Package org.glassfish.jersey.server.oauth1

Class OAuth1ServerProperties

  • public final class OAuth1ServerProperties
extends Object
    Properties used to configure OAuth server module.
    Author:
    Miroslav Fuksa

    • Field Detail

      • REALM

        public static final String REALM
        OAuth realm (String property).

        A default value is 'default'.

        The name of the configuration property is "jersey.config.server.oauth1.realm".

        See Also:
        Constant Field Values

      • IGNORE_PATH_PATTERN

        public static final String IGNORE_PATH_PATTERN
        Property that can be set to a regular expression used to match the path (relative to the base URI) this filter should not be applied to.

        A default value is null.

        The name of the configuration property is "jersey.config.server.oauth1.ignorePathPattern".

        See Also:
        Constant Field Values

      • MAX_AGE

        public static final String MAX_AGE
        Property defines maximum age (in milliseconds) of nonces that should be tracked (default = 300000 ms = 5 min).

        A default value is 300000 which corresponds to 5 minutes.

        The name of the configuration property is "jersey.config.server.oauth1.maxAge".

        See Also:
        Constant Field Values

      • GC_PERIOD

        public static final String GC_PERIOD
        Property that can be set to frequency of collecting nonces exceeding max. age (default = 100 = every 100 requests).
        See Also:
        Constant Field Values

      • TIMESTAMP_UNIT

        public static final String TIMESTAMP_UNIT
        Unit of oauth_timestamp attribute used in authorization headers. The value must be one of the enum values of TimeUnit (e.g. SECONDS, MILLISECONDS, MINUTES).

        A default value is SECONDS.

        The name of the configuration property is "jersey.config.server.oauth1.timestamp.unit".

        See Also:
        Constant Field Values

      • MAX_NONCE_CACHE_SIZE

        public static final String MAX_NONCE_CACHE_SIZE
        Defines maximum number of nonces that can be stored in the nonce cache. If more nonces will be used, the cache will not store any other nonce and requests will be refused. Note that cache is automatically cleaned as it keeps only nonces delivered with timestamp withing the MAX_AGE period.

        This setting is used to limit the maximum size of internal cache and thanks to this it prevents exhausting of memory and failing of the server.

        The value must be a long.

        A default value is 2000000.

        The name of the configuration property is "jersey.config.server.oauth1.max.nonce.size".

        See Also:
        Constant Field Values

      • NO_FAIL

        public static final String NO_FAIL
        If set to true makes the correct OAuth authentication optional. Instead of returning the appropriate status code (Response.Status.BAD_REQUEST or Response.Status.UNAUTHORIZED) the OAuth filter will ignore this request (as if it was not authenticated) and let the web application deal with it.

        A default value is false.

        The name of the configuration property is "jersey.config.server.oauth1.noFail".

        See Also:
        Constant Field Values

      • ENABLE_TOKEN_RESOURCES

        public static final String ENABLE_TOKEN_RESOURCES
        If set to true, token resources will be exposed. Token resources are JAX-RS resources for retrieving Request Tokens and Access Tokens. If the property is set to false, the resources will not be exposed and it is responsibility of the user custom resource to issue Request Tokens and Access Tokens.

        URIs of exposed resources can be specified by REQUEST_TOKEN_URI and ACCESS_TOKEN_URI.

        A default value is true.

        The name of the configuration property is "jersey.config.server.oauth1.resource.enabled".

        See Also:
        Constant Field Values

      • REQUEST_TOKEN_URI

        public static final String REQUEST_TOKEN_URI
        If exposure of token resources is enabled (e.g. by the property ENABLE_TOKEN_RESOURCES), this property defines the relative URI of exposed Request Token Resource. The URI must be relative to the base URI of the JAX-RS application.

        Request Token resource is the resource which issues a Request Token and Request Token secret during the Authorization process (temporary credentials IDs).

        The property is undefined by default.

        The name of the configuration property is "jersey.config.server.oauth1.resource.requestToken.uri".

        See Also:
        Constant Field Values

      • ACCESS_TOKEN_URI

        public static final String ACCESS_TOKEN_URI
        If exposure of token resources is enabled (e.g. by the property ENABLE_TOKEN_RESOURCES), this property defines the relative URI of exposed Access Token Resource. The URI must be relative to the base URI of the JAX-RS application.

        Access Token resource is the resource which issues a Access Token and Access Token secret during the Authorization process.

        The property is undefined by default.

        The name of the configuration property is "jersey.config.server.oauth1.resource.accessToken.uri".

        See Also:
        Constant Field Values

    • Constructor Detail

      • OAuth1ServerProperties

        public OAuth1ServerProperties()

    • Method Detail

      • getValue

        public static <T> T getValue​(Map<String,​?> properties,
                             String key,
                             Class<T> type)
        Get the value of the specified property. If the property is not set or the real value type is not compatible with the specified value type, returns null.
        Type Parameters:
        T - Type of the property value.
        Parameters:
        properties - Map of properties to get the property value from.
        key - Name of the property.
        type - Type to retrieve the value as.
        Returns:
        Value of the property or null.
        Since:
        2.8

      • getValue

        public static <T> T getValue​(Map<String,​?> properties,
                             String key,
                             T defaultValue)
        Get the value of the specified property. If the property is not set or the real value type is not compatible with defaultValue type, the specified defaultValue is returned. Calling this method is equivalent to calling OAuth1ServerProperties.getValue(properties, key, defaultValue, (Class<T>) defaultValue.getClass())
        Type Parameters:
        T - Type of the property value.
        Parameters:
        properties - Map of properties to get the property value from.
        key - Name of the property.
        defaultValue - Default value if property is not registered
        Returns:
        Value of the property or null.
        Since:
        2.8

      • getValue

        public static <T> T getValue​(Map<String,​?> properties,
                             String key,
                             T defaultValue,
                             Class<T> type)
        Get the value of the specified property. If the property is not set or the real value type is not compatible with the specified value type, returns defaultValue.
        Type Parameters:
        T - Type of the property value.
        Parameters:
        properties - Map of properties to get the property value from.
        key - Name of the property.
        defaultValue - Default value if property is not registered
        type - Type to retrieve the value as.
        Returns:
        Value of the property or null.
        Since:
        2.8