Package org.springframework.social.connect.web

Class ConnectController

  • @Controller
@RequestMapping("/connect")
public class ConnectController
extends Object
    Generic UI controller for managing the account-to-service-provider connection flow.
    • GET /connect/{providerId} - Get a web page showing connection status to {providerId}.
    • POST /connect/{providerId} - Initiate an connection with {providerId}.
    • GET /connect/{providerId}?oauth_verifier||code - Receive {providerId} authorization callback and establish the connection.
    • DELETE /connect/{providerId} - Disconnect from {providerId}.
    Author:
    Keith Donald, Craig Walls, Roy Clarkson

    • Method Summary

      All Methods Instance Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      void addDisconnectInterceptor​(DisconnectInterceptor<?> interceptor)
      Adds a DisconnectInterceptor to receive callbacks during the disconnection process.
      void addInterceptor​(ConnectInterceptor<?> interceptor)
      Adds a ConnectInterceptor to receive callbacks during the connection process.
      org.springframework.web.servlet.view.RedirectView connect​(String providerId, org.springframework.web.context.request.NativeWebRequest request)
      Process a connect form submission by commencing the process of establishing a connection to the provider on behalf of the member.
      protected String connectedView​(String providerId)
      Returns the view name of a page to display for a provider when the user is connected to the provider.
      String connectionStatus​(String providerId, org.springframework.web.context.request.NativeWebRequest request, org.springframework.ui.Model model)
      Render the status of the connections to the service provider to the user as HTML in their web browser.
      String connectionStatus​(org.springframework.web.context.request.NativeWebRequest request, org.springframework.ui.Model model)
      Render the status of connections across all providers to the user as HTML in their web browser.
      protected org.springframework.web.servlet.view.RedirectView connectionStatusRedirect​(String providerId, org.springframework.web.context.request.NativeWebRequest request)
      Returns a RedirectView with the URL to redirect to after a connection is created or deleted.
      protected String connectView()
      Returns the view name of a general connection status page, typically displaying the user's connection status for all providers.
      protected String connectView​(String providerId)
      Returns the view name of a page to display for a provider when the user is not connected to the provider.
      org.springframework.web.servlet.view.RedirectView oauth1Callback​(String providerId, org.springframework.web.context.request.NativeWebRequest request)
      Process the authorization callback from an OAuth 1 service provider.
      org.springframework.web.servlet.view.RedirectView oauth2Callback​(String providerId, org.springframework.web.context.request.NativeWebRequest request)
      Process the authorization callback from an OAuth 2 service provider.
      org.springframework.web.servlet.view.RedirectView oauth2ErrorCallback​(String providerId, String error, String errorDescription, String errorUri, org.springframework.web.context.request.NativeWebRequest request)
      Process an error callback from an OAuth 2 authorization as described at http://tools.ietf.org/html/rfc6749#section-4.1.2.1.
      org.springframework.web.servlet.view.RedirectView removeConnection​(String providerId, String providerUserId, org.springframework.web.context.request.NativeWebRequest request)
      Remove a single provider connection associated with a user account.
      org.springframework.web.servlet.view.RedirectView removeConnections​(String providerId, org.springframework.web.context.request.NativeWebRequest request)
      Remove all provider connections for a user account.
      void setApplicationUrl​(String applicationUrl)
      Configures the base secure URL for the application this controller is being used in e.g.
      void setConnectInterceptors​(List<ConnectInterceptor<?>> interceptors)
      Configure the list of connect interceptors that should receive callbacks during the connection process.
      void setDisconnectInterceptors​(List<DisconnectInterceptor<?>> interceptors)
      Configure the list of discconnect interceptors that should receive callbacks when connections are removed.
      void setInterceptors​(List<ConnectInterceptor<?>> interceptors)
      Deprecated.
      Use setConnectInterceptors(List) instead.
      void setViewPath​(String viewPath)
      Sets the path to connection status views.

