Class OAuthFilter
- java.lang.Object
-
- com.sodius.oslc.server.services.HttpFilter
-
- com.sodius.oslc.server.oauth.services.OAuthFilter
-
- All Implemented Interfaces:
Filter
public abstract class OAuthFilter extends HttpFilter
A filter that configures a OAuthServer and ensures requests requiring restricted access are authenticated. Possible authentications are:- OAuth - check for valid Access token or perform the OAuth dance
- Basic - check for valid user credentials
- Session - if no Authorization header on the request, use the OAuthIdentity from the HTTP session, if any
com.sodius.oslc.server.accessControlextension point to indicate servlet paths that require authentication of those which can be freely accessed.If the OSLC provider application does not run in an OSGi container, the access control should be done by overriding the
isProtected(HttpServletRequest request)method.Starting the 3.3.0 version, this class requires an
OAuthIdentityTokenStrategyimplementationset as the token strategyto work properly and usesClusterableTokenStrategyby default. The tokens cache expiration is now defined byCacheConfiguration.OAUTH_TOKENScache configuration instead of theOptions.OAUTH_TOKEN_CACHE_DURATIONcontext parameter.- Since:
- 1.3.0
- See Also:
OAuthServer.getInstance(ServletContext)
-
-
Constructor Summary
Constructors Modifier Constructor Description protectedOAuthFilter()Creates a new instance of the filter.
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected abstract OAuthApplicationcreateOAuthApplication(ServletContext context)Creates a new OAuth Application given the specified servlet context.protected abstract OAuthServercreateOAuthServer(ServletContext context)Creates a new OAuth Server given the specified servlet context.protected voiddoFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain)If the servlet being accessed requires user authentication, this filter performs the authentication challenge.protected Optional<OAuthIdentity>getLoggedInUser(HttpServletRequest request)Gets the identity of the user currently logged in the application,nullif none is found.voidinit(FilterConfig filterConfig)Initialization is realized by configuring instances of OAuthServer and OAuthApplication for the given servlet context.protected booleanisProtected(HttpServletRequest request)Determines whether a request URI requires user authentication.-
Methods inherited from class com.sodius.oslc.server.services.HttpFilter
destroy, doFilter, handleOslcError
-
-
-
-
Method Detail
-
init
public void init(FilterConfig filterConfig) throws ServletException
Initialization is realized by configuring instances of OAuthServer and OAuthApplication for the given servlet context. Once this filter is initialized, theOAuthServer.getInstance(request)method can safely be used.- Specified by:
initin interfaceFilter- Overrides:
initin classHttpFilter- Parameters:
filterConfig- the configuration of the filter.- Throws:
ServletException- not thrown by this implementation.- See Also:
createOAuthServer(ServletContext),createOAuthApplication(ServletContext),OAuthServer.getInstance(ServletContext)
-
createOAuthServer
protected abstract OAuthServer createOAuthServer(ServletContext context) throws ServletException
Creates a new OAuth Server given the specified servlet context.- Parameters:
context- the servlet context.- Returns:
- the created OAuth Server.
- Throws:
ServletException- if an error occurred while creating an instance.
-
createOAuthApplication
protected abstract OAuthApplication createOAuthApplication(ServletContext context) throws ServletException
Creates a new OAuth Application given the specified servlet context.- Parameters:
context- the servlet context.- Returns:
- the created OAuth Application
- Throws:
ServletException- if an error occurred while creating an instance.
-
isProtected
protected boolean isProtected(HttpServletRequest request)
Determines whether a request URI requires user authentication.This is a default implementation that requires an OSGi container, and is based on the
com.sodius.oslc.server.accessControlextension point.- Parameters:
request- the HTTP servlet request- Returns:
- true if the request requires an authentication, false otherwise
- Since:
- 1.8.0
-
doFilter
protected void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException
If the servlet being accessed requires user authentication, this filter performs the authentication challenge.An OSLC provider application can register extensions of the
com.sodius.oslc.server.accessControlextension point to indicate servlet paths that require authentication of those which can be freely accessed.- Specified by:
doFilterin classHttpFilter- Parameters:
request- the request.response- the response.chain- the filter chain to process.- Throws:
IOException- if an I/O error occurs.ServletException- if the filter execution fails.
-
getLoggedInUser
protected Optional<OAuthIdentity> getLoggedInUser(HttpServletRequest request)
Gets the identity of the user currently logged in the application,nullif none is found.- Parameters:
request- the HTTP request- Returns:
- the logged-in user identity
- Since:
- 2.1.0
-
-