Package edu.uiuc.ncsa.myproxy.oa4mp.oauth2.servlet

Class BearerTokenServlet

java.lang.Object

javax.servlet.GenericServlet

javax.servlet.http.HttpServlet

edu.uiuc.ncsa.security.servlet.AbstractServlet

org.oa4mp.server.api.servlet.storage.EnvServlet

org.oa4mp.server.api.servlet.storage.MyProxyDelegationServlet

org.oa4mp.server.loader.oauth2.servlet.BearerTokenServlet

All Implemented Interfaces:

TransactionFilter, edu.uiuc.ncsa.security.core.Logable, Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig

Direct Known Subclasses:

TokenManagerServlet, UserInfoServlet

public abstract class BearerTokenServlet
extends MyProxyDelegationServlet

For endpoints that use bearer tokens. The issue is that bearer tokens may be JWTs and have to be verified, but the information to do so is not available until the transaction is recovered -- which may also be the result of a previous token exchange. Therefore this will do all the checks in a single method to get the right thing. Used by the UserInfoServlet, RFC7662 and RFC7009.

Created by Jeff Gaynor
on 5/19/21 at 12:19 PM

See Also:

Serialized Form

Field Summary

Fields inherited from class edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.MyProxyDelegationServlet

caThread, kpt, lastAccessedThread, myproxyConnectionCache, myproxyConnectionCleanup, transactionCleanup

Fields inherited from class edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.EnvServlet

ERROR_NOTIFICATION_BODY_KEY, ERROR_NOTIFICATION_SUBJECT_KEY, notificationListeners, storeUpdatesDone

Fields inherited from class edu.uiuc.ncsa.security.servlet.AbstractServlet

environment, initialization, PING_PARAMETER

Constructor Summary

Constructors

Constructor	Description
BearerTokenServlet()

Method Summary

Modifier and Type	Method	Description
protected OA2ServiceTransaction	findTransaction(AccessTokenImpl at, TokenManagerServlet.State state)

Methods inherited from class edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.MyProxyDelegationServlet

checkClientApproval, createDebugger, destroy, getAGI, getATI, getClient, getClient, getClient, getFirstParameters, getGrantIDFromRequest, getMPConnection, getMPConnection, getMyproxyConnectionCache, getMyproxyServices, getServiceEnvironment, getTransaction, getTransactionByGrantID, getTransactionStore, hasMPConnection, hasMPConnection, isEmpty, loadProperties2, newTransaction, postprocess, preprocess, realStoreUpdates, say, shutdownCleanup, storeUpdates, verifyAndGet

Methods inherited from class edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.EnvServlet

addNotificationListener, loadEnvironment, processStoreCheck, removeNotificationListener

Methods inherited from class edu.uiuc.ncsa.security.servlet.AbstractServlet

checkContentType, CONST, debug, doGet, doIt, doPing, doPost, error, error, getConfigurationLoader, getEnvironment, getExceptionHandler, getFirstParameterValue, getInitialization, getMyLogger, handleException, info, init, isDebugOn, printAllParameters, printAllParameters, resetState, setConfigurationLoader, setDebugOn, setEnvironment, setExceptionHandler, setInitialization, warn

Methods inherited from class javax.servlet.http.HttpServlet

doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service

Methods inherited from class javax.servlet.GenericServlet

getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

BearerTokenServlet

public BearerTokenServlet()

Method Detail

findTransaction

protected OA2ServiceTransaction findTransaction(AccessTokenImpl at,
                                                TokenManagerServlet.State state)
                                         throws IOException

Throws:

IOException