nl.surfnet.coin.csa.interceptor
Class AuthorityScopeInterceptor

java.lang.Object
  org.springframework.web.servlet.handler.HandlerInterceptorAdapter
      nl.surfnet.coin.csa.interceptor.AuthorityScopeInterceptor

All Implemented Interfaces:

org.springframework.web.servlet.HandlerInterceptor

public class AuthorityScopeInterceptor
extends org.springframework.web.servlet.handler.HandlerInterceptorAdapter

Interceptor to de-scope the visibility CompoundServiceProvider objects for display See https ://wiki.surfnetlabs.nl/display/services/App-omschrijving

Field Summary

static String	OAUTH_CLIENT_SCOPE_ACTIONS The OAuth 2.0 scope used for actions-related requests.
static String	OAUTH_CLIENT_SCOPE_CROSS_IDP_SERVICES The OAuth 2.0 scope used for requests that provide an IDP-id themselves, without need to rely on user authorization.

Constructor Summary

AuthorityScopeInterceptor()

Method Summary

protected static boolean	containsRole(List<CoinAuthority.Authority> authorities, CoinAuthority.Authority... authority)
static boolean	isDistributionChannelAdmin()
void	postHandle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Object handler, org.springframework.web.servlet.ModelAndView modelAndView)
boolean	preHandle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Object handler)
protected void	scopeGeneralAuthCons(org.springframework.ui.ModelMap map, List<CoinAuthority.Authority> authorities, javax.servlet.http.HttpServletRequest request)
void	setExposeTokenCheckInCookie(boolean exposeTokenCheckInCookie)

Methods inherited from class org.springframework.web.servlet.handler.HandlerInterceptorAdapter

afterCompletion

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

OAUTH_CLIENT_SCOPE_ACTIONS

public static final String OAUTH_CLIENT_SCOPE_ACTIONS

The OAuth 2.0 scope used for actions-related requests.

See Also:

Constant Field Values

OAUTH_CLIENT_SCOPE_CROSS_IDP_SERVICES

public static final String OAUTH_CLIENT_SCOPE_CROSS_IDP_SERVICES

The OAuth 2.0 scope used for requests that provide an IDP-id themselves, without need to rely on user authorization.

See Also:

Constant Field Values

Constructor Detail

AuthorityScopeInterceptor

public AuthorityScopeInterceptor()

Method Detail

preHandle

public boolean preHandle(javax.servlet.http.HttpServletRequest request,
                         javax.servlet.http.HttpServletResponse response,
                         Object handler)
                  throws Exception

Specified by:

preHandle in interface org.springframework.web.servlet.HandlerInterceptor

Overrides:

preHandle in class org.springframework.web.servlet.handler.HandlerInterceptorAdapter

Throws:

Exception

postHandle

public void postHandle(javax.servlet.http.HttpServletRequest request,
                       javax.servlet.http.HttpServletResponse response,
                       Object handler,
                       org.springframework.web.servlet.ModelAndView modelAndView)
                throws Exception

Specified by:

postHandle in interface org.springframework.web.servlet.HandlerInterceptor

Overrides:

postHandle in class org.springframework.web.servlet.handler.HandlerInterceptorAdapter

Throws:

Exception

scopeGeneralAuthCons

protected void scopeGeneralAuthCons(org.springframework.ui.ModelMap map,
                                    List<CoinAuthority.Authority> authorities,
                                    javax.servlet.http.HttpServletRequest request)

containsRole

protected static boolean containsRole(List<CoinAuthority.Authority> authorities,
                                      CoinAuthority.Authority... authority)

isDistributionChannelAdmin

public static boolean isDistributionChannelAdmin()

setExposeTokenCheckInCookie

public void setExposeTokenCheckInCookie(boolean exposeTokenCheckInCookie)