Class MultiAuthServlet
- java.lang.Object
-
- javax.servlet.GenericServlet
-
- javax.servlet.http.HttpServlet
-
- edu.uiuc.ncsa.security.servlet.AbstractServlet
-
- org.oa4mp.server.api.servlet.storage.EnvServlet
-
- org.oa4mp.server.api.servlet.storage.MyProxyDelegationServlet
-
- org.oa4mp.server.loader.oauth2.servlet.MultiAuthServlet
-
- All Implemented Interfaces:
TransactionFilter
,edu.uiuc.ncsa.security.core.Logable
,Serializable
,javax.servlet.Servlet
,javax.servlet.ServletConfig
- Direct Known Subclasses:
AbstractAccessTokenServlet2
,RFC8628Servlet
public abstract class MultiAuthServlet extends MyProxyDelegationServlet
This class has the machinery for processing the various types of Authorization for a servlet.
Created by Jeff Gaynor
on 7/24/21 at 5:58 AM- See Also:
- Serialized Form
-
-
Field Summary
-
Fields inherited from class edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.MyProxyDelegationServlet
caThread, kpt, lastAccessedThread, myproxyConnectionCache, myproxyConnectionCleanup, transactionCleanup
-
Fields inherited from class edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.EnvServlet
ERROR_NOTIFICATION_BODY_KEY, ERROR_NOTIFICATION_SUBJECT_KEY, notificationListeners, storeUpdatesDone
-
-
Constructor Summary
Constructors Constructor Description MultiAuthServlet()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description AdminClient
getAdminClient(edu.uiuc.ncsa.security.core.Identifier identifier)
AdminClient
getAdminClient(javax.servlet.http.HttpServletRequest request)
Client
getClient(javax.servlet.http.HttpServletRequest request)
This finds the client identifier either as a parameter or in the authorization header and uses that to get the client.protected String
getClientSecret(javax.servlet.http.HttpServletRequest request)
void
verifyClientSecret(OA2Client client, String rawSecret)
-
Methods inherited from class edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.MyProxyDelegationServlet
checkClientApproval, createDebugger, destroy, getAGI, getATI, getClient, getClient, getFirstParameters, getGrantIDFromRequest, getMPConnection, getMPConnection, getMyproxyConnectionCache, getMyproxyServices, getServiceEnvironment, getTransaction, getTransactionByGrantID, getTransactionStore, hasMPConnection, hasMPConnection, isEmpty, loadProperties2, newTransaction, postprocess, preprocess, realStoreUpdates, say, shutdownCleanup, storeUpdates, verifyAndGet
-
Methods inherited from class edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.EnvServlet
addNotificationListener, loadEnvironment, processStoreCheck, removeNotificationListener
-
Methods inherited from class edu.uiuc.ncsa.security.servlet.AbstractServlet
checkContentType, CONST, debug, doGet, doIt, doPing, doPost, error, error, getConfigurationLoader, getEnvironment, getExceptionHandler, getFirstParameterValue, getInitialization, getMyLogger, handleException, info, init, isDebugOn, printAllParameters, printAllParameters, resetState, setConfigurationLoader, setDebugOn, setEnvironment, setExceptionHandler, setInitialization, warn
-
Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service
-
-
-
-
Method Detail
-
getClient
public Client getClient(javax.servlet.http.HttpServletRequest request)
This finds the client identifier either as a parameter or in the authorization header and uses that to get the client. It will also check if the client has been approved and throw an exception if that is not the case. You must separately check the secret as needed usinggetClientSecret(HttpServletRequest)
thenverifyClientSecret(OA2Client, String)
.- Overrides:
getClient
in classMyProxyDelegationServlet
- Parameters:
request
-- Returns:
-
getClientSecret
protected String getClientSecret(javax.servlet.http.HttpServletRequest request)
-
getAdminClient
public AdminClient getAdminClient(javax.servlet.http.HttpServletRequest request)
-
getAdminClient
public AdminClient getAdminClient(edu.uiuc.ncsa.security.core.Identifier identifier)
-
-