org.springframework.security.oauth2.provider.endpoint
Class AuthorizationEndpoint
java.lang.Object
org.springframework.security.oauth2.provider.endpoint.AbstractEndpoint
org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint
- All Implemented Interfaces:
- org.springframework.beans.factory.InitializingBean
@SessionAttributes(value="authorizationRequest")
@RequestMapping(value="/oauth/authorize")
public class AuthorizationEndpoint
- extends AbstractEndpoint
- implements org.springframework.beans.factory.InitializingBean
Implementation of the Authorization Endpoint from the OAuth2 specification. Accepts authorization requests, and
handles user approval if the grant type is authorization code. The tokens themselves are obtained from the
Token Endpoint, except in the implicit grant type (where they come from the Authorization
Endpoint via response_type=token.
This endpoint should be secured so that it is only accessible to fully authenticated users (as a minimum requirement)
since it represents a request from a valid user to act on his or her behalf.
- Author:
- Dave Syer, Vladimir Kryachko
|
Method Summary |
void |
afterPropertiesSet()
|
org.springframework.web.servlet.View |
approveOrDeny(Map<String,String> approvalParameters,
Map<String,?> model,
org.springframework.web.bind.support.SessionStatus sessionStatus,
Principal principal)
|
org.springframework.web.servlet.ModelAndView |
authorize(Map<String,Object> model,
Map<String,String> parameters,
org.springframework.web.bind.support.SessionStatus sessionStatus,
Principal principal)
|
org.springframework.web.servlet.ModelAndView |
handleClientRegistrationException(Exception e,
org.springframework.web.context.request.ServletWebRequest webRequest)
|
org.springframework.web.servlet.ModelAndView |
handleHttpSessionRequiredException(org.springframework.web.HttpSessionRequiredException e,
org.springframework.web.context.request.ServletWebRequest webRequest)
|
org.springframework.web.servlet.ModelAndView |
handleOAuth2Exception(OAuth2Exception e,
org.springframework.web.context.request.ServletWebRequest webRequest)
|
void |
setAuthorizationCodeServices(AuthorizationCodeServices authorizationCodeServices)
|
void |
setErrorPage(String errorPage)
|
void |
setImplicitGrantService(ImplicitGrantService implicitGrantService)
|
void |
setoAuth2RequestValidator(OAuth2RequestValidator oAuth2RequestValidator)
|
void |
setRedirectResolver(RedirectResolver redirectResolver)
|
void |
setSessionAttributeStore(org.springframework.web.bind.support.SessionAttributeStore sessionAttributeStore)
|
void |
setUserApprovalHandler(UserApprovalHandler userApprovalHandler)
|
void |
setUserApprovalPage(String userApprovalPage)
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
AuthorizationEndpoint
public AuthorizationEndpoint()
afterPropertiesSet
public void afterPropertiesSet()
throws Exception
- Specified by:
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean- Overrides:
afterPropertiesSet in class AbstractEndpoint
- Throws:
Exception
setSessionAttributeStore
public void setSessionAttributeStore(org.springframework.web.bind.support.SessionAttributeStore sessionAttributeStore)
setErrorPage
public void setErrorPage(String errorPage)
authorize
@RequestMapping
public org.springframework.web.servlet.ModelAndView authorize(Map<String,Object> model,
@RequestParam
Map<String,String> parameters,
org.springframework.web.bind.support.SessionStatus sessionStatus,
Principal principal)
approveOrDeny
@RequestMapping(method=POST,
params="user_oauth_approval")
public org.springframework.web.servlet.View approveOrDeny(@RequestParam
Map<String,String> approvalParameters,
Map<String,?> model,
org.springframework.web.bind.support.SessionStatus sessionStatus,
Principal principal)
setUserApprovalPage
public void setUserApprovalPage(String userApprovalPage)
setAuthorizationCodeServices
public void setAuthorizationCodeServices(AuthorizationCodeServices authorizationCodeServices)
setRedirectResolver
public void setRedirectResolver(RedirectResolver redirectResolver)
setUserApprovalHandler
public void setUserApprovalHandler(UserApprovalHandler userApprovalHandler)
setoAuth2RequestValidator
public void setoAuth2RequestValidator(OAuth2RequestValidator oAuth2RequestValidator)
setImplicitGrantService
public void setImplicitGrantService(ImplicitGrantService implicitGrantService)
handleClientRegistrationException
@ExceptionHandler(value=ClientRegistrationException.class)
public org.springframework.web.servlet.ModelAndView handleClientRegistrationException(Exception e,
org.springframework.web.context.request.ServletWebRequest webRequest)
throws Exception
- Throws:
Exception
handleOAuth2Exception
@ExceptionHandler(value=OAuth2Exception.class)
public org.springframework.web.servlet.ModelAndView handleOAuth2Exception(OAuth2Exception e,
org.springframework.web.context.request.ServletWebRequest webRequest)
throws Exception
- Throws:
Exception
handleHttpSessionRequiredException
@ExceptionHandler(value=org.springframework.web.HttpSessionRequiredException.class)
public org.springframework.web.servlet.ModelAndView handleHttpSessionRequiredException(org.springframework.web.HttpSessionRequiredException e,
org.springframework.web.context.request.ServletWebRequest webRequest)
throws Exception
- Throws:
Exception
Copyright © 2013. All rights reserved.