Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.oauth2.provider.approval
Class TokenStoreUserApprovalHandler

java.lang.Object
  extended by org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler
All Implemented Interfaces:
org.springframework.beans.factory.InitializingBean, UserApprovalHandler
public class TokenStoreUserApprovalHandler
extends Object
implements UserApprovalHandler, org.springframework.beans.factory.InitializingBean

A user approval handler that remembers approval decisions by consulting existing tokens.

Author:
Dave Syer

Constructor Summary
TokenStoreUserApprovalHandler()
           
 
Method Summary
 void afterPropertiesSet()
           
 AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, org.springframework.security.core.Authentication userAuthentication)
           Provides a hook for allowing requests to be pre-approved (skipping the User Approval Page).
 boolean isApproved(AuthorizationRequest authorizationRequest, org.springframework.security.core.Authentication userAuthentication)
          Basic implementation just requires the authorization request to be explicitly approved and the user to be authenticated.
 void setApprovalParameter(String approvalParameter)
           
 void setClientDetailsService(ClientDetailsService clientDetailsService)
          Service to load client details (optional) for auto approval checks.
 void setRequestFactory(OAuth2RequestFactory requestFactory)
           
 void setTokenStore(TokenStore tokenStore)
           
 AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, org.springframework.security.core.Authentication userAuthentication)
           Provides an opportunity to update the authorization request before it is checked for approval in cases where the incoming approval parameters contain richer information than just true/false (e.g.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

TokenStoreUserApprovalHandler

public TokenStoreUserApprovalHandler()
Method Detail

setClientDetailsService

public void setClientDetailsService(ClientDetailsService clientDetailsService)
Service to load client details (optional) for auto approval checks.

Parameters:
clientDetailsService - a client details service

setApprovalParameter

public void setApprovalParameter(String approvalParameter)
Parameters:
approvalParameter - the approvalParameter to set

setTokenStore

public void setTokenStore(TokenStore tokenStore)
Parameters:
tokenStore - the token store to set

setRequestFactory

public void setRequestFactory(OAuth2RequestFactory requestFactory)

afterPropertiesSet

public void afterPropertiesSet()
Specified by:
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

isApproved

public boolean isApproved(AuthorizationRequest authorizationRequest,
                          org.springframework.security.core.Authentication userAuthentication)
Basic implementation just requires the authorization request to be explicitly approved and the user to be authenticated.

Specified by:
isApproved in interface UserApprovalHandler
Parameters:
authorizationRequest - The authorization request.
userAuthentication - the current user authentication
Returns:
Whether the specified request has been approved by the current user.

checkForPreApproval

public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest,
                                                org.springframework.security.core.Authentication userAuthentication)
Description copied from interface: UserApprovalHandler

Provides a hook for allowing requests to be pre-approved (skipping the User Approval Page). Some implementations may allow users to store approval decisions so that they only have to approve a site once. This method is called in the AuthorizationEndpoint before sending the user to the Approval page. If this method sets oAuth2Request.approved to true, the Approval page will be skipped.

Specified by:
checkForPreApproval in interface UserApprovalHandler
Parameters:
authorizationRequest - the authorization request.
userAuthentication - the user authentication
Returns:
the AuthorizationRequest, modified if necessary

updateAfterApproval

public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest,
                                                org.springframework.security.core.Authentication userAuthentication)
Description copied from interface: UserApprovalHandler

Provides an opportunity to update the authorization request before it is checked for approval in cases where the incoming approval parameters contain richer information than just true/false (e.g. some scopes are approved, and others are rejected), implementations may need to be able to modify the AuthorizationRequest before a token is generated from it.

Specified by:
updateAfterApproval in interface UserApprovalHandler
Parameters:
authorizationRequest - the authorization request.
userAuthentication - the user authentication
Returns:
the AuthorizationRequest, modified if necessary
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2013. All rights reserved.