Class UserManagerOAuthServiceImpl
java.lang.Object
com.peterphi.usermanager.rest.impl.UserManagerOAuthServiceImpl
- All Implemented Interfaces:
UserManagerOAuthService
-
Field Summary
FieldsModifier and TypeFieldDescriptionbooleanbooleanorg.joda.time.PeriodFields inherited from interface com.peterphi.usermanager.rest.iface.oauth2server.UserManagerOAuthService
GRANT_TYPE_AUTHORIZATION_CODE, GRANT_TYPE_CLIENT_CREDENTIALS, GRANT_TYPE_PASSWORD, GRANT_TYPE_REFRESH_TOKEN, GRANT_TYPE_TOKEN_EXCHANGE -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptioncreateDelegatedAccessToken(String clientId, String secret, long validityPeriod, String refreshToken, String authorizationHeader) User Manager extension: given user info, return user recordjavax.ws.rs.core.Responsejavax.ws.rs.core.ResponsegetOIDCUserInfo(String bearerTokenHeader) javax.ws.rs.core.ResponsegetOIDCUserInfoPost(String bearerTokenHeader) getToken(String grantType, String code, String redirectUri, String clientId, String secret, String refreshToken, String username, String password, String subjectToken, String authorizationHeader) Exchange an access code, a refresh token or a username/password for a Token to be POSTed back
N.B.javax.ws.rs.core.ResponseuserMadeAuthDecision(String responseType, String clientId, String redirectUri, String state, String scope, String token, String decision)
-
Field Details
-
tokenRefreshInterval
@Inject(optional=true) public org.joda.time.Period tokenRefreshInterval -
autoGrantAccessToAllServices
@Inject(optional=true) public boolean autoGrantAccessToAllServices -
autoGrantAccessKeysToAccessAllServices
@Inject(optional=true) public boolean autoGrantAccessKeysToAccessAllServices
-
-
Constructor Details
-
UserManagerOAuthServiceImpl
public UserManagerOAuthServiceImpl()
-
-
Method Details
-
getAuth
public javax.ws.rs.core.Response getAuth(String responseType, String clientId, String redirectUri, String state, String scope) - Specified by:
getAuthin interfaceUserManagerOAuthService
-
userMadeAuthDecision
public javax.ws.rs.core.Response userMadeAuthDecision(String responseType, String clientId, String redirectUri, String state, String scope, String token, String decision) - Specified by:
userMadeAuthDecisionin interfaceUserManagerOAuthService
-
getToken
public String getToken(String grantType, String code, String redirectUri, String clientId, String secret, String refreshToken, String username, String password, String subjectToken, String authorizationHeader) Description copied from interface:UserManagerOAuthServiceExchange an access code, a refresh token or a username/password for a Token to be POSTed back
N.B. currently this impl is not fully compliant with RFC6749 because it cannot acceptclientIdandsecretusing BASIC Auth.
One approach here might be to add logic into the BASIC auth processor to treat as anonymous any BASIC auth request whose username is in the client ID format- Specified by:
getTokenin interfaceUserManagerOAuthService- Returns:
-
get
Description copied from interface:UserManagerOAuthServiceUser Manager extension: given user info, return user record- Specified by:
getin interfaceUserManagerOAuthServiceclientId- if specified, checks that the token is associated with this client (may be required in the future)- Returns:
-
getOIDCUserInfo
- Specified by:
getOIDCUserInfoin interfaceUserManagerOAuthService
-
getOIDCUserInfoPost
- Specified by:
getOIDCUserInfoPostin interfaceUserManagerOAuthService
-
createDelegatedAccessToken
public String createDelegatedAccessToken(String clientId, String secret, long validityPeriod, String refreshToken, String authorizationHeader) - Specified by:
createDelegatedAccessTokenin interfaceUserManagerOAuthService
-