:
        oauthServer - the new server instance
        Since:
        3.8.0

      • getFriendStore

        public final FriendStore getFriendStore()
        Returns the store controlling the OAuth friends registered for this server.
        Returns:
        the friend store.

      • createFriendStore

        protected abstract FriendStore createFriendStore​(ServletContext context)
        Creates the store that manages the registered OAuth friends.
        Parameters:
        context - the servlet context.
        Returns:
        the created store.

      • getFriendProvider

        public final FriendProvider getFriendProvider()
        Returns a provider of friends, used to instantiate OAuth OSLC clients.
        Returns:
        a provider of friends for OAuth OSLC clients.
        See Also:
        OAuthStore

      • getConsumerStore

        public final org.eclipse.lyo.server.oauth.core.consumer.ConsumerStore getConsumerStore()
        Returns the store controlling the OAuth consumers registered for this server.
        Returns:
        the consumer store.

      • createConsumerStore

        protected abstract org.eclipse.lyo.server.oauth.core.consumer.ConsumerStore createConsumerStore​(ServletContext context)
        Creates the store that manages the registered OAuth consumers.
        Parameters:
        context - the servlet context.
        Returns:
        the created store.

      • getClientFactory

        public OslcClientFactory getClientFactory​(HttpServletRequest request)
        Returns a factory to create an OslcClient associated to the specified request.

        The factory is stored in the request attributes, so that it's reused on a successive calls. The factory creates clients that can be safely used in concurrent threads.

        The factory uses the friends configured in the friend store of this server instance. It uses the OAuthHandler provided by this server instance to handle user authorization.

        Parameters:
        request - the servlet request.
        Returns:
        a factory to create OslcClient instances.
        See Also:
        getFriendProvider(), createOAuthHandler(HttpServletRequest)

      • getClientFactory

        public OslcClientFactory getClientFactory​(OAuthIdentity identity)
        Returns a factory to create an OslcClient for the given user identity. This factory can be used when no HTTP incoming request is known. If a request is accessible, prefer using getClientFactory(HttpServletRequest) which provides more features.

        This factory is limited to existing OAuth tokens yet acquired for the given user identity, through getClientFactory(HttpServletRequest) in regular OSLC flows. It implies outgoing requests executed with OSLC clients built with this factory will be rejected with HTTP 401, if there's not yet a valid OAuth token for the given friend application.

        The factory creates clients that can be safely used in concurrent threads.

        Parameters:
        identity - the user identity for which OAuth tokens were acquired
        Returns:
        a factory to create OslcClient instances.
        Since:
        3.8.0

      • createOAuthHandler

        protected abstract OAuthHandler createOAuthHandler​(HttpServletRequest request)
        Creates a handler to manage user authorization to access remote OSLC applications. The handler is used by the OSLC client factory provided by this server instance to access remote applications.

        Subclasses are recommended to create a RedirectOAuthHandler instance.

        Parameters:
        request - the servlet request
        Returns:
        a OAuthHandler to manage user authorization to access remote OSLC applications.
        See Also:
        getClientFactory(HttpServletRequest), RedirectOAuthHandler

      • validateAdministratorAccess

        public void validateAdministratorAccess​(HttpServletRequest request)
        Verifies the user performing the request is an administrator. Throws a WebApplicationException if the current user is not an administrator.
        Parameters:
        request - the request which requires administrator access.
        Throws:
        WebApplicationException - if the current user is not an administrator.