Package org.nuxeo.ecm.platform.oauth2
Class NuxeoOAuth2Servlet
java.lang.Object
javax.servlet.GenericServlet
javax.servlet.http.HttpServlet
org.nuxeo.ecm.platform.oauth2.NuxeoOAuth2Servlet
- All Implemented Interfaces:
Serializable,javax.servlet.Servlet,javax.servlet.ServletConfig
public class NuxeoOAuth2Servlet
extends javax.servlet.http.HttpServlet
- Since:
- 9.2
- See Also:
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected OAuth2ErrorcheckClientSecret(String clientSecret) protected OAuth2ErrorcheckUserMatchingClient(String clientId) protected OAuth2ErrorcheckValidClient(String clientId, String clientSecret, boolean requireSecret) protected NuxeoOAuth2TokencreateToken(String clientId, String username) protected NuxeoOAuth2TokencreateToken(String clientId, String username, boolean refreshToken) protected voiddoGet(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) protected voiddoGetAuthorize(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) protected voiddoGetNotAllowed(String endpoint, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) protected voiddoPost(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) protected voiddoPostAuthorizeSubmit(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) protected voiddoPostToken(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) protected voidgetAndSendToken(javax.servlet.http.HttpServletResponse response, String clientId, String username) protected voidgetAndSendToken(javax.servlet.http.HttpServletResponse response, String clientId, String username, boolean refresh) protected StringgetRedirectURI(AuthorizationRequest authRequest) Returns the redirect URI included in the given authorization request or fall back on the first one registered for the related client.protected voidhandleError(OAuth2Error error, int status, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Deprecated.since 2021.23, OAuth2Error now contains the status code to give to the responseprotected voidhandleError(OAuth2Error error, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) protected voidhandleJsonError(OAuth2Error error, javax.servlet.http.HttpServletResponse response) protected voidhandleTokenResponse(NuxeoOAuth2Token token, javax.servlet.http.HttpServletResponse response) protected voidsendRedirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String redirectURI, Map<String, String> params) protected StringstoreAuthorizationRequest(AuthorizationRequest authRequest) protected booleanuserExists(String username) Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, serviceMethods inherited from class javax.servlet.GenericServlet
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, init, log, log
-
Field Details
-
ENDPOINT_AUTH
- See Also:
-
ENDPOINT_TOKEN
- See Also:
-
ENDPOINT_AUTH_SUBMIT
- See Also:
-
ERROR_PARAM
- See Also:
-
ERROR_DESCRIPTION_PARAM
- See Also:
-
CLIENT_NAME
- See Also:
-
GRANT_JSP_PAGE_PATH
- See Also:
-
GRANT_ACCESS_PARAM
- See Also:
-
ERROR_JSP_PAGE_PATH
- See Also:
-
ACCESS_TOKEN_EXPIRATION_TIME
public static final int ACCESS_TOKEN_EXPIRATION_TIME- See Also:
-
ACCESS_TOKEN_EXPIRATION_DURATION_PROPERTY
- Since:
- 2021.14
- See Also:
-
tokenStore
-
-
Constructor Details
-
NuxeoOAuth2Servlet
public NuxeoOAuth2Servlet()
-
-
Method Details
-
doGet
protected void doGet(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws javax.servlet.ServletException, IOException - Overrides:
doGetin classjavax.servlet.http.HttpServlet- Throws:
javax.servlet.ServletExceptionIOException
-
doPost
protected void doPost(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws javax.servlet.ServletException, IOException - Overrides:
doPostin classjavax.servlet.http.HttpServlet- Throws:
javax.servlet.ServletExceptionIOException
-
doGetAuthorize
protected void doGetAuthorize(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException - Throws:
IOExceptionjavax.servlet.ServletException
-
doGetNotAllowed
protected void doGetNotAllowed(String endpoint, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException - Throws:
IOExceptionjavax.servlet.ServletException
-
doPostAuthorizeSubmit
protected void doPostAuthorizeSubmit(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException - Throws:
IOExceptionjavax.servlet.ServletException
-
getRedirectURI
Returns the redirect URI included in the given authorization request or fall back on the first one registered for the related client. -
storeAuthorizationRequest
-
doPostToken
protected void doPostToken(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException - Throws:
IOException
-
checkValidClient
-
checkClientSecret
-
checkUserMatchingClient
-
userExists
-
getAndSendToken
protected void getAndSendToken(javax.servlet.http.HttpServletResponse response, String clientId, String username) throws IOException - Throws:
IOException
-
getAndSendToken
protected void getAndSendToken(javax.servlet.http.HttpServletResponse response, String clientId, String username, boolean refresh) throws IOException - Throws:
IOException
-
createToken
-
createToken
-
handleTokenResponse
protected void handleTokenResponse(NuxeoOAuth2Token token, javax.servlet.http.HttpServletResponse response) throws IOException - Throws:
IOException
-
handleError
protected void handleError(OAuth2Error error, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException - Throws:
IOExceptionjavax.servlet.ServletException
-
handleError
@Deprecated protected void handleError(OAuth2Error error, int status, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException Deprecated.since 2021.23, OAuth2Error now contains the status code to give to the response- Throws:
IOExceptionjavax.servlet.ServletException
-
handleJsonError
protected void handleJsonError(OAuth2Error error, javax.servlet.http.HttpServletResponse response) throws IOException - Throws:
IOException
-
sendRedirect
protected void sendRedirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String redirectURI, Map<String, String> params) throws IOException- Throws:
IOException
-