Package org.nuxeo.ecm.platform.oauth2
Class NuxeoOAuth2Servlet
java.lang.Object
jakarta.servlet.GenericServlet
jakarta.servlet.http.HttpServlet
org.nuxeo.ecm.platform.oauth2.NuxeoOAuth2Servlet
- All Implemented Interfaces:
jakarta.servlet.Servlet,jakarta.servlet.ServletConfig,Serializable
public class NuxeoOAuth2Servlet
extends jakarta.servlet.http.HttpServlet
- Since:
- 9.2
- See Also:
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringstatic final intstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringprotected final OAuth2TokenStoreFields inherited from class jakarta.servlet.http.HttpServlet
LEGACY_DO_HEAD -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected OAuth2ErrorcheckClientSecret(String clientSecret) protected OAuth2ErrorcheckUserMatchingClient(String clientId) protected OAuth2ErrorcheckValidClient(String clientId, String clientSecret, boolean requireSecret) protected NuxeoOAuth2TokencreateToken(String clientId, String username) protected NuxeoOAuth2TokencreateToken(String clientId, String username, boolean refreshToken) protected voiddoGet(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) protected voiddoGetAuthorize(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) protected voiddoGetNotAllowed(String endpoint, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) protected voiddoPost(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) protected voiddoPostAuthorizeSubmit(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) protected voiddoPostToken(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) protected voidgetAndSendToken(jakarta.servlet.http.HttpServletResponse response, String clientId, String username) protected voidgetAndSendToken(jakarta.servlet.http.HttpServletResponse response, String clientId, String username, boolean refresh) protected StringgetRedirectURI(AuthorizationRequest authRequest) Returns the redirect URI included in the given authorization request or fall back on the first one registered for the related client.protected voidhandleError(OAuth2Error error, int status, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Deprecated.since 2021.23, OAuth2Error now contains the status code to give to the responseprotected voidhandleError(OAuth2Error error, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) protected voidhandleJsonError(OAuth2Error error, jakarta.servlet.http.HttpServletResponse response) protected voidhandleTokenResponse(NuxeoOAuth2Token token, jakarta.servlet.http.HttpServletResponse response) protected voidsendRedirect(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, String redirectURI, Map<String, String> params) protected StringstoreAuthorizationRequest(AuthorizationRequest authRequest) protected booleanuserExists(String username) Methods inherited from class jakarta.servlet.http.HttpServlet
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, init, service, serviceMethods inherited from class jakarta.servlet.GenericServlet
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log
-
Field Details
-
ENDPOINT_AUTH
- See Also:
-
ENDPOINT_TOKEN
- See Also:
-
ENDPOINT_AUTH_SUBMIT
- See Also:
-
ERROR_PARAM
- See Also:
-
ERROR_DESCRIPTION_PARAM
- See Also:
-
CLIENT_NAME
- See Also:
-
GRANT_JSP_PAGE_PATH
- See Also:
-
GRANT_ACCESS_PARAM
- See Also:
-
ERROR_JSP_PAGE_PATH
- See Also:
-
ACCESS_TOKEN_EXPIRATION_TIME
public static final int ACCESS_TOKEN_EXPIRATION_TIME- See Also:
-
ACCESS_TOKEN_EXPIRATION_DURATION_PROPERTY
- Since:
- 2021.14
- See Also:
-
tokenStore
-
-
Constructor Details
-
NuxeoOAuth2Servlet
public NuxeoOAuth2Servlet()
-
-
Method Details
-
doGet
protected void doGet(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws jakarta.servlet.ServletException, IOException - Overrides:
doGetin classjakarta.servlet.http.HttpServlet- Throws:
jakarta.servlet.ServletExceptionIOException
-
doPost
protected void doPost(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws jakarta.servlet.ServletException, IOException - Overrides:
doPostin classjakarta.servlet.http.HttpServlet- Throws:
jakarta.servlet.ServletExceptionIOException
-
doGetAuthorize
protected void doGetAuthorize(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException, jakarta.servlet.ServletException - Throws:
IOExceptionjakarta.servlet.ServletException
-
doGetNotAllowed
protected void doGetNotAllowed(String endpoint, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException, jakarta.servlet.ServletException - Throws:
IOExceptionjakarta.servlet.ServletException
-
doPostAuthorizeSubmit
protected void doPostAuthorizeSubmit(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException, jakarta.servlet.ServletException - Throws:
IOExceptionjakarta.servlet.ServletException
-
getRedirectURI
Returns the redirect URI included in the given authorization request or fall back on the first one registered for the related client. -
storeAuthorizationRequest
-
doPostToken
protected void doPostToken(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException - Throws:
IOException
-
checkValidClient
-
checkClientSecret
-
checkUserMatchingClient
-
userExists
-
getAndSendToken
protected void getAndSendToken(jakarta.servlet.http.HttpServletResponse response, String clientId, String username) throws IOException - Throws:
IOException
-
getAndSendToken
protected void getAndSendToken(jakarta.servlet.http.HttpServletResponse response, String clientId, String username, boolean refresh) throws IOException - Throws:
IOException
-
createToken
-
createToken
-
handleTokenResponse
protected void handleTokenResponse(NuxeoOAuth2Token token, jakarta.servlet.http.HttpServletResponse response) throws IOException - Throws:
IOException
-
handleError
protected void handleError(OAuth2Error error, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException, jakarta.servlet.ServletException - Throws:
IOExceptionjakarta.servlet.ServletException
-
handleError
@Deprecated protected void handleError(OAuth2Error error, int status, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException, jakarta.servlet.ServletException Deprecated.since 2021.23, OAuth2Error now contains the status code to give to the response- Throws:
IOExceptionjakarta.servlet.ServletException
-
handleJsonError
protected void handleJsonError(OAuth2Error error, jakarta.servlet.http.HttpServletResponse response) throws IOException - Throws:
IOException
-
sendRedirect
protected void sendRedirect(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, String redirectURI, Map<String, String> params) throws IOException- Throws:
IOException
-