Class DefaultOAuth1Provider
- java.lang.Object
-
- org.glassfish.jersey.server.oauth1.DefaultOAuth1Provider
-
- All Implemented Interfaces:
OAuth1Provider
@Provider public class DefaultOAuth1Provider extends Object implements OAuth1Provider
Default in-memory implementation of OAuth1Provider. Stores consumers and tokens in static hash maps. Provides some additional helper methods for consumer and token management (registering new consumers, retrieving a list of all registered consumers per owner, listing the authorized tokens per principal, revoking tokens, etc.)- Author:
- Martin Matula, Miroslav Fuksa
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classDefaultOAuth1Provider.ConsumerSimple read-only implementation ofOAuth1Consumer.classDefaultOAuth1Provider.TokenSimple immutable implementation ofOAuth1Token.
-
Constructor Summary
Constructors Constructor Description DefaultOAuth1Provider()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddAccessToken(String token, String secret, String consumerKey, String callbackUrl, Principal principal, Set<String> roles, MultivaluedMap<String,String> attributes)StringauthorizeToken(DefaultOAuth1Provider.Token token, Principal userPrincipal, Set<String> roles)Authorizes a request token for given principal and roles and returns verifier.OAuth1TokengetAccessToken(String token)Returns the access token by the consumer key and token value.Set<DefaultOAuth1Provider.Token>getAccessTokens(String principalName)Returns a list of access tokens authorized with the supplied principal name.DefaultOAuth1Provider.ConsumergetConsumer(String consumerKey)Gets consumer corresponding to a given consumer key.Set<DefaultOAuth1Provider.Consumer>getConsumers(String owner)Returns a set of consumers registered by a given owner.DefaultOAuth1Provider.TokengetRequestToken(String token)Returns the request token by the consumer key and token value.OAuth1TokennewAccessToken(OAuth1Token requestToken, String verifier)Creates a new access token.OAuth1TokennewRequestToken(String consumerKey, String callbackUrl, Map<String,List<String>> attributes)Creates a new request token for a given consumerKey.protected StringnewUUIDString()Generates a new non-guessable random string (used for token/customer strings, secrets and verifier.DefaultOAuth1Provider.ConsumerregisterConsumer(String owner, MultivaluedMap<String,String> attributes)Register a new consumer.DefaultOAuth1Provider.ConsumerregisterConsumer(String owner, String key, String secret, MultivaluedMap<String,String> attributes)Register a new consumer configured with Consumer Key.voidrevokeAccessToken(String token, String principalName)Checks if the supplied token is authorized for a given principal name and if so, revokes the authorization.
-
-
-
Method Detail
-
getConsumer
public DefaultOAuth1Provider.Consumer getConsumer(String consumerKey)
Description copied from interface:OAuth1ProviderGets consumer corresponding to a given consumer key.- Specified by:
getConsumerin interfaceOAuth1Provider- Parameters:
consumerKey- consumer key- Returns:
- corresponding consumer secret or null if no consumer with the given key is known
-
registerConsumer
public DefaultOAuth1Provider.Consumer registerConsumer(String owner, MultivaluedMap<String,String> attributes)
Register a new consumer.- Parameters:
owner- Identifier of the owner that registers the consumer (user ID or similar).attributes- Additional attributes (name-values pairs - to store additional information about the consumer, such as name, URI, description, etc.)- Returns:
DefaultOAuth1Provider.Consumerobject for the newly registered consumer.
-
registerConsumer
public DefaultOAuth1Provider.Consumer registerConsumer(String owner, String key, String secret, MultivaluedMap<String,String> attributes)
Register a new consumer configured with Consumer Key.- Parameters:
owner- Identifier of the owner that registers the consumer (user ID or similar).key- Consumer key.secret- Consumer key secret.attributes- Additional attributes (name-values pairs - to store additional information about the consumer, such as name, URI, description, etc.)- Returns:
DefaultOAuth1Provider.Consumerobject for the newly registered consumer.
-
getConsumers
public Set<DefaultOAuth1Provider.Consumer> getConsumers(String owner)
Returns a set of consumers registered by a given owner.- Parameters:
owner- Identifier of the owner that registered the consumers to be retrieved.- Returns:
- consumers registered by the owner.
-
getAccessTokens
public Set<DefaultOAuth1Provider.Token> getAccessTokens(String principalName)
Returns a list of access tokens authorized with the supplied principal name.- Parameters:
principalName- Principal name for which to retrieve the authorized tokens.- Returns:
- authorized access tokens.
-
authorizeToken
public String authorizeToken(DefaultOAuth1Provider.Token token, Principal userPrincipal, Set<String> roles)
Authorizes a request token for given principal and roles and returns verifier.- Parameters:
token- Request token to authorize.userPrincipal- User principal to authorize the token for.roles- Set of roles to authorize the token for.- Returns:
- OAuth verifier value for exchanging this token for an access token.
-
revokeAccessToken
public void revokeAccessToken(String token, String principalName)
Checks if the supplied token is authorized for a given principal name and if so, revokes the authorization.- Parameters:
token- Access token to revoke the authorization for.principalName- Principal name the token is currently authorized for.
-
newUUIDString
protected String newUUIDString()
Generates a new non-guessable random string (used for token/customer strings, secrets and verifier.- Returns:
- Random UUID string.
-
getRequestToken
public DefaultOAuth1Provider.Token getRequestToken(String token)
Description copied from interface:OAuth1ProviderReturns the request token by the consumer key and token value.- Specified by:
getRequestTokenin interfaceOAuth1Provider- Parameters:
token- request token value- Returns:
- request token or null if no such token corresponding to a given consumer key is found
-
newRequestToken
public OAuth1Token newRequestToken(String consumerKey, String callbackUrl, Map<String,List<String>> attributes)
Description copied from interface:OAuth1ProviderCreates a new request token for a given consumerKey.- Specified by:
newRequestTokenin interfaceOAuth1Provider- Parameters:
consumerKey- consumer key to create a request token forcallbackUrl- callback url for this request token requestattributes- additional service provider-specific parameters (this can be used to indicate what level of access is requested - i.e. readonly, or r/w, etc.)- Returns:
- new request token
-
newAccessToken
public OAuth1Token newAccessToken(OAuth1Token requestToken, String verifier)
Description copied from interface:OAuth1ProviderCreates a new access token. This method must validate the passed arguments and return null if any of them is invalid.- Specified by:
newAccessTokenin interfaceOAuth1Provider- Parameters:
requestToken- authorized request tokenverifier- verifier passed to the callback after authorization- Returns:
- new access token or null if the arguments are invalid (e.g. there is no such request token as in the argument, or the verifier does not match)
-
addAccessToken
public void addAccessToken(String token, String secret, String consumerKey, String callbackUrl, Principal principal, Set<String> roles, MultivaluedMap<String,String> attributes)
-
getAccessToken
public OAuth1Token getAccessToken(String token)
Description copied from interface:OAuth1ProviderReturns the access token by the consumer key and token value.- Specified by:
getAccessTokenin interfaceOAuth1Provider- Parameters:
token- access token value- Returns:
- access token or null if no such found
-
-