org.springframework.security.oauth.provider.filter
Class OAuthProviderProcessingFilter

java.lang.Object
  org.springframework.security.oauth.provider.filter.OAuthProviderProcessingFilter

All Implemented Interfaces:

javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware

Direct Known Subclasses:

AccessTokenProcessingFilter, ProtectedResourceProcessingFilter, UnauthenticatedRequestTokenProcessingFilter

public abstract class OAuthProviderProcessingFilter
extends Object
implements javax.servlet.Filter, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware

OAuth processing filter. This filter should be applied to requests for OAuth protected resources (see OAuth Core 1.0).

Author:

Ryan Heaton

Field Summary

protected org.springframework.context.support.MessageSourceAccessor	messages
static String	OAUTH_PROCESSING_HANDLED Attribute for indicating that OAuth processing has already occurred.

Constructor Summary

OAuthProviderProcessingFilter()

Method Summary

void	afterPropertiesSet()
protected boolean	allowMethod(String method) Whether to allow the specified HTTP method.
protected Object	createDetails(javax.servlet.http.HttpServletRequest request, ConsumerDetails consumerDetails) Create the details for the authentication request.
void	destroy()
void	doFilter(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse, javax.servlet.FilterChain chain)
protected void	fail(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException failure) Common logic for OAuth failed.
OAuthProcessingFilterEntryPoint	getAuthenticationEntryPoint() The authentication entry point.
ConsumerDetailsService	getConsumerDetailsService() The consumer details service.
String	getFilterProcessesUrl() The URL for which this filter will be applied.
OAuthNonceServices	getNonceServices() The nonce services.
OAuthProviderSupport	getProviderSupport() The OAuth provider support.
OAuthSignatureMethodFactory	getSignatureMethodFactory() The OAuth signature method factory.
OAuthProviderTokenServices	getTokenServices() Get the OAuth token services.
void	init(javax.servlet.FilterConfig ignored)
boolean	isIgnoreInadequateCredentials() Whether to ignore missing OAuth credentials.
protected void	onNewTimestamp() Logic to be performed on a new timestamp.
protected abstract void	onValidSignature(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain) Logic executed on valid signature.
protected boolean	parametersAreAdequate(Map<String,String> oauthParams) By default, OAuth parameters are adequate if a consumer key is present.
protected boolean	requiresAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain) Whether this filter is configured to process the specified request.
protected void	resetPreviousAuthentication(org.springframework.security.core.Authentication previousAuthentication)
void	setAllowedMethods(List<String> allowedMethods) The allowed set of HTTP methods.
void	setAuthenticationEntryPoint(OAuthProcessingFilterEntryPoint authenticationEntryPoint) The authentication entry point.
void	setConsumerDetailsService(ConsumerDetailsService consumerDetailsService) The consumer details service.
void	setFilterProcessesUrl(String filterProcessesUrl) The URL for which this filter will be applied.
void	setIgnoreMissingCredentials(boolean ignoreMissingCredentials) Whether to ignore missing OAuth credentials.
void	setMessageSource(org.springframework.context.MessageSource messageSource) Set the message source.
void	setNonceServices(OAuthNonceServices nonceServices) The nonce services.
void	setProviderSupport(OAuthProviderSupport providerSupport) The OAuth provider support.
void	setSignatureMethodFactory(OAuthSignatureMethodFactory signatureMethodFactory) The OAuth signature method factory.
void	setTokenServices(OAuthProviderTokenServices tokenServices) The OAuth token services.
protected boolean	skipProcessing(javax.servlet.http.HttpServletRequest request) Whether to skip processing for the specified request.
protected void	validateAdditionalParameters(ConsumerDetails consumerDetails, Map<String,String> oauthParams) Do any additional validation checks for the specified oauth params.
protected void	validateOAuthParams(ConsumerDetails consumerDetails, Map<String,String> oauthParams) Validates the OAuth parameters for the given consumer.
protected void	validateSignature(ConsumerAuthentication authentication) Validate the signature of the request given the authentication request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

OAUTH_PROCESSING_HANDLED

public static final String OAUTH_PROCESSING_HANDLED

Attribute for indicating that OAuth processing has already occurred.

