Package org.nuxeo.ecm.platform.oauth2.openid

Class OpenIDConnectProvider

java.lang.Object

org.nuxeo.ecm.platform.oauth2.openid.OpenIDConnectProvider

All Implemented Interfaces:

LoginProviderLinkComputer

public class OpenIDConnectProvider
extends Object
implements LoginProviderLinkComputer

Class that holds info about an OpenID provider, this includes an OAuth Provider as well as urls and icons

Author:

Nelson Silva, Tiry

Field Summary

Fields

Modifier and Type	Field	Description
protected String	authenticationMethod
protected static Log	log
protected RedirectUriResolver	redirectUriResolver
protected String	userMapper
protected UserResolver	userResolver

Constructor Summary

Constructors

Constructor	Description
OpenIDConnectProvider(OAuth2ServiceProvider oauth2Provider, String accessTokenKey, String userInfoURL, Class<? extends OpenIDUserInfo> openIdUserInfoClass, String icon, boolean enabled, RedirectUriResolver redirectUriResolver, Class<? extends UserResolver> userResolverClass, String userMapper)	Deprecated. since 11.1, use OpenIDConnectProvider(OAuth2ServiceProvider, String, String, Class, String, boolean, RedirectUriResolver, Class, String, String)
OpenIDConnectProvider(OAuth2ServiceProvider oauth2Provider, String accessTokenKey, String userInfoURL, Class<? extends OpenIDUserInfo> openIdUserInfoClass, String icon, boolean enabled, RedirectUriResolver redirectUriResolver, Class<? extends UserResolver> userResolverClass, String userMapper, String authenticationMethod)

Method Summary

Modifier and Type	Method	Description
String	computeUrl(javax.servlet.http.HttpServletRequest req, String requestedUrl)	Compute Url that should be used to login via this login provider.
String	createStateToken(javax.servlet.http.HttpServletRequest request)	Create a state token to prevent request forgery.
String	getAccessToken(javax.servlet.http.HttpServletRequest req, String code)
String	getAuthenticationUrl(javax.servlet.http.HttpServletRequest req, String requestedUrl)
String	getIcon()
String	getName()
String	getRedirectUri(javax.servlet.http.HttpServletRequest req)
OpenIDUserInfo	getUserInfo(String accessToken)
UserResolver	getUserResolver()
boolean	isEnabled()
OpenIDUserInfo	parseUserInfo(String userInfoJSON)
boolean	verifyStateToken(javax.servlet.http.HttpServletRequest request)	Ensure that this is no request forgery going on, and that the user sending us this connect request is the user that was supposed to.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

protected static final Log log

redirectUriResolver

protected RedirectUriResolver redirectUriResolver

userResolver

protected UserResolver userResolver

userMapper

protected String userMapper

authenticationMethod

protected String authenticationMethod

Constructor Detail

OpenIDConnectProvider

@Deprecated
public OpenIDConnectProvider(OAuth2ServiceProvider oauth2Provider,
                             String accessTokenKey,
                             String userInfoURL,
                             Class<? extends OpenIDUserInfo> openIdUserInfoClass,
                             String icon,
                             boolean enabled,
                             RedirectUriResolver redirectUriResolver,
                             Class<? extends UserResolver> userResolverClass,
                             String userMapper)

Deprecated.

since 11.1, use OpenIDConnectProvider(OAuth2ServiceProvider, String, String, Class, String, boolean, RedirectUriResolver, Class, String, String)

OpenIDConnectProvider

public OpenIDConnectProvider(OAuth2ServiceProvider oauth2Provider,
                             String accessTokenKey,
                             String userInfoURL,
                             Class<? extends OpenIDUserInfo> openIdUserInfoClass,
                             String icon,
                             boolean enabled,
                             RedirectUriResolver redirectUriResolver,
                             Class<? extends UserResolver> userResolverClass,
                             String userMapper,
                             String authenticationMethod)

Method Detail

getRedirectUri

public String getRedirectUri(javax.servlet.http.HttpServletRequest req)

createStateToken

public String createStateToken(javax.servlet.http.HttpServletRequest request)

Create a state token to prevent request forgery. Store it in the session for later validation.

verifyStateToken

public boolean verifyStateToken(javax.servlet.http.HttpServletRequest request)

Ensure that this is no request forgery going on, and that the user sending us this connect request is the user that was supposed to.

getAuthenticationUrl

public String getAuthenticationUrl(javax.servlet.http.HttpServletRequest req,
                                   String requestedUrl)

getName

public String getName()

getIcon

public String getIcon()

getAccessToken

public String getAccessToken(javax.servlet.http.HttpServletRequest req,
                             String code)

getUserInfo

public OpenIDUserInfo getUserInfo(String accessToken)

parseUserInfo

public OpenIDUserInfo parseUserInfo(String userInfoJSON)
                             throws IOException

Throws:

IOException

isEnabled

public boolean isEnabled()

getUserResolver

public UserResolver getUserResolver()

computeUrl

public String computeUrl(javax.servlet.http.HttpServletRequest req,
                         String requestedUrl)

Description copied from interface: LoginProviderLinkComputer

Compute Url that should be used to login via this login provider. Because the url can depend onb the context, it is computed by this method rather than using a static property

Specified by:

computeUrl in interface LoginProviderLinkComputer