com.sun.jersey.oauth.server.api.providers
Class DefaultOAuthProvider

java.lang.Object
  extended by com.sun.jersey.oauth.server.api.providers.DefaultOAuthProvider
All Implemented Interfaces:
OAuthProvider

public class DefaultOAuthProvider
extends Object
implements OAuthProvider

Default in-memory implementation of OAuthProvider. Stores consumers and tokens in static hash maps. Provides some additional helper methods for consumer and token management (registering new consumers, retrieving a list of all registered consumers per owner, listing the authorized tokens per principal, revoking tokesn, etc.)

Author:
Martin Matula

Nested Class Summary
static class DefaultOAuthProvider.Consumer
          Simple read-only implementation of OAuthConsumer.
 class DefaultOAuthProvider.Token
          Simple immutable implementation of OAuthToken.
 
Constructor Summary
DefaultOAuthProvider()
           
 
Method Summary
 String authorizeToken(DefaultOAuthProvider.Token token, Principal userPrincipal, Set<String> roles)
          Authorizes a request token for given principal and roles and returns verifier.
 OAuthToken getAccessToken(String token)
          Returns the access token by the consumer key and token value.
 Set<DefaultOAuthProvider.Token> getAccessTokens(String principalName)
          Returns a list of access tokens authorized with the supplied principal name.
 DefaultOAuthProvider.Consumer getConsumer(String consumerKey)
          Gets consumer corresponding to a given consumer key.
 Set<DefaultOAuthProvider.Consumer> getConsumers(String owner)
          Returns a set of consumers registered by a given owner.
 DefaultOAuthProvider.Token getRequestToken(String token)
          Returns the request token by the consumer key and token value.
 OAuthToken newAccessToken(OAuthToken requestToken, String verifier)
          Creates a new access token.
protected static MultivaluedMap<String,String> newImmutableMultiMap(Map<String,List<String>> source)
           
 OAuthToken newRequestToken(String consumerKey, String callbackUrl, Map<String,List<String>> attributes)
          Creates a new request token for a given consumerKey.
protected  String newUUIDString()
          Geneerates a new non-guessable random string (used for token/customer strings, secrets and verifier.
 DefaultOAuthProvider.Consumer registerConsumer(String owner, MultivaluedMap<String,String> attributes)
          Registers a new consumer.
 void revokeAccessToken(String token, String principalName)
          Checks if the supplied token is authorized for a given principal name and if so, revokes the authorization.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DefaultOAuthProvider

public DefaultOAuthProvider()
Method Detail

getConsumer

public DefaultOAuthProvider.Consumer getConsumer(String consumerKey)
Description copied from interface: OAuthProvider
Gets consumer corresponding to a given consumer key.

Specified by:
getConsumer in interface OAuthProvider
Parameters:
consumerKey - consumer key
Returns:
corresponding consumer secret or null if no consumer with the given key is known

registerConsumer

public DefaultOAuthProvider.Consumer registerConsumer(String owner,
                                                      MultivaluedMap<String,String> attributes)
Registers a new consumer.

Parameters:
owner - Identifier of the owner that registers the consumer (user ID or similar).
attributes - Additional attributes (name-values pairs - to store additional information about the consumer, such as name, URI, description, etc.)
Returns:
Consumer object for the newly registered consumer.

getConsumers

public Set<DefaultOAuthProvider.Consumer> getConsumers(String owner)
Returns a set of consumers registered by a given owner.

Parameters:
owner - Identifier of the owner that registered the consumers to be retrieved.
Returns:
consumers registered by the owner.

getAccessTokens

public Set<DefaultOAuthProvider.Token> getAccessTokens(String principalName)
Returns a list of access tokens authorized with the supplied principal name.

Parameters:
principalName - Principal name for which to retrieve the authorized tokens.
Returns:
authorized access tokens.

authorizeToken

public String authorizeToken(DefaultOAuthProvider.Token token,
                             Principal userPrincipal,
                             Set<String> roles)
Authorizes a request token for given principal and roles and returns verifier.

Parameters:
token - Request token to authorize.
userPrincipal - User principal to authorize the token for.
roles - Set of roles to authorize the token for.
Returns:
OAuth verifier value for exchanging this token for an access token.

revokeAccessToken

public void revokeAccessToken(String token,
                              String principalName)
Checks if the supplied token is authorized for a given principal name and if so, revokes the authorization.

Parameters:
token - Access token to revoke the authorization for.
principalName - Principal name the token is currently authorized for.

newUUIDString

protected String newUUIDString()
Geneerates a new non-guessable random string (used for token/customer strings, secrets and verifier.

Returns:
Random UUID string.

getRequestToken

public DefaultOAuthProvider.Token getRequestToken(String token)
Description copied from interface: OAuthProvider
Returns the request token by the consumer key and token value.

Specified by:
getRequestToken in interface OAuthProvider
Parameters:
token - request token value
Returns:
request token or null if no such token corresponding to a given consumer key is found

newRequestToken

public OAuthToken newRequestToken(String consumerKey,
                                  String callbackUrl,
                                  Map<String,List<String>> attributes)
Description copied from interface: OAuthProvider
Creates a new request token for a given consumerKey.

Specified by:
newRequestToken in interface OAuthProvider
Parameters:
consumerKey - consumer key to create a request token for
callbackUrl - callback url for this request token request
attributes - additional service provider-specific parameters (this can be used to indicate what level of access is requested - i.e. readonly, or r/w, etc.)
Returns:
new request token

newAccessToken

public OAuthToken newAccessToken(OAuthToken requestToken,
                                 String verifier)
Description copied from interface: OAuthProvider
Creates a new access token. This method must validate the passed arguments and return null if any of them is invalid.

Specified by:
newAccessToken in interface OAuthProvider
Parameters:
requestToken - authorized request token
verifier - verifier passed to the callback after authorization
Returns:
new access token or null if the arguments are invalid (e.g. there is no such request token as in the argument, or the verifier does not match)

getAccessToken

public OAuthToken getAccessToken(String token)
Description copied from interface: OAuthProvider
Returns the access token by the consumer key and token value.

Specified by:
getAccessToken in interface OAuthProvider
Parameters:
token - access token value
Returns:
access token or null if no such found

newImmutableMultiMap

protected static MultivaluedMap<String,String> newImmutableMultiMap(Map<String,List<String>> source)


Copyright © 2013 Oracle Corporation. All Rights Reserved.