See Also:

Constant Field Values

messages

protected org.springframework.context.support.MessageSourceAccessor messages

Constructor Detail

OAuthProviderProcessingFilter

public OAuthProviderProcessingFilter()

Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception

Specified by:

afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

Throws:

Exception

init

public void init(javax.servlet.FilterConfig ignored)
          throws javax.servlet.ServletException

Specified by:

init in interface javax.servlet.Filter

Throws:

javax.servlet.ServletException

destroy

public void destroy()

Specified by:

destroy in interface javax.servlet.Filter

doFilter

public void doFilter(javax.servlet.ServletRequest servletRequest,
                     javax.servlet.ServletResponse servletResponse,
                     javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException

Specified by:

doFilter in interface javax.servlet.Filter

Throws:

IOException

javax.servlet.ServletException

parametersAreAdequate

protected boolean parametersAreAdequate(Map<String,String> oauthParams)

By default, OAuth parameters are adequate if a consumer key is present.

Parameters:

oauthParams - The oauth params.

Returns:

Whether the parsed parameters are adequate.

resetPreviousAuthentication

protected void resetPreviousAuthentication(org.springframework.security.core.Authentication previousAuthentication)

createDetails

protected Object createDetails(javax.servlet.http.HttpServletRequest request,
                               ConsumerDetails consumerDetails)

Create the details for the authentication request.

Parameters:

request - The request.

consumerDetails - The consumer details.

Returns:

The authentication details.

allowMethod

protected boolean allowMethod(String method)

Whether to allow the specified HTTP method.

Parameters:

method - The HTTP method to check for allowing.

Returns:

Whether to allow the specified method.

validateSignature

protected void validateSignature(ConsumerAuthentication authentication)
                          throws org.springframework.security.core.AuthenticationException

Validate the signature of the request given the authentication request.

Parameters:

authentication - The authentication request.

Throws:

org.springframework.security.core.AuthenticationException

onValidSignature

protected abstract void onValidSignature(javax.servlet.http.HttpServletRequest request,
                                         javax.servlet.http.HttpServletResponse response,
                                         javax.servlet.FilterChain chain)
                                  throws IOException,
                                         javax.servlet.ServletException

Logic executed on valid signature. The security context can be assumed to hold a verified, authenticated ConsumerAuthentication.

Default implementation continues the chain.

Parameters:

request - The request.

response - The response

chain - The filter chain.

Throws:

IOException

javax.servlet.ServletException

validateOAuthParams

protected void validateOAuthParams(ConsumerDetails consumerDetails,
                                   Map<String,String> oauthParams)
                            throws InvalidOAuthParametersException

Validates the OAuth parameters for the given consumer. Base implementation validates only those parameters that are required for all OAuth requests. This includes the nonce and timestamp, but not the signature.

Parameters:

consumerDetails - The consumer details.

oauthParams - The OAuth parameters to validate.

Throws:

InvalidOAuthParametersException - If the OAuth parameters are invalid.

validateAdditionalParameters

protected void validateAdditionalParameters(ConsumerDetails consumerDetails,
                                            Map<String,String> oauthParams)

Do any additional validation checks for the specified oauth params. Default implementation is a no-op.

Parameters:

consumerDetails - The consumer details.

oauthParams - The params.

onNewTimestamp

protected void onNewTimestamp()
                       throws org.springframework.security.core.AuthenticationException

Logic to be performed on a new timestamp. The default behavior expects that the timestamp should not be new.

Throws:

org.springframework.security.core.AuthenticationException - If the timestamp shouldn't be new.

fail

protected void fail(javax.servlet.http.HttpServletRequest request,
                    javax.servlet.http.HttpServletResponse response,
                    org.springframework.security.core.AuthenticationException failure)
             throws IOException,
                    javax.servlet.ServletException

Common logic for OAuth failed.

