io.buji.oauth
Class OAuthFilter
java.lang.Object
org.apache.shiro.web.servlet.ServletContextSupport
org.apache.shiro.web.servlet.AbstractFilter
org.apache.shiro.web.servlet.NameableFilter
org.apache.shiro.web.servlet.OncePerRequestFilter
org.apache.shiro.web.servlet.AdviceFilter
org.apache.shiro.web.filter.PathMatchingFilter
org.apache.shiro.web.filter.AccessControlFilter
org.apache.shiro.web.filter.authc.AuthenticationFilter
org.apache.shiro.web.filter.authc.AuthenticatingFilter
io.buji.oauth.OAuthFilter
- All Implemented Interfaces:
- javax.servlet.Filter, org.apache.shiro.util.Nameable, org.apache.shiro.web.filter.PathConfigProcessor
public final class OAuthFilter
- extends org.apache.shiro.web.filter.authc.AuthenticatingFilter
This filter retrieves OAuth credential after user authenticates at the OAuth provider to create an OAuthToken to finish the OAuth
authentication process and retrieve the user profile.
- Since:
- 1.0.0
- Author:
- Jerome Leleu
| Fields inherited from class org.apache.shiro.web.filter.authc.AuthenticatingFilter |
PERMISSIVE |
| Fields inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter |
DEFAULT_SUCCESS_URL |
| Fields inherited from class org.apache.shiro.web.filter.AccessControlFilter |
DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD |
| Fields inherited from class org.apache.shiro.web.filter.PathMatchingFilter |
appliedPaths, pathMatcher |
| Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter |
ALREADY_FILTERED_SUFFIX |
| Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter |
filterConfig |
|
Method Summary |
protected org.apache.shiro.authc.AuthenticationToken |
createToken(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
The token created for this authentication is an OAuthToken containing the OAuth credential received after authentication at the OAuth
provider. |
protected boolean |
isAccessAllowed(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
Object mappedValue)
Returns false to always force authentication (user is never considered authenticated by this filter). |
protected boolean |
onAccessDenied(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
Execute login by creating token and logging subject
with this token. |
protected boolean |
onLoginFailure(org.apache.shiro.authc.AuthenticationToken token,
org.apache.shiro.authc.AuthenticationException ae,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
If login has failed, redirect user to the error page except if the user is already authenticated, in which case redirect to the
default success url. |
protected boolean |
onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token,
org.apache.shiro.subject.Subject subject,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
If login has been successful, redirect user to the original protected url. |
void |
setFailureUrl(String failureUrl)
|
void |
setProvider(org.scribe.up.provider.OAuthProvider provider)
|
| Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticatingFilter |
cleanup, createToken, createToken, executeLogin, getHost, isPermissive, isRememberMe |
| Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter |
getSuccessUrl, issueSuccessRedirect, setSuccessUrl |
| Methods inherited from class org.apache.shiro.web.filter.AccessControlFilter |
getLoginUrl, getSubject, isLoginRequest, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setLoginUrl |
| Methods inherited from class org.apache.shiro.web.filter.PathMatchingFilter |
getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig |
| Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter |
afterCompletion, doFilterInternal, executeChain, postHandle |
| Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter |
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter |
| Methods inherited from class org.apache.shiro.web.servlet.NameableFilter |
getName, setName, toStringBuilder |
| Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter |
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig |
| Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport |
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString |
OAuthFilter
public OAuthFilter()
createToken
protected org.apache.shiro.authc.AuthenticationToken createToken(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
throws Exception
- The token created for this authentication is an OAuthToken containing the OAuth credential received after authentication at the OAuth
provider. These information are received on the callback url (on which the filter must be configured).
- Specified by:
createToken in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- Parameters:
request - the incoming requestresponse - the outgoing response
- Throws:
Exception - if there is an error processing the request.
onAccessDenied
protected boolean onAccessDenied(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
throws Exception
- Execute login by creating
token and logging subject
with this token.
- Specified by:
onAccessDenied in class org.apache.shiro.web.filter.AccessControlFilter
- Parameters:
request - the incoming requestresponse - the outgoing response
- Throws:
Exception - if there is an error processing the request.
isAccessAllowed
protected boolean isAccessAllowed(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
Object mappedValue)
- Returns
false to always force authentication (user is never considered authenticated by this filter).
- Overrides:
isAccessAllowed in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- Parameters:
request - the incoming requestresponse - the outgoing responsemappedValue - the filter-specific config value mapped to this filter in the URL rules mappings.
- Returns:
false
onLoginSuccess
protected boolean onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token,
org.apache.shiro.subject.Subject subject,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
throws Exception
- If login has been successful, redirect user to the original protected url.
- Overrides:
onLoginSuccess in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- Parameters:
token - the token representing the current authenticationsubject - the current authenticated subjetrequest - the incoming requestresponse - the outgoing response
- Throws:
Exception - if there is an error processing the request.
onLoginFailure
protected boolean onLoginFailure(org.apache.shiro.authc.AuthenticationToken token,
org.apache.shiro.authc.AuthenticationException ae,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
- If login has failed, redirect user to the error page except if the user is already authenticated, in which case redirect to the
default success url.
- Overrides:
onLoginFailure in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- Parameters:
token - the token representing the current authenticationae - the current authentication exceptionrequest - the incoming requestresponse - the outgoing response
setFailureUrl
public void setFailureUrl(String failureUrl)
setProvider
public void setProvider(org.scribe.up.provider.OAuthProvider provider)
Copyright © 2012. All Rights Reserved.