    • Constructor Detail

      • ConnectController

        @Inject
public ConnectController​(ConnectionFactoryLocator connectionFactoryLocator,
                         ConnectionRepository connectionRepository)
        Constructs a ConnectController.
        Parameters:
        connectionFactoryLocator - the locator for ConnectionFactory instances needed to establish connections
        connectionRepository - the current user's ConnectionRepository needed to persist connections; must be a proxy to a request-scoped bean

    • Method Detail

      • setInterceptors

        @Deprecated
public void setInterceptors​(List<ConnectInterceptor<?>> interceptors)
        Deprecated.
        Use setConnectInterceptors(List) instead.
        Configure the list of connect interceptors that should receive callbacks during the connection process. Convenient when an instance of this class is configured using a tool that supports JavaBeans-based configuration.
        Parameters:
        interceptors - the connect interceptors to add

      • setConnectInterceptors

        public void setConnectInterceptors​(List<ConnectInterceptor<?>> interceptors)
        Configure the list of connect interceptors that should receive callbacks during the connection process. Convenient when an instance of this class is configured using a tool that supports JavaBeans-based configuration.
        Parameters:
        interceptors - the connect interceptors to add

      • setDisconnectInterceptors

        public void setDisconnectInterceptors​(List<DisconnectInterceptor<?>> interceptors)
        Configure the list of discconnect interceptors that should receive callbacks when connections are removed. Convenient when an instance of this class is configured using a tool that supports JavaBeans-based configuration.
        Parameters:
        interceptors - the connect interceptors to add

      • setApplicationUrl

        public void setApplicationUrl​(String applicationUrl)
        Configures the base secure URL for the application this controller is being used in e.g. https://myapp.com. Defaults to null. If specified, will be used to generate OAuth callback URLs. If not specified, OAuth callback URLs are generated from web request info. You may wish to set this property if requests into your application flow through a proxy to your application server. In this case, the request URI may contain a scheme, host, and/or port value that points to an internal server not appropriate for an external callback URL. If you have this problem, you can set this property to the base external URL for your application and it will be used to construct the callback URL instead.
        Parameters:
        applicationUrl - the application URL value

      • setViewPath

        public void setViewPath​(String viewPath)
        Sets the path to connection status views. Prepended to provider-specific views (e.g., "connect/facebookConnected") to create the complete view name. Defaults to "connect/".
        Parameters:
        viewPath - The path to connection status views.

      • addInterceptor

        public void addInterceptor​(ConnectInterceptor<?> interceptor)
        Adds a ConnectInterceptor to receive callbacks during the connection process. Useful for programmatic configuration.
        Parameters:
        interceptor - the connect interceptor to add

      • addDisconnectInterceptor

        public void addDisconnectInterceptor​(DisconnectInterceptor<?> interceptor)
        Adds a DisconnectInterceptor to receive callbacks during the disconnection process. Useful for programmatic configuration.
        Parameters:
        interceptor - the connect interceptor to add

      • connectionStatus

        @RequestMapping(method=GET)
public String connectionStatus​(org.springframework.web.context.request.NativeWebRequest request,
                               org.springframework.ui.Model model)
        Render the status of connections across all providers to the user as HTML in their web browser.
        Parameters:
        request - NativeWebRequest
        model - Model
        Returns:
        Status

      • connectionStatus

        @RequestMapping(value="/{providerId}",
                method=GET)
public String connectionStatus​(@PathVariable
                               String providerId,
                               org.springframework.web.context.request.NativeWebRequest request,
                               org.springframework.ui.Model model)
        Render the status of the connections to the service provider to the user as HTML in their web browser.
        Parameters:
        providerId - Provider Id
        request - NativeWebRequest
        model - Model
        Returns:
        Status

      • connect

        @RequestMapping(value="/{providerId}",
                method=POST)
public org.springframework.web.servlet.view.RedirectView connect​(@PathVariable
                                                                 String providerId,
                                                                 org.springframework.web.context.request.NativeWebRequest request)
        Process a connect form submission by commencing the process of establishing a connection to the provider on behalf of the member. For OAuth1, fetches a new request token from the provider, temporarily stores it in the session, then redirects the member to the provider's site for authorization. For OAuth2, redirects the user to the provider's site for authorization.
        Parameters:
        providerId - Provider Id
        request - NativeWebRequest
        Returns:
        RedirectView

      • oauth1Callback

        @RequestMapping(value="/{providerId}",
                method=GET,
                params="oauth_token")
public org.springframework.web.servlet.view.RedirectView oauth1Callback​(@PathVariable
                                                                        String providerId,
                                                                        org.springframework.web.context.request.NativeWebRequest request)
        Process the authorization callback from an OAuth 1 service provider. Called after the user authorizes the connection, generally done by having he or she click "Allow" in their web browser at the provider's site. On authorization verification, connects the user's local account to the account they hold at the service provider Removes the request token from the session since it is no longer valid after the connection is established.
        Parameters:
        providerId - Provider Id
        request - NativeWebRequest
        Returns:
        RedirectView

