org.restlet.ext.oauth
Class AuthPageServerResource
java.lang.Object
org.restlet.resource.Resource
org.restlet.resource.UniformResource
org.restlet.resource.ServerResource
org.restlet.ext.oauth.OAuthServerResource
org.restlet.ext.oauth.AuthPageServerResource
public class AuthPageServerResource
- extends OAuthServerResource
Helper class to the AuhorizationResource Handles Authorization requests. By
default it will accept all scopes requested.
To intercept and allow a user to control authorization you should set
the OAuthHelper.setAuthPageTemplate parameter. It should contain a static HTML page
or a FreeMarker page that will be loaded with the CLAP protocol straight from root.
Example. Add an AuthPageResource to your inbound root.
{
@code
public Restlet createInboundRoot(){
...
root.attach(OAuthHelper.getAuthPage(getContext()), AuthPageServerResource.class);
//Set Template for AuthPage:
OAuthHelper.setAuthPageTemplate("authorize.html", getContext());
//Dont ask for approval if previously approved
OAuthHelper.setAuthSkipApproved(true, getContext());
...
}
}
The FreeMarker data model looks like the following
{
@code
HashMap<String, Object> data = new HashMap<String, Object>();
data.put("target", "/oauth/auth_page");
data.put("clientId", clientId);
data.put("clientDescription", client.toString());
data.put("clientCallback", client.getRedirectUri());
data.put("clientName", client.getApplicationName());
data.put("requestingScopes", scopes);
data.put("grantedScopes", previousScopes);
}
Below is an example of a simple FreeMarker page for authorization
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<link rel="stylesheet" href="resources/style.css" type="text/css" media="screen"
charset="utf-8">
<title>OAuth2 Authorization Server</title>
</head>
<body>
<div id="container">
<div id="header">
<h2>OAuth authorization page</h2>
<section id="intro">
<h2>Application requesting scope</h2>
<p>Client ClientId = ${clientId} CB = ${clientDescription} wants to get access to your information.</p>
</section>
</div>
<aside>
<form action="${target}" method="get">
<h4>The following private info is requested</h4>
<#list requestingScopes as r> <input type="checkbox" name="scope" value="${r}" checked />
<b>${r}</b><br/>
</#list>
<#if grantedScopes?has_content>
<hr />
<h4>Previously approved scopes</h4>
<#list grantedScopes as g> <input type="checkbox" name="scope" value="${g}" checked />
<b>${g}</b><br/>
</#list>
</#if>
<br/>
<input type="submit" name="action" value="Reject"/>
<input type="submit" name="action" value="Accept" />
</form>
</aside>
<footer>
<p class="copyright">Copyright © 2010 Ericsson Inc. All rights reserved.</p>
</footer>
</div>
</body>
</html>
should be set in the attributes. It should contain a static HTML page or a
FreeMarker page that will be loaded with the CLAP protocol straight from
root.
- Author:
- Kristoffer Gronowski
Fields inherited from class org.restlet.ext.oauth.OAuthServerResource |
ACCESS_TOKEN, ASSERTION, ASSERTION_TYPE, AUTONOMOUS_USER, CLIENT_ID, CLIENT_SECRET, ClientCookieID, clients, CODE, ERROR, ERROR_DESC, ERROR_URI, EXPIRES_IN, generator, GRANT_TYPE, noCache, noStore, OAUTH_TOKEN, PASSWORD, REDIR_URI, REFRESH_TOKEN, RESPONSE_TYPE, SCOPE, STATE, TOKEN_SERVER_MAX_TIME_SEC, TOKEN_SERVER_TIME_SEC, tokenMaxTimeSec, tokenTimeSec, USERNAME |
Methods inherited from class org.restlet.resource.ServerResource |
abort, commit, delete, delete, describeVariants, doCatch, doConditionalHandle, doError, doHandle, doHandle, doNegotiatedHandle, get, get, getAttribute, getInfo, getInfo, getOnSent, getPreferredVariant, getVariants, getVariants, handle, hasAnnotations, head, head, isAnnotated, isAutoCommitting, isCommitted, isConditional, isExisting, isInRole, isNegotiated, options, options, post, post, put, put, redirectPermanent, redirectPermanent, redirectSeeOther, redirectSeeOther, redirectTemporary, redirectTemporary, setAllowedMethods, setAnnotated, setAttribute, setAutoCommitting, setChallengeRequests, setCommitted, setConditional, setCookieSettings, setDimensions, setExisting, setLocationRef, setLocationRef, setNegotiated, setOnSent, setProxyChallengeRequests, setServerInfo, setStatus, setStatus, setStatus, setStatus, updateAllowedMethods, updateDimensions |
Methods inherited from class org.restlet.resource.Resource |
doError, doRelease, getAllowedMethods, getApplication, getChallengeRequests, getChallengeResponse, getClientInfo, getConditions, getConnegService, getContext, getConverterService, getCookies, getCookieSettings, getDimensions, getHostRef, getLocationRef, getLogger, getMatrix, getMatrixValue, getMaxForwards, getMetadataService, getMethod, getOriginalRef, getProtocol, getProxyChallengeRequests, getProxyChallengeResponse, getQuery, getQueryValue, getRanges, getReference, getReferrerRef, getRequest, getRequestAttributes, getRequestCacheDirectives, getRequestEntity, getResponse, getResponseAttributes, getResponseCacheDirectives, getResponseEntity, getRootRef, getServerInfo, getStatus, getStatusService, init, isConfidential, isLoggable, release, setApplication, setQueryValue, setRequest, setResponse, toObject, toRepresentation, toString |
AuthPageServerResource
public AuthPageServerResource()
showPage
@Get(value="html")
public Representation showPage()
- Entry point to the AuthPageResource. The AuthorizationResource dispatches
the call to this method. Should also be invoked by an eventual HTML page
FORM. In the from HTTP GET should be used and a result parameter: action
= Accept results in approving requested scope while action = Reject
results in a rejection error back to the requestor.
- Returns:
- HTML page with the graphical policy page
handleAction
protected void handleAction(String action,
String[] scopes)
- Helper method to handle a FORM response. Returns with setting a 307 with
the location header. Token if the token flow was requested or code is
included.
- Parameters:
action
- as interacted by the user.scopes
- the scopes that was approved.
getPage
protected Representation getPage(String authPage)
- Helper method if a auth page was present in a context attribute.
The Freemarker Data model looks the following :
HashMap data = new HashMap();
data.put("target", "/oauth/auth_page"); data.put("clientId", clientId);
data.put("clientDescription", client.toString());
data.put("clientCallback", client.getRedirectUri());
data.put("clientName", client.getApplicationName());
data.put("requestingScopes", scopes); data.put("grantedScopes",
previousScopes);
- Parameters:
authPage
- name of the page in class loader context
- Returns:
- html page representation
sendError
protected void sendError(org.restlet.ext.oauth.internal.AuthSession session,
OAuthError error,
String state,
String description,
String errorUri)
- Helper method to format error responses according to OAuth2 spec.
- Parameters:
session
- local server session objecterror
- code, one of the valid from specstate
- state parameter as presented in the initial auth requestdescription
- any text describing the errorerrorUri
- uri to a page with more description about the error
Copyright © 2005-2013 Restlet.