org.restlet.ext.oauth
Class AuthorizationServerResource

java.lang.Object
  extended by org.restlet.resource.Resource
      extended by org.restlet.resource.UniformResource
          extended by org.restlet.resource.ServerResource
              extended by org.restlet.ext.oauth.OAuthServerResource
                  extended by org.restlet.ext.oauth.AuthorizationServerResource

public class AuthorizationServerResource
extends OAuthServerResource

Restlet implementation class AuthorizationService. Used for initiating an OAuth 2.0 authorization request. This Resource is controlled by to Context Attribute Parameters
OAuthServerResource.LOGIN_PARAM specifies the location of a Login resource. Implements OAuth 2.0 draft 10 The following example shows how to set up a simple Authorization Service.

 {
      @code
      public Restlet createInboundRoot(){
      ...
      ChallengeAuthenticator au = new ChallengeAuthenticator(getContext(),
              ChallengeScheme.HTTP_BASIC, "OAuth Test Server");
      au.setVerifier(new MyVerifier());
      au.setNext(AuthorizationServerResource.class);
      root.attach("/authorize", au);
      ...
 }
 

Author:
Martin Svensson
See Also:
OAuth 2 draft 10

Field Summary
 
Fields inherited from class org.restlet.ext.oauth.OAuthServerResource
ACCESS_TOKEN, ASSERTION, ASSERTION_TYPE, AUTONOMOUS_USER, CLIENT_ID, CLIENT_SECRET, ClientCookieID, clients, CODE, ERROR, ERROR_DESC, ERROR_URI, EXPIRES_IN, generator, GRANT_TYPE, noCache, noStore, OAUTH_TOKEN, PASSWORD, REDIR_URI, REFRESH_TOKEN, RESPONSE_TYPE, SCOPE, STATE, TOKEN_SERVER_MAX_TIME_SEC, TOKEN_SERVER_TIME_SEC, tokenMaxTimeSec, tokenTimeSec, USERNAME
 
Constructor Summary
AuthorizationServerResource()
           
 
Method Summary
protected  Representation doPostAuthenticate(org.restlet.ext.oauth.internal.AuthSession session, Client client)
          Handle the authentication request.
 Representation represent()
          Checks that all incoming requests have a type parameter.
 void sendError(String sessionId, OAuthError error, String state)
          Helper method to format error responses according to OAuth2 spec.
 void sendError(String sessionId, OAuthError error, String state, String description, String errorUri)
          Helper method to format error responses according to OAuth2 spec.
protected  void setupSession(org.restlet.ext.oauth.internal.AuthSession in, Client client, ResponseType flow, String redirUri, Form params)
          Sets up a session.
 
Methods inherited from class org.restlet.ext.oauth.OAuthServerResource
doInit, generateAgentToken, generateCode, getParameter, parseScope
 
Methods inherited from class org.restlet.resource.ServerResource
abort, commit, delete, delete, describeVariants, doCatch, doConditionalHandle, doError, doHandle, doHandle, doNegotiatedHandle, get, get, getAttribute, getInfo, getInfo, getOnSent, getPreferredVariant, getVariants, getVariants, handle, hasAnnotations, head, head, isAnnotated, isAutoCommitting, isCommitted, isConditional, isExisting, isInRole, isNegotiated, options, options, post, post, put, put, redirectPermanent, redirectPermanent, redirectSeeOther, redirectSeeOther, redirectTemporary, redirectTemporary, setAllowedMethods, setAnnotated, setAttribute, setAutoCommitting, setChallengeRequests, setCommitted, setConditional, setCookieSettings, setDimensions, setExisting, setLocationRef, setLocationRef, setNegotiated, setOnSent, setProxyChallengeRequests, setServerInfo, setStatus, setStatus, setStatus, setStatus, updateAllowedMethods, updateDimensions
 
Methods inherited from class org.restlet.resource.Resource
doError, doRelease, getAllowedMethods, getApplication, getChallengeRequests, getChallengeResponse, getClientInfo, getConditions, getConnegService, getContext, getConverterService, getCookies, getCookieSettings, getDimensions, getHostRef, getLocationRef, getLogger, getMatrix, getMatrixValue, getMaxForwards, getMetadataService, getMethod, getOriginalRef, getProtocol, getProxyChallengeRequests, getProxyChallengeResponse, getQuery, getQueryValue, getRanges, getReference, getReferrerRef, getRequest, getRequestAttributes, getRequestCacheDirectives, getRequestEntity, getResponse, getResponseAttributes, getResponseCacheDirectives, getResponseEntity, getRootRef, getServerInfo, getStatus, getStatusService, init, isConfidential, isLoggable, release, setApplication, setQueryValue, setRequest, setResponse, toObject, toRepresentation, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

AuthorizationServerResource

public AuthorizationServerResource()
Method Detail

represent

@Get(value="html")
@Post(value="html")
public Representation represent()
Checks that all incoming requests have a type parameter. Requires response_type, client_id and redirect_uri parameters. For the code flow client_secret is also mandatory.


setupSession

protected void setupSession(org.restlet.ext.oauth.internal.AuthSession in,
                            Client client,
                            ResponseType flow,
                            String redirUri,
                            Form params)
Sets up a session.

Parameters:
in - The OAuth session.
client - The OAuth client.
flow - The glow.
redirUri - The redirection URI.
params - The authentication parameters.

doPostAuthenticate

protected Representation doPostAuthenticate(org.restlet.ext.oauth.internal.AuthSession session,
                                            Client client)
Handle the authentication request.

Parameters:
session - The OAuth session.
client - The OAuth client.
Returns:
The result as a Representation.

sendError

public void sendError(String sessionId,
                      OAuthError error,
                      String state)
Helper method to format error responses according to OAuth2 spec.

Parameters:
sessionId - local server session object
error - code, one of the valid from spec
state - state parameter as presented in the initial auth request

sendError

public void sendError(String sessionId,
                      OAuthError error,
                      String state,
                      String description,
                      String errorUri)
Helper method to format error responses according to OAuth2 spec.

Parameters:
sessionId - local server session object
error - code, one of the valid from spec
state - state parameter as presented in the initial auth request
description - any text describing the error
errorUri - uri to a page with more description about the error


Copyright © 2005-2013 Restlet.