      • oauth2Callback

        @RequestMapping(value="/{providerId}",
                method=GET,
                params="code")
public org.springframework.web.servlet.view.RedirectView oauth2Callback​(@PathVariable
                                                                        String providerId,
                                                                        org.springframework.web.context.request.NativeWebRequest request)
        Process the authorization callback from an OAuth 2 service provider. Called after the user authorizes the connection, generally done by having he or she click "Allow" in their web browser at the provider's site. On authorization verification, connects the user's local account to the account they hold at the service provider.
        Parameters:
        providerId - Provider Id
        request - NativeWebRequest
        Returns:
        RedirectView

      • oauth2ErrorCallback

        @RequestMapping(value="/{providerId}",
                method=GET,
                params="error")
public org.springframework.web.servlet.view.RedirectView oauth2ErrorCallback​(@PathVariable
                                                                             String providerId,
                                                                             @RequestParam("error")
                                                                             String error,
                                                                             @RequestParam(value="error_description",required=false)
                                                                             String errorDescription,
                                                                             @RequestParam(value="error_uri",required=false)
                                                                             String errorUri,
                                                                             org.springframework.web.context.request.NativeWebRequest request)
        Process an error callback from an OAuth 2 authorization as described at http://tools.ietf.org/html/rfc6749#section-4.1.2.1. Called after upon redirect from an OAuth 2 provider when there is some sort of error during authorization, typically because the user denied authorization.
        Parameters:
        providerId - Provider ID
        error - Error
        errorDescription - Error Description
        errorUri - Error URI
        request - NativeWebRequest
        Returns:
        RedirectView

      • removeConnections

        @RequestMapping(value="/{providerId}",
                method=DELETE)
public org.springframework.web.servlet.view.RedirectView removeConnections​(@PathVariable
                                                                           String providerId,
                                                                           org.springframework.web.context.request.NativeWebRequest request)
        Remove all provider connections for a user account. The user has decided they no longer wish to use the service provider from this application. Note: requires HiddenHttpMethodFilter to be registered with the '_method' request parameter set to 'DELETE' to convert web browser POSTs to DELETE requests.
        Parameters:
        providerId - Provider Id
        request - NativeWebRequest
        Returns:
        RedirectView

      • removeConnection

        @RequestMapping(value="/{providerId}/{providerUserId}",
                method=DELETE)
public org.springframework.web.servlet.view.RedirectView removeConnection​(@PathVariable
                                                                          String providerId,
                                                                          @PathVariable
                                                                          String providerUserId,
                                                                          org.springframework.web.context.request.NativeWebRequest request)
        Remove a single provider connection associated with a user account. The user has decided they no longer wish to use the service provider account from this application. Note: requires HiddenHttpMethodFilter to be registered with the '_method' request parameter set to 'DELETE' to convert web browser POSTs to DELETE requests.
        Parameters:
        providerId - Provider Id
        providerUserId - Provider User Id
        request - NativeWebRequest
        Returns:
        RedirectView

      • connectView

        protected String connectView()
        Returns the view name of a general connection status page, typically displaying the user's connection status for all providers. Defaults to "/connect/status". May be overridden to return a custom view name.
        Returns:
        String

      • connectView

        protected String connectView​(String providerId)
        Returns the view name of a page to display for a provider when the user is not connected to the provider. Typically this page would offer the user an opportunity to create a connection with the provider. Defaults to "connect/{providerId}Connect". May be overridden to return a custom view name.
        Parameters:
        providerId - the ID of the provider to display the connection status for.
        Returns:
        String

      • connectedView

        protected String connectedView​(String providerId)
        Returns the view name of a page to display for a provider when the user is connected to the provider. Typically this page would allow the user to disconnect from the provider. Defaults to "connect/{providerId}Connected". May be overridden to return a custom view name.
        Parameters:
        providerId - the ID of the provider to display the connection status for.
        Returns:
        String

      • connectionStatusRedirect

        protected org.springframework.web.servlet.view.RedirectView connectionStatusRedirect​(String providerId,
                                                                                     org.springframework.web.context.request.NativeWebRequest request)
        Returns a RedirectView with the URL to redirect to after a connection is created or deleted. Defaults to "/connect/{providerId}" relative to DispatcherServlet's path. May be overridden to handle custom redirection needs.
        Parameters:
        providerId - the ID of the provider for which a connection was created or deleted.
        request - the NativeWebRequest used to access the servlet path when constructing the redirect path.
        Returns:
        RedirectView