Class AbstractOAuthDataProvider
java.lang.Object
org.apache.cxf.rs.security.oauth2.provider.AbstractOAuthDataProvider
- All Implemented Interfaces:
ClientRegistrationProvider,OAuthDataProvider
- Direct Known Subclasses:
AbstractAuthorizationCodeDataProvider,AbstractCodeDataProvider,DefaultEncryptingOAuthDataProvider,JCacheOAuthDataProvider,JPAOAuthDataProvider
public abstract class AbstractOAuthDataProvider
extends Object
implements OAuthDataProvider, ClientRegistrationProvider
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected booleanauthenticateUnregisteredClient(String clientId, String clientSecret) protected voidcheckRequestedScopes(Client client, List<String> requestedScopes) voidclose()convertScopeToPermissions(Client client, List<String> requestedScopes) Converts the requested scopes to the list of permissions.protected voidconvertSingleScopeToPermission(Client client, String scope, List<OAuthPermission> perms) protected voidCreate access tokenprotected ClientcreateClientCredentialsClient(String clientId, String password) protected JwtClaimsprotected ServerAccessTokencreateNewAccessToken(Client client, UserSubject userSub) protected RefreshTokenprotected ServerAccessTokendoCreateAccessToken(List<String> audiences, Client client, String clientCodeVerifier, Map<String, String> extraProperties, String grantCode, String grantType, String nonce, String responseType, List<OAuthPermission> scopes, UserSubject userSubject) protected ServerAccessTokenprotected RefreshTokenprotected abstract ClientdoGetClient(String clientId) protected ServerAccessTokendoRefreshAccessToken(Client client, RefreshToken oldRefreshToken, List<String> restrictedScopes) protected abstract voidprotected abstract voiddoRevokeAccessToken(ServerAccessToken accessToken) protected abstract voiddoRevokeRefreshToken(RefreshToken refreshToken) Returns the previously registered third-partyClientprotected Stringprotected StringgetPreauthorizedToken(Client client, List<String> requestedScopes, UserSubject sub, String grantType) Get preauthorized access tokenprotected abstract RefreshTokengetRefreshToken(String refreshTokenKey) protected voidhandleLinkedRefreshToken(Client client, ServerAccessToken accessToken) voidinit()protected static booleanisClientMatched(Client c, UserSubject resourceOwner) booleanbooleanprotected booleanisRefreshTokenSupported(List<String> theScopes) booleanprotected static booleanisTokenMatched(ServerAccessToken token, Client c, UserSubject sub) booleanprotected voidprotected voidprotected StringprocessJwtAccessToken(JwtClaims jwtCliams) refreshAccessToken(Client client, String refreshTokenKey, List<String> restrictedScopes) Refresh access tokenremoveClient(String clientId) Remove a Client with the given idprotected voidprotected ServerAccessTokenrevokeAccessToken(Client client, String accessTokenKey) protected voidrevokeAccessTokens(Client client, RefreshToken currentRefreshToken) protected RefreshTokenrevokeRefreshToken(Client client, String refreshTokenKey) voidrevokeToken(Client client, String tokenKey, String tokenTypeHint) Revokes a refresh or access tokenprotected abstract voidsaveAccessToken(ServerAccessToken serverToken) protected abstract voidsaveRefreshToken(RefreshToken refreshToken) voidsetAccessTokenLifetime(long accessTokenLifetime) voidsetAuthenticationStrategy(ProviderAuthenticationStrategy authenticationStrategy) voidsetClients(List<Client> clients) voidsetDefaultScopes(List<String> defaultScopes) voidsetInvisibleToClientScopes(List<String> invisibleToClientScopes) voidvoidsetJwtAccessTokenClaimMap(Map<String, String> jwtAccessTokenClaimMap) voidsetJwtAccessTokenProducer(OAuthJoseJwtProducer jwtAccessTokenProducer) voidsetMessageContext(MessageContext messageContext) voidsetPermissionMap(Map<String, OAuthPermission> permissionMap) voidsetPersistJwtEncoding(boolean persistJwtEncoding) voidsetRecycleRefreshTokens(boolean recycleRefreshTokens) voidsetRefreshTokenLifetime(long refreshTokenLifetime) voidsetRequiredScopes(List<String> requiredScopes) voidsetSupportedScopes(Map<String, String> scopes) voidsetSupportPreauthorizedTokens(boolean supportPreauthorizedTokens) voidsetUseJwtFormatForAccessTokens(boolean useJwtFormatForAccessTokens) protected voidunlinkRefreshAccessToken(RefreshToken rt, String tokenKey) protected RefreshTokenprotected RefreshTokenMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.apache.cxf.rs.security.oauth2.provider.ClientRegistrationProvider
getClients, setClientMethods inherited from interface org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider
getAccessToken, getAccessTokens, getRefreshTokens
-
Constructor Details
-
AbstractOAuthDataProvider
protected AbstractOAuthDataProvider()
-
-
Method Details
-
createAccessToken
public ServerAccessToken createAccessToken(AccessTokenRegistration reg) throws OAuthServiceException Description copied from interface:OAuthDataProviderCreate access token- Specified by:
createAccessTokenin interfaceOAuthDataProvider- Parameters:
reg- the token registration info- Returns:
- AccessToken
- Throws:
OAuthServiceException
-
doCreateAccessToken
-
doCreateAccessToken
protected ServerAccessToken doCreateAccessToken(List<String> audiences, Client client, String clientCodeVerifier, Map<String, String> extraProperties, String grantCode, String grantType, String nonce, String responseType, List<OAuthPermission> scopes, UserSubject userSubject) -
createJwtAccessToken
-
convertToJWTAccessToken
-
createNewAccessToken
-
refreshAccessToken
public ServerAccessToken refreshAccessToken(Client client, String refreshTokenKey, List<String> restrictedScopes) throws OAuthServiceException Description copied from interface:OAuthDataProviderRefresh access token- Specified by:
refreshAccessTokenin interfaceOAuthDataProvider- Parameters:
client- the clientrefreshTokenKey- refresh token keyrestrictedScopes- the scopes requested by the client- Returns:
- AccessToken
- Throws:
OAuthServiceException
-
revokeToken
public void revokeToken(Client client, String tokenKey, String tokenTypeHint) throws OAuthServiceException Description copied from interface:OAuthDataProviderRevokes a refresh or access token- Specified by:
revokeTokenin interfaceOAuthDataProvider- Parameters:
client- the clienttokenKey- token identifiertokenTypeHint- can be access_token or refresh_token or null- Throws:
OAuthServiceException
-
handleLinkedRefreshToken
-
revokeAccessTokens
-
unlinkRefreshAccessToken
-
convertScopeToPermissions
Description copied from interface:OAuthDataProviderConverts the requested scopes to the list of permissions. The scopes are extracted from OAuth2 'scope' property which if set may contain one or more space separated scope values- Specified by:
convertScopeToPermissionsin interfaceOAuthDataProviderrequestedScopes- the scopes- Returns:
- list of permissions
-
checkRequestedScopes
-
convertSingleScopeToPermission
protected void convertSingleScopeToPermission(Client client, String scope, List<OAuthPermission> perms) -
getPreauthorizedToken
public ServerAccessToken getPreauthorizedToken(Client client, List<String> requestedScopes, UserSubject sub, String grantType) throws OAuthServiceException Description copied from interface:OAuthDataProviderGet preauthorized access token- Specified by:
getPreauthorizedTokenin interfaceOAuthDataProvider- Parameters:
client- ClientrequestedScopes- the scopes requested by the clientsub- End User subject- Returns:
- AccessToken access token
- Throws:
OAuthServiceException
-
isRefreshTokenSupported
-
getCurrentRequestedGrantType
-
getCurrentClientSecret
-
getCurrentTokenRequestParams
-
updateExistingRefreshToken
-
updateRefreshToken
-
createNewRefreshToken
-
doCreateNewRefreshToken
-
linkAccessTokenToRefreshToken
-
linkRefreshTokenToAccessToken
-
doRefreshAccessToken
protected ServerAccessToken doRefreshAccessToken(Client client, RefreshToken oldRefreshToken, List<String> restrictedScopes) -
setAccessTokenLifetime
public void setAccessTokenLifetime(long accessTokenLifetime) -
setRefreshTokenLifetime
public void setRefreshTokenLifetime(long refreshTokenLifetime) -
setRecycleRefreshTokens
public void setRecycleRefreshTokens(boolean recycleRefreshTokens) -
isRecycleRefreshTokens
public boolean isRecycleRefreshTokens() -
init
public void init() -
close
public void close() -
getPermissionMap
-
setPermissionMap
-
setSupportedScopes
-
getMessageContext
-
setMessageContext
-
removeClientTokens
-
removeClient
Description copied from interface:ClientRegistrationProviderRemove a Client with the given id- Specified by:
removeClientin interfaceClientRegistrationProvider- Parameters:
clientId- the client id- Returns:
- Client
-
getClient
Description copied from interface:OAuthDataProviderReturns the previously registered third-partyClient- Specified by:
getClientin interfaceClientRegistrationProvider- Specified by:
getClientin interfaceOAuthDataProvider- Parameters:
clientId- the client id- Returns:
- Client
-
setAuthenticationStrategy
-
authenticateUnregisteredClient
-
createClientCredentialsClient
-
revokeAccessToken
-
revokeRefreshToken
-
saveAccessToken
-
saveRefreshToken
-
doRevokeAccessToken
-
doRevokeRefreshToken
-
getRefreshToken
-
doGetClient
-
doRemoveClient
-
getDefaultScopes
-
setDefaultScopes
-
getRequiredScopes
-
setRequiredScopes
-
getInvisibleToClientScopes
-
setInvisibleToClientScopes
-
isSupportPreauthorizedTokens
public boolean isSupportPreauthorizedTokens() -
setSupportPreauthorizedTokens
public void setSupportPreauthorizedTokens(boolean supportPreauthorizedTokens) -
isClientMatched
-
isTokenMatched
-
setClients
-
isUseJwtFormatForAccessTokens
public boolean isUseJwtFormatForAccessTokens() -
setUseJwtFormatForAccessTokens
public void setUseJwtFormatForAccessTokens(boolean useJwtFormatForAccessTokens) -
getJwtAccessTokenProducer
-
setJwtAccessTokenProducer
-
processJwtAccessToken
-
getJwtAccessTokenClaimMap
-
setJwtAccessTokenClaimMap
-
isPersistJwtEncoding
public boolean isPersistJwtEncoding() -
setPersistJwtEncoding
public void setPersistJwtEncoding(boolean persistJwtEncoding) -
getIssuer
-
setIssuer
-