Package org.springframework.security.oauth.examples.sparklr.mvc

Source Code of org.springframework.security.oauth.examples.sparklr.mvc.AccessConfirmationController

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
package org.springframework.security.oauth.examples.sparklr.mvc;

import java.security.Principal;
import java.util.LinkedHashMap;
import java.util.Map;

import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.approval.Approval;
import org.springframework.security.oauth2.provider.approval.Approval.ApprovalStatus;
import org.springframework.security.oauth2.provider.approval.ApprovalStore;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.SessionAttributes;
import org.springframework.web.servlet.ModelAndView;

/**
* Controller for retrieving the model for and displaying the confirmation page for access to a protected resource.
*
* @author Ryan Heaton
*/
@Controller
@SessionAttributes("authorizationRequest")
public class AccessConfirmationController {

  private ClientDetailsService clientDetailsService;

  private ApprovalStore approvalStore;

  @RequestMapping("/oauth/confirm_access")
  public ModelAndView getAccessConfirmation(Map<String, Object> model, Principal principal) throws Exception {
    AuthorizationRequest clientAuth = (AuthorizationRequest) model.remove("authorizationRequest");
    ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
    model.put("auth_request", clientAuth);
    model.put("client", client);
    Map<String, String> scopes = new LinkedHashMap<String, String>();
    for (String scope : clientAuth.getScope()) {
      scopes.put(OAuth2Utils.SCOPE_PREFIX + scope, "false");
    }
    for (Approval approval : approvalStore.getApprovals(principal.getName(), client.getClientId())) {
      if (clientAuth.getScope().contains(approval.getScope())) {
        scopes.put(OAuth2Utils.SCOPE_PREFIX + approval.getScope(),
            approval.getStatus() == ApprovalStatus.APPROVED ? "true" : "false");
      }
    }
    model.put("scopes", scopes);
    return new ModelAndView("access_confirmation", model);
  }

  @RequestMapping("/oauth/error")
  public String handleError(Map<String, Object> model) throws Exception {
    // We can add more stuff to the model here for JSP rendering. If the client was a machine then
    // the JSON will already have been rendered.
    model.put("message", "There was a problem with the OAuth2 protocol");
    return "oauth_error";
  }

  public void setClientDetailsService(ClientDetailsService clientDetailsService) {
    this.clientDetailsService = clientDetailsService;
  }

  public void setApprovalStore(ApprovalStore approvalStore) {
    this.approvalStore = approvalStore;
  }

}
TOP

Related Classes of org.springframework.security.oauth.examples.sparklr.mvc.AccessConfirmationController

  • org.springframework.security.oauth.examples.sparklr.config.WebMvcConfig
  • org.springframework.security.oauth.provider.ConsumerDetails
  • org.springframework.security.oauth.provider.token.OAuthProviderToken
  • org.springframework.security.oauth2.provider.AuthorizationRequest
  • org.springframework.security.oauth2.provider.ClientDetails
  • org.springframework.web.servlet.ModelAndView
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.