Package com.sodius.oslc.server.oauth.services

Class OslcOAuthService

  • public class OslcOAuthService
extends Object
    Services to support necessary OAuth end-points for connectivity from a OSLC Remote Application.

    This class is recommended to be used in conjunction with RedirectOAuthHandler.

    Since:
    1.3.0
    See Also:
    RedirectOAuthHandler

    • Constructor Detail

      • OslcOAuthService

        public OslcOAuthService()

    • Method Detail

      • getDefaultLoginPageLocation

        public static URI getDefaultLoginPageLocation​(HttpServletRequest request,
                                              String relativePath)
                                       throws IOException
        Returns the URL of the default login page, given the relative path to the OAuth services.

        This method appends the given relative path to the context path of the HTTP request to obtain an absolute URL. It also adds those query parameters:

        • oauth_token - the OAuth request token, if any.
        • callback - the given HTTP request URL, to redirect to once login is completed.

        Note that most connectors are rather expected to use the login screen provided by the underlying application. This login screen is mostly for demonstration purpose.

        Parameters:
        request - the HTTP request.
        relativePath - the relative path to the login page, e.g. "/oauth/login".
        Returns:
        the URL of the login page.
        Throws:
        IOException - on I/O errors.
        Since:
        2.0.0

      • generateAccessToken

        public static void generateAccessToken​(HttpServletRequest httpRequest,
                                       HttpServletResponse httpResponse)
                                throws IOException,
                                       ServletException
        Responds with an access token, exchanged from a request token and upon authorization.

        The generation of the access token is usually directly handled by an end point provided by this class. Some connectors might need to perform this generation directly at HTTP filter level, so that the underlying application does not intercept the request and tries handling it on its own, thus conflicting with the OAuth capabilities provided by the connector.

        Parameters:
        httpRequest - the HTTP request.
        httpResponse - the HTTP response
        Throws:
        IOException - on I/O errors
        ServletException - on servlet errors
        Since:
        2.0.0

      • approveRequestToken

        public Response approveRequestToken​(String requestToken)
                             throws IOException,
                                    ServletException
        Approves a request token, once user has authenticated and granted remote application to access data from the connector application. This is intended to be invoked by an XHR on the OAuth access authorization page.
        Parameters:
        requestToken - the request token to approve, for future exchange with an access token.
        Returns:
        the response
        Throws:
        IOException - on I/O errors
        ServletException - on internal errors validating the request

      • login

        public Response login​(String id,
                      String password,
                      String requestToken)
        Validates the ID and password on the authentication form. This is intended to be invoked by an XHR on the login page.
        Parameters:
        id - the user ID.
        password - the user password.
        requestToken - the OAuth request token
        Returns:
        the response, 409 if login failed or 204 if successful

      • callback

        public Response callback​(String verifierId,
                         String verifier,
                         String redirect)
                  throws IOException,
                         ServletException
        Implements the OAuth callback end-point, called by the remote application once user has successfully logged in and OAuth dance can be resumed.

        This method stores the approved OAuth connection. It then replies with a temporary redirect to the specified redirect location, if any, or forwards to another resource (servlet, JSP or HTML file).

        Parameters:
        verifierId - the identity of the verifier.
        verifier - the OAuth verifier, approving the specified verifier id.
        redirect - the URL the application should redirect to, null if none.
        Returns:
        a HTTP redirection to redirect page, if any, or the content of the callback page.
        Throws:
        IOException - if the target resource throws this exception.
        ServletException - if the target resource throws this exception.

      • generateProvisionalConsumerKey

        public Response generateProvisionalConsumerKey()
                                        throws IOException
        Generates a provisional consumer key. This provisional key must be later approved by an administrator.
        Returns:
        a JSON response with the provisional key
        Throws:
        IOException - on I/O errors
        See Also:
        Jazz Root Services Spec Addendum2

      • showApproveProvisionalConsumerPage

        public Response showApproveProvisionalConsumerPage​(String key)
                                            throws IOException,
                                                   ServletException
        Shows the approval page for a provisional consumer.
        Parameters:
        key - the consumer key.
        Returns:
        the approval consumer page.
        Throws:
        IOException - on I/O errors
        ServletException - on internal errors validating the request

      • approveProvisionalConsumer

        public Response approveProvisionalConsumer​(String consumerName,
                                           String consumerKey,
                                           boolean trusted,
                                           boolean approve)
                                    throws ServletException,
                                           IOException
        Approves or rejects the given provisional consumer key. This is intended to be invoked by an XHR on the consumer approval page.
        Parameters:
        consumerName - the consumer name.
        consumerKey - the consumer key.
        trusted - whether the consumer key becomes trusted.
        approve - true if the consumer is approved, false if it is rejected.
        Returns:
        the response.
        Throws:
        IOException - on I/O errors
        ServletException - on internal errors validating the request