io.buji.oauth

Class OAuthFilter

java.lang.Object

org.apache.shiro.web.servlet.ServletContextSupport

org.apache.shiro.web.servlet.AbstractFilter

org.apache.shiro.web.servlet.NameableFilter

org.apache.shiro.web.servlet.OncePerRequestFilter

org.apache.shiro.web.servlet.AdviceFilter

org.apache.shiro.web.filter.PathMatchingFilter

org.apache.shiro.web.filter.AccessControlFilter

org.apache.shiro.web.filter.authc.AuthenticationFilter

org.apache.shiro.web.filter.authc.AuthenticatingFilter

io.buji.oauth.OAuthFilter

All Implemented Interfaces:

javax.servlet.Filter, org.apache.shiro.util.Nameable, org.apache.shiro.web.filter.PathConfigProcessor

public final class OAuthFilter
extends org.apache.shiro.web.filter.authc.AuthenticatingFilter

This filter retrieves OAuth credential after user authenticates at the OAuth provider to create an OAuthToken to finish the OAuth authentication process and retrieve the user profile.

Since:

1.0.0

Author:

Jerome Leleu

Field Summary

Fields inherited from class org.apache.shiro.web.filter.authc.AuthenticatingFilter

PERMISSIVE

Fields inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter

DEFAULT_SUCCESS_URL

Fields inherited from class org.apache.shiro.web.filter.AccessControlFilter

DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD

Fields inherited from class org.apache.shiro.web.filter.PathMatchingFilter

appliedPaths, pathMatcher

Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter

ALREADY_FILTERED_SUFFIX

Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter

filterConfig

Constructor Summary

Constructors

Constructor and Description
OAuthFilter()

Method Summary

Methods

Modifier and Type	Method and Description
protected org.apache.shiro.authc.AuthenticationToken	createToken(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response) The token created for this authentication is an OAuthToken containing the OAuth credential received after authentication at the OAuth provider.
protected boolean	isAccessAllowed(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, Object mappedValue) Returns false to always force authentication (user is never considered authenticated by this filter).
protected boolean	onAccessDenied(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response) Execute login by creating token and logging subject with this token.
protected boolean	onLoginFailure(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationException ae, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response) If login has failed, redirect user to the error page except if the user is already authenticated, in which case redirect to the default success url.
protected boolean	onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.subject.Subject subject, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response) If login has been successful, redirect user to the original protected url.
void	setFailureUrl(String failureUrl)
void	setProvider(org.scribe.up.provider.OAuthProvider provider)
void	setProvidersDefinition(org.scribe.up.provider.ProvidersDefinition providersDefinition)

Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticatingFilter

cleanup, createToken, createToken, executeLogin, getHost, isPermissive, isRememberMe

Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter

getSuccessUrl, issueSuccessRedirect, setSuccessUrl

Methods inherited from class org.apache.shiro.web.filter.AccessControlFilter

getLoginUrl, getSubject, isLoginRequest, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setLoginUrl

Methods inherited from class org.apache.shiro.web.filter.PathMatchingFilter

getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig

Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter

afterCompletion, doFilterInternal, executeChain, postHandle

Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter

doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter

Methods inherited from class org.apache.shiro.web.servlet.NameableFilter

getName, setName, toStringBuilder

Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter

destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig

Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport

getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

OAuthFilter

public OAuthFilter()

Method Detail

createToken

protected org.apache.shiro.authc.AuthenticationToken createToken(javax.servlet.ServletRequest request,
                                                     javax.servlet.ServletResponse response)
                                                          throws Exception

The token created for this authentication is an OAuthToken containing the OAuth credential received after authentication at the OAuth provider. These information are received on the callback url (on which the filter must be configured).

Specified by:

createToken in class org.apache.shiro.web.filter.authc.AuthenticatingFilter

Parameters:

request - the incoming request

response - the outgoing response

Throws:

Exception - if there is an error processing the request.

onAccessDenied

protected boolean onAccessDenied(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response)
                          throws Exception

Execute login by creating token and logging subject with this token.

Specified by:

onAccessDenied in class org.apache.shiro.web.filter.AccessControlFilter

Parameters:

request - the incoming request

response - the outgoing response

Throws:

Exception - if there is an error processing the request.

isAccessAllowed

protected boolean isAccessAllowed(javax.servlet.ServletRequest request,
                      javax.servlet.ServletResponse response,
                      Object mappedValue)

Returns false to always force authentication (user is never considered authenticated by this filter).

Overrides:

isAccessAllowed in class org.apache.shiro.web.filter.authc.AuthenticatingFilter

Parameters:

request - the incoming request

response - the outgoing response

mappedValue - the filter-specific config value mapped to this filter in the URL rules mappings.

Returns:

false

onLoginSuccess

protected boolean onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token,
                     org.apache.shiro.subject.Subject subject,
                     javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response)
                          throws Exception

If login has been successful, redirect user to the original protected url.

Overrides:

onLoginSuccess in class org.apache.shiro.web.filter.authc.AuthenticatingFilter

Parameters:

token - the token representing the current authentication

subject - the current authenticated subjet

request - the incoming request

response - the outgoing response

Throws:

Exception - if there is an error processing the request.

onLoginFailure

protected boolean onLoginFailure(org.apache.shiro.authc.AuthenticationToken token,
                     org.apache.shiro.authc.AuthenticationException ae,
                     javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response)

If login has failed, redirect user to the error page except if the user is already authenticated, in which case redirect to the default success url.

Overrides:

onLoginFailure in class org.apache.shiro.web.filter.authc.AuthenticatingFilter

Parameters:

token - the token representing the current authentication

ae - the current authentication exception

request - the incoming request

response - the outgoing response

setFailureUrl

public void setFailureUrl(String failureUrl)

setProvider

public void setProvider(org.scribe.up.provider.OAuthProvider provider)

setProvidersDefinition

public void setProvidersDefinition(org.scribe.up.provider.ProvidersDefinition providersDefinition)