Package com.avoka.fc.core.security

Class OAuth2Authenticator

java.lang.Object
com.avoka.fc.core.security.OAuth2Authenticator
public class OAuth2Authenticator extends Object
Provides an oAuth2 authenticator client that can be used by a transact security Manager to authenticate against an oAuth2 provider like Google.

Note this class performs standard oAuth2 authentication. It does NOT get the user profile from the authentication provider.

Since:
4.1.0

  • Field Details

    • PARAMETER_AUTH_URI

      public static final String PARAMETER_AUTH_URI
      The Security Manager Parameter Name for Auth Uri
      See Also:

    • PARAMETER_CLIENT_ID

      public static final String PARAMETER_CLIENT_ID
      The Security Manager Parameter Name for Client Id
      See Also:

    • PARAMETER_CLIENT_SECRET

      public static final String PARAMETER_CLIENT_SECRET
      The Security Manager Parameter Name for Client Secret
      See Also:

    • PARAMETER_REDIRECT_URI

      public static final String PARAMETER_REDIRECT_URI
      The Security Manager Parameter Name for Redirect Uri
      See Also:

    • PARAMETER_SCOPE

      public static final String PARAMETER_SCOPE
      The Security Manager Parameter Name for Scope
      See Also:

    • PARAMETER_TOKEN_URI

      public static final String PARAMETER_TOKEN_URI
      The Security Manager Parameter Name for Token Uri
      See Also:

  • Constructor Details

    • OAuth2Authenticator

      public OAuth2Authenticator(jakarta.servlet.http.HttpServletRequest request)
      Create a OAuth2Authenticator from the given request, security manager.
      Parameters:
      request - - HttpServletRequest that contains the SAML Token (required)

    • OAuth2Authenticator

      public OAuth2Authenticator(jakarta.servlet.http.HttpServletRequest request, SecurityManager securityManager)
      Create a OAuth2Authenticator from the given request, security manager.
      Parameters:
      request - - HttpServletRequest that is calling the OAuth2Authenticator (required)
      securityManager - - The SecurityManager that is using the OAuth2Authenticator (required)

  • Method Details

    • hasRequestCode

      public boolean hasRequestCode()
      Returns true if the request has a "code" request parameter. When the SSO is initiated the request wont have a "code" request parameter. The request will be redirected to the oAuth2 login server where the user will authenticate. The oAuthLogin server will then redirect the browser back to the portal/secure/account/home.htm page with the code as a parameter like '/secure/account/home.htm?code=AKLDSFJASLKDJF123213SASDFLKJ234WERSDFTST'
      Returns:
      true if the request has a "code" request parameter.

    • getAccessToken

      public String getAccessToken()
      Performs the oAuth2 authentication. First redirects the browser to the oAuth2 providers auth url. Handles the return callback the gets the oAuth2 Access Token
      Returns:
      the String oAuth2 Access Token that is used to call the user profile information.

    • getAccessTokenEncoded

      public String getAccessTokenEncoded()
      Performs the oAuth2 authentication. First redirects the browser to the oAuth2 providers auth url. Handles the return callback the gets the oAuth2 Access Token
      Returns:
      the String oAuth2 Access Token that is used to call the user profile information.
      Since:
      5.0.0

    • getAccessTokenResponseJson

      public String getAccessTokenResponseJson()
      Returns the JSON response for the Access Token request. The getAccessTone() method executes the oAuth2 url steps. This is a Utility method that can be called after getAccessToken() method call to use other JSON attibutes.
      Returns:
      the String representation of oAuth2 Access Token response. Null value will be returned if Access Token hasn't been returned yet.
      Since:
      5.0.0

    • setAuthUri

      public void setAuthUri(String authUri)
      Sets the authUri String property
      Parameters:
      authUri - the String oAuth2 auth uri

    • setClientId

      public void setClientId(String clientId)
      Sets the clientId String property
      Parameters:
      clientId - the String oAuth2 client id

    • setClientSecret

      public void setClientSecret(String clientSecret)
      Sets the clientSecret String property
      Parameters:
      clientSecret - the String oAuth client secret

    • setRedirectUri

      public void setRedirectUri(String redirectUri)
      Sets the redirectUri String property
      Parameters:
      redirectUri - the String uri to redirect back to transaction manager secure page: /secure/account/home.htm

    • setScope

      public void setScope(String scope)
      Sets the scope String property
      Parameters:
      scope - the String oAuth scope property

    • setTokenUrl

      public void setTokenUrl(String tokenUri)
      Sets the tokenUri String property
      Parameters:
      tokenUri - the String uri for requesting the oAuth token