Package org.nuxeo.ecm.platform.oauth2.openid.auth

Class OpenIDConnectAuthenticator

java.lang.Object

org.nuxeo.ecm.platform.oauth2.openid.auth.OpenIDConnectAuthenticator

All Implemented Interfaces:

NuxeoAuthenticationPlugin

public class OpenIDConnectAuthenticator
extends Object
implements NuxeoAuthenticationPlugin

Authenticator using OpenID to retrieve user identity.

Author:

Nelson Silva

Field Summary

Fields

Modifier and Type	Field	Description
static String	CODE_URL_PARAM_NAME
static String	ERROR_URL_PARAM_NAME
static String	PROPERTY_OAUTH_CREATE_USER
static String	PROPERTY_SKIP_OAUTH_TOKEN
static String	PROVIDER_URL_PARAM_NAME
static String	STATE_SESSION_ATTRIBUTE
static String	STATE_URL_PARAM_NAME
static String	USERINFO_KEY

Constructor Summary

Constructors

Constructor	Description
OpenIDConnectAuthenticator()

Method Summary

Modifier and Type	Method	Description
List<String>	getUnAuthenticatedURLPrefix()	Returns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.
Boolean	handleLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String baseURL)	Handles the Login Prompt.
UserIdentificationInfo	handleRetrieveIdentity(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)	Retrieves user identification information from the request.
void	initPlugin(Map<String,String> parameters)	Initializes the Plugin from parameters set in the XML descriptor.
Boolean	needLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest)	Defines if the authentication plugin needs to do a login prompt.
UserIdentificationInfo	retrieveIdentityFromOAuth(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
protected void	sendError(javax.servlet.http.HttpServletRequest req, String msg)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

STATE_URL_PARAM_NAME

public static final String STATE_URL_PARAM_NAME

See Also:

Constant Field Values

STATE_SESSION_ATTRIBUTE

public static final String STATE_SESSION_ATTRIBUTE

See Also:

Constant Field Values

CODE_URL_PARAM_NAME

public static final String CODE_URL_PARAM_NAME

See Also:

Constant Field Values

ERROR_URL_PARAM_NAME

public static final String ERROR_URL_PARAM_NAME

See Also:

Constant Field Values

PROVIDER_URL_PARAM_NAME

public static final String PROVIDER_URL_PARAM_NAME

See Also:

Constant Field Values

USERINFO_KEY

public static final String USERINFO_KEY

See Also:

Constant Field Values

PROPERTY_OAUTH_CREATE_USER

public static final String PROPERTY_OAUTH_CREATE_USER

See Also:

Constant Field Values

PROPERTY_SKIP_OAUTH_TOKEN

public static final String PROPERTY_SKIP_OAUTH_TOKEN

See Also:

Constant Field Values

Constructor Detail

OpenIDConnectAuthenticator

public OpenIDConnectAuthenticator()

Method Detail

sendError

protected void sendError(javax.servlet.http.HttpServletRequest req,
                         String msg)

retrieveIdentityFromOAuth

public UserIdentificationInfo retrieveIdentityFromOAuth(javax.servlet.http.HttpServletRequest req,
                                                        javax.servlet.http.HttpServletResponse resp)

getUnAuthenticatedURLPrefix

public List<String> getUnAuthenticatedURLPrefix()

Description copied from interface: NuxeoAuthenticationPlugin

Returns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.

Specified by:

getUnAuthenticatedURLPrefix in interface NuxeoAuthenticationPlugin

handleRetrieveIdentity

public UserIdentificationInfo handleRetrieveIdentity(javax.servlet.http.HttpServletRequest httpRequest,
                                                     javax.servlet.http.HttpServletResponse httpResponse)

Description copied from interface: NuxeoAuthenticationPlugin

Retrieves user identification information from the request.

Specified by:

handleRetrieveIdentity in interface NuxeoAuthenticationPlugin

Parameters:

httpRequest - the request

httpResponse - the response

handleLoginPrompt

public Boolean handleLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest,
                                 javax.servlet.http.HttpServletResponse httpResponse,
                                 String baseURL)

Description copied from interface: NuxeoAuthenticationPlugin

Handles the Login Prompt.

Specified by:

handleLoginPrompt in interface NuxeoAuthenticationPlugin

Parameters:

httpRequest - the request

httpResponse - the response

Returns:

true if AuthFilter must stop execution (ie: login prompt generated a redirect), false otherwise

needLoginPrompt

public Boolean needLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest)

Description copied from interface: NuxeoAuthenticationPlugin

Defines if the authentication plugin needs to do a login prompt.

Specified by:

needLoginPrompt in interface NuxeoAuthenticationPlugin

Returns:

true if LoginPrompt is used

initPlugin

public void initPlugin(Map<String,String> parameters)

Description copied from interface: NuxeoAuthenticationPlugin

Initializes the Plugin from parameters set in the XML descriptor.

Specified by:

initPlugin in interface NuxeoAuthenticationPlugin