org.surfnet.oaaas.auth

Class AbstractUserConsentHandler

java.lang.Object

org.surfnet.oaaas.auth.AbstractFilter

org.surfnet.oaaas.auth.AbstractUserConsentHandler

All Implemented Interfaces:

javax.servlet.Filter

Direct Known Subclasses:

NoopUserConsentHandler

public abstract class AbstractUserConsentHandler
extends AbstractFilter

Responsible for handling user consent.

Field Summary

Fields

Modifier and Type	Field and Description
static String	CLIENT Constant to get the Client when the control should be returned to the implementor
static String	GRANTED_SCOPES The constant that contains the scopes, set by concrete userConsentHandlers and consumed by the authorization endpoint.

Fields inherited from class org.surfnet.oaaas.auth.AbstractFilter

AUTH_STATE, RETURN_URI

Constructor Summary

Constructors

Constructor and Description
AbstractUserConsentHandler()

Method Summary

Methods

Modifier and Type	Method and Description
void	destroy()
void	doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
Client	getClient(javax.servlet.ServletRequest request) Get the Client from the request context to use in handling user consent
abstract void	handleUserConsent(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain, String authStateValue, String returnUri, Client client) Implement this method to perform the actual authentication.
void	init(javax.servlet.FilterConfig filterConfig)
protected void	setGrantedScopes(javax.servlet.ServletRequest request, String[] scopes) Set the granted scopes of the consent on the request.

Methods inherited from class org.surfnet.oaaas.auth.AbstractFilter

getAuthStateValue, getReturnUri, setAuthStateValue

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

GRANTED_SCOPES

public static final String GRANTED_SCOPES

The constant that contains the scopes, set by concrete userConsentHandlers and consumed by the authorization endpoint.

See Also:

Constant Field Values

CLIENT

public static final String CLIENT

Constant to get the Client when the control should be returned to the implementor

See Also:

Constant Field Values

Constructor Detail

AbstractUserConsentHandler

public AbstractUserConsentHandler()

Method Detail

getClient

public final Client getClient(javax.servlet.ServletRequest request)

Get the Client from the request context to use in handling user consent

Parameters:

request - the ServletRequest

Returns:

the Client which is asking for consent

doFilter

public final void doFilter(javax.servlet.ServletRequest request,
            javax.servlet.ServletResponse response,
            javax.servlet.FilterChain chain)
                    throws IOException,
                           javax.servlet.ServletException

Throws:

IOException

javax.servlet.ServletException

handleUserConsent

public abstract void handleUserConsent(javax.servlet.http.HttpServletRequest request,
                     javax.servlet.http.HttpServletResponse response,
                     javax.servlet.FilterChain chain,
                     String authStateValue,
                     String returnUri,
                     Client client)
                                throws IOException,
                                       javax.servlet.ServletException

Implement this method to perform the actual authentication. Use FormUserConsentHandler as an example. In general, the contract is:

assert that the user has granted consent. You can use the request and response for this. When not yet granted consent:

• use AbstractFilter.getAuthStateValue(javax.servlet.ServletRequest) to pass-around for user agent communication
• use AbstractFilter.getReturnUri(javax.servlet.ServletRequest) if you need to step out and return to the current location
• use getClient(javax.servlet.ServletRequest) for accessing the Client data

When consent granted:

• set the authState attribute, by calling AbstractFilter.setAuthStateValue(javax.servlet.ServletRequest, String)
• set the scopes (optional) the user has given consent for, by calling #setScopes
• call chain.doFilter(request, response) to let the flow continue..

Parameters:

request - the ServletRequest

response - the ServletResponse

chain - the original http servlet filter chain

authStateValue - the authState nonce to set back on the ServletRequest when done

returnUri - the startpoint of the chain if you want to return from a form or other (external) component

client - the Client wished to obtain an access token

Throws:

IOException

javax.servlet.ServletException

setGrantedScopes

protected final void setGrantedScopes(javax.servlet.ServletRequest request,
                    String[] scopes)

Set the granted scopes of the consent on the request. Note: this optional.

Parameters:

request - the original ServletRequest

scopes - the String[] scopes.

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Throws:

javax.servlet.ServletException

destroy

public void destroy()