Package com.peterphi.std.guice.web.rest.auth.oauth2

Class OAuth2SessionRef

java.lang.Object
com.peterphi.std.guice.web.rest.auth.oauth2.OAuth2SessionRef
public class OAuth2SessionRef extends Object
Holds the OAuth2 callback information for this session; will start unpopulated (see isValid()) and then be populated once the OAuth2 callback completes. It will switch back to unpopulated when the OAuth2 session expires.

While populated the session ref can be used to query for the currently active token assigned by the server, as well as querying side-channel information on the user associated with that token (when the OAuth2 provider is the User Manager)

  • Field Details

    • authService

      public final UserManagerOAuthService authService

    • oauthServiceEndpoint

      public final String oauthServiceEndpoint

    • oauthServiceRedirectEndpoint

      @Inject(optional=true) public String oauthServiceRedirectEndpoint

    • oauthSelfEndpoint

      @Inject(optional=true) public String oauthSelfEndpoint

    • tokenRefreshPriorToExpire

      @Inject(optional=true) public org.joda.time.Period tokenRefreshPriorToExpire

    • delegatedTokenValidityPeriod

      @Inject(optional=true) public Timeout delegatedTokenValidityPeriod

    • delegatedTokenRefreshPeriod

      @Inject(optional=true) public Timeout delegatedTokenRefreshPeriod

    • allowDelegatedTokenGeneration

      @Inject(optional=true) public boolean allowDelegatedTokenGeneration

    • clientId

      public final String clientId

  • Constructor Details

  • Method Details

    • hasBeenInitialised

      public boolean hasBeenInitialised()

    • initialiseFromAPIToken

      public void initialiseFromAPIToken(String token)
      Initialise this session reference by exchanging an API token for an access_token and refresh_token
      Parameters:
      token -

    • isValid

      public boolean isValid()

    • getOwnCallbackUri

      public URI getOwnCallbackUri()
      Return the URI for this service's callback resource
      Returns:

    • getAuthFlowStartEndpoint

      public URI getAuthFlowStartEndpoint(String returnTo, String scope)
      Get the endpoint to redirect a client to in order to start an OAuth2 Authorisation Flow
      Parameters:
      returnTo - The URI to redirect the user back to once the authorisation flow completes successfully. If not specified then the user will be directed to the root of this webapp.
      Returns:

    • getRedirectToFromState

      public URI getRedirectToFromState(String state)
      Decode the state to retrieve the redirectTo value
      Parameters:
      state -
      Returns:

    • getRedirectToFromStateIgnoringNonce

      public static URI getRedirectToFromStateIgnoringNonce(String state)
      Gets the URI the user should GET for the redirect. N.B. fails on anything other than GET.
      Parameters:
      state -
      Returns:

    • shouldRefresh

      public boolean shouldRefresh()

    • getToken

      public String getToken()

    • refreshToken

      public void refreshToken()
      Use the refresh token to get a new token with a longer lifespan

    • loadAuthResponse

      protected void loadAuthResponse(String responseStr)

    • refreshUserInfo

      public void refreshUserInfo()

    • getUserInfo

      public UserManagerUser getUserInfo()

    • load

      public void load(OAuth2TokenResponse response)

    • getOrCreateDelegatedToken

      public String getOrCreateDelegatedToken()