org.pac4j.oauth.client

Class BaseOAuthClient<U extends OAuth20Profile,S extends com.github.scribejava.core.oauth.OAuthService,T extends com.github.scribejava.core.model.Token>

java.lang.Object

org.pac4j.core.util.InitializableWebObject

org.pac4j.core.client.BaseClient<C,U>

org.pac4j.core.client.IndirectClient<OAuthCredentials,U>

org.pac4j.oauth.client.BaseOAuthClient<U,S,T>

All Implemented Interfaces:

Client<OAuthCredentials,U>

Direct Known Subclasses:

BaseOAuth10Client, BaseOAuth20Client

public abstract class BaseOAuthClient<U extends OAuth20Profile,S extends com.github.scribejava.core.oauth.OAuthService,T extends com.github.scribejava.core.model.Token>
extends IndirectClient<OAuthCredentials,U>

This class is a base implementation for an OAuth protocol client based on the Scribe library. It should work for all OAuth clients. In subclasses, some methods are to be implemented / customized for specific needs depending on the client.

Since:

1.0.0

Author:

Jerome Leleu

Field Summary

Fields

Modifier and Type	Field and Description
protected static org.slf4j.Logger	logger
protected S	service

Fields inherited from class org.pac4j.core.client.IndirectClient

ATTEMPTED_AUTHENTICATION_SUFFIX, callbackUrl, callbackUrlResolver

Constructor Summary

Constructors

Constructor and Description
BaseOAuthClient()

Method Summary

Modifier and Type	Method and Description
protected abstract void	addAccessTokenToProfile(U profile, T accessToken) Add the access token to the profile (as an attribute).
protected com.github.scribejava.core.model.OAuthConfig	buildOAuthConfig(WebContext context) Build an OAuth configuration.
protected com.github.scribejava.core.model.OAuthRequest	createOAuthRequest(String url) Create an OAuth request.
protected abstract U	extractUserProfile(String body) Extract the user profile from the response (JSON, XML...) of the profile url.
protected abstract T	getAccessToken(OAuthCredentials credentials) Get the access token from OAuth credentials.
protected abstract com.github.scribejava.core.builder.api.BaseApi<S>	getApi() Define the OAuth API for this client.
int	getConnectTimeout()
String	getKey()
protected abstract OAuthCredentials	getOAuthCredentials(WebContext context) Get the OAuth credentials from the web context.
protected String	getOAuthScope() Define the OAuth scope for this client.
protected abstract String	getProfileUrl(T accessToken) Retrieve the url of the profile of the authenticated user for the provider.
int	getReadTimeout()
String	getResponseType()
String	getSecret()
protected boolean	hasBeenCancelled(WebContext context) Return if the authentication has been cancelled.
protected boolean	hasOAuthGrantType() Whether the grant type must be added.
protected void	internalInit(WebContext context) Internal initialization of the object.
boolean	isTokenAsHeader()
protected abstract String	retrieveAuthorizationUrl(WebContext context) Retrieve the authorization url to redirect to the OAuth provider.
protected OAuthCredentials	retrieveCredentials(WebContext context) Retrieve the credentials.
protected RedirectAction	retrieveRedirectAction(WebContext context) Retrieve the redirect action.
protected U	retrieveUserProfile(OAuthCredentials credentials, WebContext context) Retrieve a user userprofile.
protected U	retrieveUserProfileFromToken(T accessToken) Retrieve the user profile from the access token.
protected String	sendRequestForData(T accessToken, String dataUrl) Make a request to get the data of the authenticated user for the provider.
void	setConnectTimeout(int connectTimeout)
void	setKey(String key)
void	setReadTimeout(int readTimeout)
void	setResponseType(String responseType)
void	setSecret(String secret)
void	setTokenAsHeader(boolean tokenAsHeader)
protected abstract void	signRequest(T token, com.github.scribejava.core.model.OAuthRequest request)

Methods inherited from class org.pac4j.core.client.IndirectClient

computeFinalCallbackUrl, getAjaxRequestResolver, getCallbackUrl, getCallbackUrlResolver, getCredentials, getRedirectAction, getStateParameter, isIncludeClientNameInCallbackUrl, redirect, setAjaxRequestResolver, setCallbackUrl, setCallbackUrlResolver, setIncludeClientNameInCallbackUrl

Methods inherited from class org.pac4j.core.client.BaseClient

addAuthorizationGenerator, getAuthorizationGenerators, getName, getUserProfile, setAuthorizationGenerator, setAuthorizationGenerators, setAuthorizationGenerators, setName, toString

Methods inherited from class org.pac4j.core.util.InitializableWebObject

init, reinit

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

logger

protected static final org.slf4j.Logger logger

service

protected S extends com.github.scribejava.core.oauth.OAuthService service

Constructor Detail

BaseOAuthClient

public BaseOAuthClient()

Method Detail

internalInit

protected void internalInit(WebContext context)

Description copied from class: InitializableWebObject

Internal initialization of the object.

Overrides:

internalInit in class IndirectClient<OAuthCredentials,U extends OAuth20Profile>

Parameters:

context - the web context

buildOAuthConfig

protected com.github.scribejava.core.model.OAuthConfig buildOAuthConfig(WebContext context)

Build an OAuth configuration.