Parameters:

request - The request.

response - The response.

failure - The failure.

Throws:

IOException

javax.servlet.ServletException

requiresAuthentication

protected boolean requiresAuthentication(javax.servlet.http.HttpServletRequest request,
                                         javax.servlet.http.HttpServletResponse response,
                                         javax.servlet.FilterChain filterChain)

Whether this filter is configured to process the specified request.

Parameters:

request - The request.

response - The response

filterChain - The filter chain

Returns:

Whether this filter is configured to process the specified request.

skipProcessing

protected boolean skipProcessing(javax.servlet.http.HttpServletRequest request)

Whether to skip processing for the specified request.

Parameters:

request - The request.

Returns:

Whether to skip processing.

getAuthenticationEntryPoint

public OAuthProcessingFilterEntryPoint getAuthenticationEntryPoint()

The authentication entry point.

Returns:

The authentication entry point.

setAuthenticationEntryPoint

@Autowired(required=false)
public void setAuthenticationEntryPoint(OAuthProcessingFilterEntryPoint authenticationEntryPoint)

The authentication entry point.

Parameters:

authenticationEntryPoint - The authentication entry point.

getConsumerDetailsService

public ConsumerDetailsService getConsumerDetailsService()

The consumer details service.

Returns:

The consumer details service.

setConsumerDetailsService

@Autowired
public void setConsumerDetailsService(ConsumerDetailsService consumerDetailsService)

The consumer details service.

Parameters:

consumerDetailsService - The consumer details service.

getNonceServices

public OAuthNonceServices getNonceServices()

The nonce services.

Returns:

The nonce services.

setNonceServices

@Autowired(required=false)
public void setNonceServices(OAuthNonceServices nonceServices)

The nonce services.

Parameters:

nonceServices - The nonce services.

getTokenServices

public OAuthProviderTokenServices getTokenServices()

Get the OAuth token services.

Returns:

The OAuth token services.

setTokenServices

@Autowired
public void setTokenServices(OAuthProviderTokenServices tokenServices)

The OAuth token services.

Parameters:

tokenServices - The OAuth token services.

getFilterProcessesUrl

public String getFilterProcessesUrl()

The URL for which this filter will be applied.

Returns:

The URL for which this filter will be applied.

setFilterProcessesUrl

public void setFilterProcessesUrl(String filterProcessesUrl)

The URL for which this filter will be applied.

Parameters:

filterProcessesUrl - The URL for which this filter will be applied.

setMessageSource

public void setMessageSource(org.springframework.context.MessageSource messageSource)

Set the message source.

Specified by:

setMessageSource in interface org.springframework.context.MessageSourceAware

Parameters:

messageSource - The message source.

getProviderSupport

public OAuthProviderSupport getProviderSupport()

The OAuth provider support.

Returns:

The OAuth provider support.

setProviderSupport

@Autowired(required=false)
public void setProviderSupport(OAuthProviderSupport providerSupport)

The OAuth provider support.

Parameters:

providerSupport - The OAuth provider support.

getSignatureMethodFactory

public OAuthSignatureMethodFactory getSignatureMethodFactory()

The OAuth signature method factory.

Returns:

The OAuth signature method factory.

setSignatureMethodFactory

@Autowired(required=false)
public void setSignatureMethodFactory(OAuthSignatureMethodFactory signatureMethodFactory)

The OAuth signature method factory.

Parameters:

signatureMethodFactory - The OAuth signature method factory.

isIgnoreInadequateCredentials

public boolean isIgnoreInadequateCredentials()

Whether to ignore missing OAuth credentials.

Returns:

Whether to ignore missing OAuth credentials.

setIgnoreMissingCredentials

public void setIgnoreMissingCredentials(boolean ignoreMissingCredentials)

Whether to ignore missing OAuth credentials.

Parameters:

ignoreMissingCredentials - Whether to ignore missing OAuth credentials.

setAllowedMethods

public void setAllowedMethods(List<String> allowedMethods)

The allowed set of HTTP methods.

Parameters:

allowedMethods - The allowed set of methods.