org.nuxeo.ecm.platform.oauth2.openid

Class OpenIDConnectProvider

java.lang.Object

org.nuxeo.ecm.platform.oauth2.openid.OpenIDConnectProvider

All Implemented Interfaces:

LoginProviderLinkComputer

public class OpenIDConnectProvider
extends Object
implements LoginProviderLinkComputer

Class that holds info about an OpenID provider, this includes an OAuth Provider as well as urls and icons

Author:

Nelson Silva , Tiry

Constructor Summary

Constructors

Constructor and Description
OpenIDConnectProvider(NuxeoOAuth2ServiceProvider oauth2Provider, String accessTokenKey, String userInfoURL, Class<? extends OpenIDUserInfo> openIdUserInfoClass, String icon, boolean enabled, RedirectUriResolver redirectUriResolver, Class<? extends UserResolver> userResolverClass)

Method Summary

Methods

Modifier and Type	Method and Description
String	computeUrl(javax.servlet.http.HttpServletRequest req, String requestedUrl) Compute Url that should be used to login via this login provider.
String	createStateToken(javax.servlet.http.HttpServletRequest request) Create a state token to prevent request forgery.
String	getAccessToken(javax.servlet.http.HttpServletRequest req, String code)
String	getAuthenticationUrl(javax.servlet.http.HttpServletRequest req, String requestedUrl)
String	getIcon()
String	getName()
String	getRedirectUri(javax.servlet.http.HttpServletRequest req)
OpenIDUserInfo	getUserInfo(String accessToken)
UserResolver	getUserResolver()
boolean	isEnabled()
OpenIDUserInfo	parseUserInfo(String userInfoJSON)
boolean	verifyStateToken(javax.servlet.http.HttpServletRequest request) Ensure that this is no request forgery going on, and that the user sending us this connect request is the user that was supposed to.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OpenIDConnectProvider

public OpenIDConnectProvider(NuxeoOAuth2ServiceProvider oauth2Provider,
                     String accessTokenKey,
                     String userInfoURL,
                     Class<? extends OpenIDUserInfo> openIdUserInfoClass,
                     String icon,
                     boolean enabled,
                     RedirectUriResolver redirectUriResolver,
                     Class<? extends UserResolver> userResolverClass)

Method Detail

getRedirectUri

public String getRedirectUri(javax.servlet.http.HttpServletRequest req)

createStateToken

public String createStateToken(javax.servlet.http.HttpServletRequest request)

Create a state token to prevent request forgery. Store it in the session for later validation.

Parameters:

HttpServletRequest - request

Returns:

verifyStateToken

public boolean verifyStateToken(javax.servlet.http.HttpServletRequest request)

Ensure that this is no request forgery going on, and that the user sending us this connect request is the user that was supposed to.

Parameters:

HttpServletRequest - request

Returns:

getAuthenticationUrl

public String getAuthenticationUrl(javax.servlet.http.HttpServletRequest req,
                          String requestedUrl)

getName

public String getName()

getIcon

public String getIcon()

getAccessToken

public String getAccessToken(javax.servlet.http.HttpServletRequest req,
                    String code)

getUserInfo

public OpenIDUserInfo getUserInfo(String accessToken)

parseUserInfo

public OpenIDUserInfo parseUserInfo(String userInfoJSON)
                             throws IOException

Throws:

IOException

isEnabled

public boolean isEnabled()

getUserResolver

public UserResolver getUserResolver()

computeUrl

public String computeUrl(javax.servlet.http.HttpServletRequest req,
                String requestedUrl)

Description copied from interface: LoginProviderLinkComputer

Compute Url that should be used to login via this login provider. Because the url can depend onb the context, it is computed by this method rather than using a static property

Specified by:

computeUrl in interface LoginProviderLinkComputer

Returns: