Package com.avoka.fc.core.security

Class OAuth2Authenticator

  • public class OAuth2Authenticator
extends Object
    Provides an oAuth2 authenticator client that can be used by a transact security Manager to authenticate against an oAuth2 provider like Google.

    Note this class performs standard oAuth2 authentication. It does NOT get the user profile from the authentication provider.

    Since:
    4.1.0

    • Field Detail

      • PARAMETER_AUTH_URI

        public static final String PARAMETER_AUTH_URI
        The Security Manager Parameter Name for Auth Uri
        See Also:
        Constant Field Values

      • PARAMETER_CLIENT_ID

        public static final String PARAMETER_CLIENT_ID
        The Security Manager Parameter Name for Client Id
        See Also:
        Constant Field Values

      • PARAMETER_CLIENT_SECRET

        public static final String PARAMETER_CLIENT_SECRET
        The Security Manager Parameter Name for Client Secret
        See Also:
        Constant Field Values

      • PARAMETER_REDIRECT_URI

        public static final String PARAMETER_REDIRECT_URI
        The Security Manager Parameter Name for Redirect Uri
        See Also:
        Constant Field Values

      • PARAMETER_SCOPE

        public static final String PARAMETER_SCOPE
        The Security Manager Parameter Name for Scope
        See Also:
        Constant Field Values

      • PARAMETER_TOKEN_URI

        public static final String PARAMETER_TOKEN_URI
        The Security Manager Parameter Name for Token Uri
        See Also:
        Constant Field Values

    • Constructor Detail

      • OAuth2Authenticator

        public OAuth2Authenticator​(HttpServletRequest request)
        Create a OAuth2Authenticator from the given request, security manager.
        Parameters:
        request - - HttpServletRequest that contains the SAML Token (required)

      • OAuth2Authenticator

        public OAuth2Authenticator​(HttpServletRequest request,
                           SecurityManager securityManager)
        Create a OAuth2Authenticator from the given request, security manager.
        Parameters:
        request - - HttpServletRequest that is calling the OAuth2Authenticator (required)
        securityManager - - The SecurityManager that is using the OAuth2Authenticator (required)

    • Method Detail

      • hasRequestCode

        public boolean hasRequestCode()
        Returns true if the request has a "code" request parameter. When the SSO is initiated the request wont have a "code" request parameter. The request will be redirected to the oAuth2 login server where the user will authenticate. The oAuthLogin server will then redirect the browser back to the portal/secure/account/home.htm page with the code as a parameter like '/secure/account/home.htm?code=AKLDSFJASLKDJF123213SASDFLKJ234WERSDFTST'
        Returns:
        true if the request has a "code" request parameter.

      • getAccessToken

        public String getAccessToken()
        Performs the oAuth2 authentication. First redirects the browser to the oAuth2 providers auth url. Handles the return callback the gets the oAuth2 Access Token
        Returns:
        the String oAuth2 Access Token that is used to call the user profile information.

      • getAccessTokenEncoded

        public String getAccessTokenEncoded()
        Performs the oAuth2 authentication. First redirects the browser to the oAuth2 providers auth url. Handles the return callback the gets the oAuth2 Access Token
        Returns:
        the String oAuth2 Access Token that is used to call the user profile information.
        Since:
        5.0.0

      • getAccessTokenResponseJson

        public String getAccessTokenResponseJson()
        Returns the JSON response for the Access Token request. The getAccessTone() method executes the oAuth2 url steps. This is a Utility method that can be called after getAccessToken() method call to use other JSON attibutes.
        Returns:
        the String representation of oAuth2 Access Token response. Null value will be returned if Access Token hasn't been returned yet.
        Since:
        5.0.0

      • setAuthUri

        public void setAuthUri​(String authUri)
        Sets the authUri String property
        Parameters:
        authUri - the String oAuth2 auth uri

      • setClientId

        public void setClientId​(String clientId)
        Sets the clientId String property
        Parameters:
        clientId - the String oAuth2 client id

      • setClientSecret

        public void setClientSecret​(String clientSecret)
        Sets the clientSecret String property
        Parameters:
        clientSecret - the String oAuth client secret

      • setRedirectUri

        public void setRedirectUri​(String redirectUri)
        Sets the redirectUri String property
        Parameters:
        redirectUri - the String uri to redirect back to transaction manager secure page: /secure/account/home.htm

      • setScope

        public void setScope​(String scope)
        Sets the scope String property
        Parameters:
        scope - the String oAuth scope property

      • setTokenUrl

        public void setTokenUrl​(String tokenUri)
        Sets the tokenUri String property
        Parameters:
        tokenUri - the String uri for requesting the oAuth token