Package org.nuxeo.ecm.platform.oauth2

Class NuxeoOAuth2Servlet

java.lang.Object

jakarta.servlet.GenericServlet

jakarta.servlet.http.HttpServlet

org.nuxeo.ecm.platform.oauth2.NuxeoOAuth2Servlet

All Implemented Interfaces:

jakarta.servlet.Servlet, jakarta.servlet.ServletConfig, Serializable

public class NuxeoOAuth2Servlet
extends jakarta.servlet.http.HttpServlet

Since:

9.2

See Also:

• Serialized Form

Field Summary

Fields

Modifier and Type	Field	Description
static final String	ACCESS_TOKEN_EXPIRATION_DURATION_PROPERTY
static final int	ACCESS_TOKEN_EXPIRATION_TIME
static final String	CLIENT_NAME
static final String	ENDPOINT_AUTH
static final String	ENDPOINT_AUTH_SUBMIT
static final String	ENDPOINT_TOKEN
static final String	ERROR_DESCRIPTION_PARAM
static final String	ERROR_JSP_PAGE_PATH
static final String	ERROR_PARAM
static final String	GRANT_ACCESS_PARAM
static final String	GRANT_JSP_PAGE_PATH
protected final OAuth2TokenStore	tokenStore

Fields inherited from class jakarta.servlet.http.HttpServlet

LEGACY_DO_HEAD

Constructor Summary

Constructors

Constructor	Description
NuxeoOAuth2Servlet()

Method Summary

Modifier and Type	Method	Description
protected void	doGet(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
protected void	doGetAuthorize(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
protected void	doGetNotAllowed(String endpoint, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
protected void	doPost(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
protected void	doPostAuthorizeSubmit(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
protected void	doPostToken(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
protected void	getAndSendToken(jakarta.servlet.http.HttpServletResponse response, String clientId, String username)
protected String	getRedirectURI(AuthorizationRequest authRequest)	Returns the redirect URI included in the given authorization request or fall back on the first one registered for the related client.
protected void	handleError(OAuth2Error error, int status, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)	Deprecated. since 2021.23, OAuth2Error now contains the status code to give to the response
protected void	handleError(OAuth2Error error, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
protected void	handleJsonError(OAuth2Error error, jakarta.servlet.http.HttpServletResponse response)
protected void	handleTokenResponse(NuxeoOAuth2Token token, jakarta.servlet.http.HttpServletResponse response)
protected void	sendRedirect(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, String redirectURI, Map<String,String> params)
protected String	storeAuthorizationRequest(AuthorizationRequest authRequest)

Methods inherited from class jakarta.servlet.http.HttpServlet

doDelete, doHead, doOptions, doPut, doTrace, getLastModified, init, service, service

Methods inherited from class jakarta.servlet.GenericServlet

destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

ENDPOINT_AUTH

public static final String ENDPOINT_AUTH

See Also:

• Constant Field Values

ENDPOINT_TOKEN

public static final String ENDPOINT_TOKEN

See Also:

• Constant Field Values

ENDPOINT_AUTH_SUBMIT

public static final String ENDPOINT_AUTH_SUBMIT

See Also:

• Constant Field Values

ERROR_PARAM

public static final String ERROR_PARAM

See Also:

• Constant Field Values

ERROR_DESCRIPTION_PARAM

public static final String ERROR_DESCRIPTION_PARAM

See Also:

• Constant Field Values

CLIENT_NAME

public static final String CLIENT_NAME

See Also:

• Constant Field Values

GRANT_JSP_PAGE_PATH

public static final String GRANT_JSP_PAGE_PATH

See Also:

• Constant Field Values

GRANT_ACCESS_PARAM

public static final String GRANT_ACCESS_PARAM

See Also:

• Constant Field Values

ERROR_JSP_PAGE_PATH

public static final String ERROR_JSP_PAGE_PATH

See Also:

• Constant Field Values

ACCESS_TOKEN_EXPIRATION_TIME

public static final int ACCESS_TOKEN_EXPIRATION_TIME

See Also:

• Constant Field Values

ACCESS_TOKEN_EXPIRATION_DURATION_PROPERTY

public static final String ACCESS_TOKEN_EXPIRATION_DURATION_PROPERTY

Since:

2021.14

See Also:

• Constant Field Values

tokenStore

protected final OAuth2TokenStore tokenStore

Constructor Details

NuxeoOAuth2Servlet

public NuxeoOAuth2Servlet()

Method Details

doGet

protected void doGet(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)
              throws jakarta.servlet.ServletException,
IOException

Overrides:

doGet in class jakarta.servlet.http.HttpServlet

Throws:

jakarta.servlet.ServletException

IOException

doPost

protected void doPost(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)
               throws jakarta.servlet.ServletException,
IOException

Overrides:

doPost in class jakarta.servlet.http.HttpServlet

Throws:

jakarta.servlet.ServletException

IOException

doGetAuthorize

protected void doGetAuthorize(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)
                       throws IOException,
jakarta.servlet.ServletException

Throws:

IOException

jakarta.servlet.ServletException

doGetNotAllowed

protected void doGetNotAllowed(String endpoint,
 jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)
                        throws IOException,
jakarta.servlet.ServletException

Throws:

IOException

jakarta.servlet.ServletException

doPostAuthorizeSubmit

protected void doPostAuthorizeSubmit(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)
                              throws IOException,
jakarta.servlet.ServletException

Throws:

IOException

jakarta.servlet.ServletException

getRedirectURI

protected String getRedirectURI(AuthorizationRequest authRequest)

Returns the redirect URI included in the given authorization request or fall back on the first one registered for the related client.

storeAuthorizationRequest

protected String storeAuthorizationRequest(AuthorizationRequest authRequest)

doPostToken

protected void doPostToken(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)
                    throws IOException

Throws:

IOException

getAndSendToken

protected void getAndSendToken(jakarta.servlet.http.HttpServletResponse response,
 String clientId,
 String username)
                        throws IOException

Throws:

IOException

handleTokenResponse

protected void handleTokenResponse(NuxeoOAuth2Token token,
 jakarta.servlet.http.HttpServletResponse response)
                            throws IOException

Throws:

IOException

handleError

protected void handleError(OAuth2Error error,
 jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)
                    throws IOException,
jakarta.servlet.ServletException

Throws:

IOException

jakarta.servlet.ServletException

handleError

@Deprecated
protected void handleError(OAuth2Error error,
 int status,
 jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)
                    throws IOException,
jakarta.servlet.ServletException

Deprecated.

since 2021.23, OAuth2Error now contains the status code to give to the response

Throws:

IOException

jakarta.servlet.ServletException

handleJsonError

protected void handleJsonError(OAuth2Error error,
 jakarta.servlet.http.HttpServletResponse response)
                        throws IOException

Throws:

IOException

sendRedirect

protected void sendRedirect(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response,
 String redirectURI,
 Map<String,String> params)
                     throws IOException

Throws:

IOException