Package org.nuxeo.ecm.platform.oauth2
Class NuxeoOAuth2Servlet
- java.lang.Object
-
- javax.servlet.GenericServlet
-
- javax.servlet.http.HttpServlet
-
- org.nuxeo.ecm.platform.oauth2.NuxeoOAuth2Servlet
-
- All Implemented Interfaces:
Serializable,javax.servlet.Servlet,javax.servlet.ServletConfig
public class NuxeoOAuth2Servlet extends javax.servlet.http.HttpServlet- Since:
- 9.2
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static StringACCESS_TOKEN_EXPIRATION_DURATION_PROPERTYstatic intACCESS_TOKEN_EXPIRATION_TIMEstatic StringCLIENT_NAMEstatic StringENDPOINT_AUTHstatic StringENDPOINT_AUTH_SUBMITstatic StringENDPOINT_TOKENstatic StringERROR_DESCRIPTION_PARAMstatic StringERROR_JSP_PAGE_PATHstatic StringERROR_PARAMstatic StringGRANT_ACCESS_PARAMstatic StringGRANT_JSP_PAGE_PATHprotected OAuth2TokenStoretokenStore
-
Constructor Summary
Constructors Constructor Description NuxeoOAuth2Servlet()
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description protected voiddoGet(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)protected voiddoGetAuthorize(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)protected voiddoGetNotAllowed(String endpoint, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)protected voiddoPost(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)protected voiddoPostAuthorizeSubmit(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)protected voiddoPostToken(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)protected voidgetAndSendToken(javax.servlet.http.HttpServletResponse response, String clientId, String username)protected StringgetRedirectURI(AuthorizationRequest authRequest)Returns the redirect URI included in the given authorization request or fall back on the first one registered for the related client.protected voidhandleError(OAuth2Error error, int status, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)Deprecated.since 2021.23, OAuth2Error now contains the status code to give to the responseprotected voidhandleError(OAuth2Error error, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)protected voidhandleJsonError(OAuth2Error error, javax.servlet.http.HttpServletResponse response)protected voidhandleTokenResponse(NuxeoOAuth2Token token, javax.servlet.http.HttpServletResponse response)protected voidsendRedirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String redirectURI, Map<String,String> params)protected StringstoreAuthorizationRequest(AuthorizationRequest authRequest)-
Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service
-
-
-
-
Field Detail
-
ENDPOINT_AUTH
public static final String ENDPOINT_AUTH
- See Also:
- Constant Field Values
-
ENDPOINT_TOKEN
public static final String ENDPOINT_TOKEN
- See Also:
- Constant Field Values
-
ENDPOINT_AUTH_SUBMIT
public static final String ENDPOINT_AUTH_SUBMIT
- See Also:
- Constant Field Values
-
ERROR_PARAM
public static final String ERROR_PARAM
- See Also:
- Constant Field Values
-
ERROR_DESCRIPTION_PARAM
public static final String ERROR_DESCRIPTION_PARAM
- See Also:
- Constant Field Values
-
CLIENT_NAME
public static final String CLIENT_NAME
- See Also:
- Constant Field Values
-
GRANT_JSP_PAGE_PATH
public static final String GRANT_JSP_PAGE_PATH
- See Also:
- Constant Field Values
-
GRANT_ACCESS_PARAM
public static final String GRANT_ACCESS_PARAM
- See Also:
- Constant Field Values
-
ERROR_JSP_PAGE_PATH
public static final String ERROR_JSP_PAGE_PATH
- See Also:
- Constant Field Values
-
ACCESS_TOKEN_EXPIRATION_TIME
public static final int ACCESS_TOKEN_EXPIRATION_TIME
- See Also:
- Constant Field Values
-
ACCESS_TOKEN_EXPIRATION_DURATION_PROPERTY
public static final String ACCESS_TOKEN_EXPIRATION_DURATION_PROPERTY
- Since:
- 2021.14
- See Also:
- Constant Field Values
-
tokenStore
protected final OAuth2TokenStore tokenStore
-
-
Method Detail
-
doGet
protected void doGet(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws javax.servlet.ServletException, IOException- Overrides:
doGetin classjavax.servlet.http.HttpServlet- Throws:
javax.servlet.ServletExceptionIOException
-
doPost
protected void doPost(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws javax.servlet.ServletException, IOException- Overrides:
doPostin classjavax.servlet.http.HttpServlet- Throws:
javax.servlet.ServletExceptionIOException
-
doGetAuthorize
protected void doGetAuthorize(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException- Throws:
IOExceptionjavax.servlet.ServletException
-
doGetNotAllowed
protected void doGetNotAllowed(String endpoint, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException
- Throws:
IOExceptionjavax.servlet.ServletException
-
doPostAuthorizeSubmit
protected void doPostAuthorizeSubmit(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException- Throws:
IOExceptionjavax.servlet.ServletException
-
getRedirectURI
protected String getRedirectURI(AuthorizationRequest authRequest)
Returns the redirect URI included in the given authorization request or fall back on the first one registered for the related client.
-
storeAuthorizationRequest
protected String storeAuthorizationRequest(AuthorizationRequest authRequest)
-
doPostToken
protected void doPostToken(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException- Throws:
IOException
-
getAndSendToken
protected void getAndSendToken(javax.servlet.http.HttpServletResponse response, String clientId, String username) throws IOException- Throws:
IOException
-
handleTokenResponse
protected void handleTokenResponse(NuxeoOAuth2Token token, javax.servlet.http.HttpServletResponse response) throws IOException
- Throws:
IOException
-
handleError
protected void handleError(OAuth2Error error, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException
- Throws:
IOExceptionjavax.servlet.ServletException
-
handleError
@Deprecated protected void handleError(OAuth2Error error, int status, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException
Deprecated.since 2021.23, OAuth2Error now contains the status code to give to the response- Throws:
IOExceptionjavax.servlet.ServletException
-
handleJsonError
protected void handleJsonError(OAuth2Error error, javax.servlet.http.HttpServletResponse response) throws IOException
- Throws:
IOException
-
sendRedirect
protected void sendRedirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String redirectURI, Map<String,String> params) throws IOException- Throws:
IOException
-
-