Parameters:

context - the web context

Returns:

the OAuth configuration

getApi

protected abstract com.github.scribejava.core.builder.api.BaseApi<S> getApi()

Define the OAuth API for this client.

Returns:

the OAuth API

getOAuthScope

protected String getOAuthScope()

Define the OAuth scope for this client.

Returns:

the OAuth scope

hasOAuthGrantType

protected boolean hasOAuthGrantType()

Whether the grant type must be added.

Returns:

Whether the grant type must be added

retrieveRedirectAction

protected RedirectAction retrieveRedirectAction(WebContext context)
                                         throws HttpAction

Description copied from class: IndirectClient

Retrieve the redirect action.

Specified by:

retrieveRedirectAction in class IndirectClient<OAuthCredentials,U extends OAuth20Profile>

Parameters:

context - the web context

Returns:

the redirection action

Throws:

HttpAction - requires a specific HTTP action if necessary

retrieveAuthorizationUrl

protected abstract String retrieveAuthorizationUrl(WebContext context)
                                            throws HttpAction

Retrieve the authorization url to redirect to the OAuth provider.

Parameters:

context - the web context

Returns:

the authorization url

Throws:

HttpAction - whether an additional HTTP action is required

retrieveCredentials

protected OAuthCredentials retrieveCredentials(WebContext context)
                                        throws HttpAction

Description copied from class: IndirectClient

Retrieve the credentials.

Specified by:

retrieveCredentials in class IndirectClient<OAuthCredentials,U extends OAuth20Profile>

Parameters:

context - the web context

Returns:

the credentials

Throws:

HttpAction - whether an additional HTTP action is required

hasBeenCancelled

protected boolean hasBeenCancelled(WebContext context)

Return if the authentication has been cancelled.

Parameters:

context - the web context.

Returns:

if the authentication has been cancelled.

getOAuthCredentials

protected abstract OAuthCredentials getOAuthCredentials(WebContext context)
                                                 throws HttpAction

Get the OAuth credentials from the web context.

Parameters:

context - the web context

Returns:

the OAuth credentials

Throws:

HttpAction - whether an additional HTTP action is required

retrieveUserProfile

protected U retrieveUserProfile(OAuthCredentials credentials,
                                WebContext context)
                         throws HttpAction

Description copied from class: BaseClient

Retrieve a user userprofile.

Specified by:

retrieveUserProfile in class BaseClient<OAuthCredentials,U extends OAuth20Profile>

Parameters:

credentials - the credentials

context - the web context

Returns:

the user profile

Throws:

HttpAction - whether an additional HTTP action is required

getAccessToken

protected abstract T getAccessToken(OAuthCredentials credentials)
                             throws HttpAction

Get the access token from OAuth credentials.

Parameters:

credentials - credentials

Returns:

the access token

Throws:

HttpAction - whether an additional HTTP action is required

retrieveUserProfileFromToken

protected U retrieveUserProfileFromToken(T accessToken)
                                  throws HttpAction

Retrieve the user profile from the access token.

Parameters:

accessToken - the access token

Returns:

the user profile

Throws:

HttpAction - whether an additional HTTP action is required

getProfileUrl

protected abstract String getProfileUrl(T accessToken)

Retrieve the url of the profile of the authenticated user for the provider.

Parameters:

accessToken - only used when constructing dynamic urls from data in the token

Returns:

the url of the user profile given by the provider

sendRequestForData

protected String sendRequestForData(T accessToken,
                                    String dataUrl)

Make a request to get the data of the authenticated user for the provider.

Parameters:

accessToken - the access token

dataUrl - url of the data

Returns:

the user data response

signRequest

protected abstract void signRequest(T token,
                                    com.github.scribejava.core.model.OAuthRequest request)

createOAuthRequest

protected com.github.scribejava.core.model.OAuthRequest createOAuthRequest(String url)

Create an OAuth request.

Parameters:

url - the url to call

Returns:

the request

extractUserProfile

protected abstract U extractUserProfile(String body)
                                 throws HttpAction

Extract the user profile from the response (JSON, XML...) of the profile url.

Parameters:

body - the response body

Returns:

the user profile object

Throws:

HttpAction - whether an additional HTTP action is required

addAccessTokenToProfile

protected abstract void addAccessTokenToProfile(U profile,
                                                T accessToken)

Add the access token to the profile (as an attribute).

Parameters:

profile - the user profile

accessToken - the access token

setKey

public void setKey(String key)

setSecret

public void setSecret(String secret)

setConnectTimeout

public void setConnectTimeout(int connectTimeout)

setReadTimeout

public void setReadTimeout(int readTimeout)

getKey

public String getKey()

getSecret

public String getSecret()

getConnectTimeout

public int getConnectTimeout()

getReadTimeout

public int getReadTimeout()

isTokenAsHeader

public boolean isTokenAsHeader()

setTokenAsHeader

public void setTokenAsHeader(boolean tokenAsHeader)

getResponseType

public String getResponseType()

setResponseType

public void setResponseType(String responseType)