Class AuthorizationCodeGrantService
java.lang.Object
org.apache.cxf.rs.security.oauth2.services.AbstractOAuthService
org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService
org.apache.cxf.rs.security.oauth2.services.AuthorizationCodeGrantService
- Direct Known Subclasses:
OidcAuthorizationCodeService
This resource handles the End User authorizing
or denying the Client to access its resources.
If End User approves the access this resource will
redirect End User back to the Client, supplying
the authorization code.
-
Field Summary
Fields inherited from class org.apache.cxf.rs.security.oauth2.services.AbstractOAuthService
LOG -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected booleanprotected booleanprotected AuthorizationCodeRegistrationcreateCodeRegistration(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preauthorizedToken) protected jakarta.ws.rs.core.ResponsecreateErrorResponse(String state, String redirectUri, String error) protected jakarta.ws.rs.core.ResponsecreateGrant(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preauthorizedToken) protected jakarta.ws.rs.core.ResponsedeliverOOBResponse(OOBAuthorizationResponse response) getGrantRepresentation(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preauthorizedToken) protected jakarta.ws.rs.core.UriBuildergetRedirectUriBuilder(String state, String redirectUri) protected StringprocessCodeGrant(Client client, String code, UserSubject endUser) protected OAuthRedirectionStaterecreateRedirectionStateFromParams(jakarta.ws.rs.core.MultivaluedMap<String, String> params) voidsetCanSupportEmptyRedirectForPrivateClients(boolean canSupportEmptyRedirectForPrivateClients) voidsetCanSupportPublicClients(boolean support) voidMethods inherited from class org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService
authorize, authorizeDecision, authorizeDecisionForm, authorizePost, canAccessTokenBeReturned, canAuthorizationBeSkipped, completeAuthorization, createAuthorizationData, createErrorResponse, createHtmlResponse, createUserSubject, getAndValidateSecurityContext, getApprovedScope, getClient, getSupportedGrantType, getSupportedResponseTypes, isFormResponse, isRevokePreauthorizedTokenOnApproval, noConsentForRequestedScopes, personalizeData, recreateRedirectionStateFromSession, setAuthorizationFilter, setHidePreauthorizedScopesInForm, setMatchRedirectUriWithApplicationUri, setMaxDefaultSessionInterval, setPartialMatchScopeValidation, setResourceOwnerNameProvider, setRevokePreauthorizedTokenOnApproval, setScopesRequiringNoConsent, setSessionAuthenticityTokenProvider, setSubjectCreator, setSupportSinglePageApplications, setUseAllClientScopes, setUseRegisteredRedirectUriIfPossible, startAuthorization, startAuthorization, validateRedirectUriMethods inherited from class org.apache.cxf.rs.security.oauth2.services.AbstractOAuthService
checkTransportSecurity, getDataProvider, getMessageContext, getQueryParameters, getValidClient, getValidClient, injectContextIntoOAuthProviders, isWriteOptionalParameters, reportInvalidRequestError, reportInvalidRequestError, reportInvalidRequestError, reportInvalidRequestError, setBlockUnsecureRequests, setDataProvider, setMessageContext, setWriteOptionalParameters
-
Constructor Details
-
AuthorizationCodeGrantService
public AuthorizationCodeGrantService()
-
-
Method Details
-
recreateRedirectionStateFromParams
protected OAuthRedirectionState recreateRedirectionStateFromParams(jakarta.ws.rs.core.MultivaluedMap<String, String> params) - Overrides:
recreateRedirectionStateFromParamsin classRedirectionBasedGrantService
-
createGrant
protected jakarta.ws.rs.core.Response createGrant(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preauthorizedToken) - Specified by:
createGrantin classRedirectionBasedGrantService
-
getGrantRepresentation
public ServerAuthorizationCodeGrant getGrantRepresentation(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preauthorizedToken) -
createCodeRegistration
protected AuthorizationCodeRegistration createCodeRegistration(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preauthorizedToken) -
processCodeGrant
-
deliverOOBResponse
-
createErrorResponse
protected jakarta.ws.rs.core.Response createErrorResponse(String state, String redirectUri, String error) - Specified by:
createErrorResponsein classRedirectionBasedGrantService
-
getRedirectUriBuilder
-
canSupportPublicClient
- Specified by:
canSupportPublicClientin classRedirectionBasedGrantService
-
canRedirectUriBeEmpty
- Specified by:
canRedirectUriBeEmptyin classRedirectionBasedGrantService
-
setCanSupportPublicClients
public void setCanSupportPublicClients(boolean support) -
setCodeResponseFilter
-
setCanSupportEmptyRedirectForPrivateClients
public void setCanSupportEmptyRedirectForPrivateClients(boolean canSupportEmptyRedirectForPrivateClients)
-