Package org.oa4mp.server.loader.oauth2.servlet

Class AbstractAccessTokenServlet2

java.lang.Object

javax.servlet.GenericServlet

javax.servlet.http.HttpServlet

edu.uiuc.ncsa.security.servlet.AbstractServlet

org.oa4mp.server.api.storage.servlet.EnvServlet

org.oa4mp.server.api.storage.servlet.OA4MPServlet

org.oa4mp.server.loader.oauth2.servlet.MultiAuthServlet

org.oa4mp.server.loader.oauth2.servlet.AbstractAccessTokenServlet2

All Implemented Interfaces:

edu.uiuc.ncsa.security.core.Logable, Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig, TransactionFilter

public abstract class AbstractAccessTokenServlet2
extends MultiAuthServlet

Created by Jeff Gaynor
on 9/25/13 at 1:37 PM

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field	Description
static edu.uiuc.ncsa.security.core.cache.Cleanup<edu.uiuc.ncsa.security.core.Identifier,TXRecord>	txRecordCleanup

Fields inherited from class org.oa4mp.server.loader.oauth2.servlet.MultiAuthServlet

upkeepThreadList

Fields inherited from class org.oa4mp.server.api.storage.servlet.OA4MPServlet

caThread, kpt, lastAccessedThread, transactionCleanup

Fields inherited from class org.oa4mp.server.api.storage.servlet.EnvServlet

ERROR_NOTIFICATION_BODY_KEY, ERROR_NOTIFICATION_SUBJECT_KEY, notificationListeners, storeUpdatesDone

Fields inherited from class edu.uiuc.ncsa.security.servlet.AbstractServlet

environment, initialization, IP_HEADERS, PING_PARAMETER

Constructor Summary

Constructors

Constructor	Description
AbstractAccessTokenServlet2()

Method Summary

Modifier and Type	Method	Description
protected abstract AuthorizationGrant	checkAGExpiration(AuthorizationGrant ag)	Contract: if the token gets updated (might have to because of changes to token versions), return it.
protected IssuerTransactionState	doDelegation(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse)	Note that this method does not write the response (using the issuer response).
protected IssuerTransactionState	doDelegation(Client client, javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse)
protected void	doIt(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse)
protected abstract org.oa4mp.delegation.server.request.ATRequest	getATRequest(javax.servlet.http.HttpServletRequest request, org.oa4mp.delegation.server.ServiceTransaction transaction, OA2Client client)
OA2Client	getClient(javax.servlet.http.HttpServletRequest request)	This gets the client from the request.
protected IssuerTransactionState	getIssuerTransactionState(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse, AuthorizationGrant updatedAG, org.oa4mp.delegation.server.ServiceTransaction transaction, OA2Client client, edu.uiuc.ncsa.security.storage.XMLMap backup)	Default for standard token endpoint call.
protected IssuerTransactionState	getIssuerTransactionState(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse, AuthorizationGrant updatedAG, org.oa4mp.delegation.server.ServiceTransaction transaction, OA2Client client, edu.uiuc.ncsa.security.storage.XMLMap backup, boolean isRFC8628)
protected abstract org.oa4mp.delegation.server.ServiceTransaction	getTransaction(AuthorizationGrant ag, javax.servlet.http.HttpServletRequest req)

Methods inherited from class org.oa4mp.server.loader.oauth2.servlet.MultiAuthServlet

getAdminClient, getAdminClient, getClientSecret, verifyClient, verifyClient, verifyClientSecret

Methods inherited from class org.oa4mp.server.api.storage.servlet.OA4MPServlet

checkAdminClientStatus, checkClientApproval, createDebugger, destroy, getAGI, getATI, getClient, getClient, getFirstParameters, getFirstParameterValue, getGrantIDFromRequest, getServiceEnvironment, getTransaction, getTransactionByGrantID, getTransactionStore, isEmpty, loadProperties2, newTransaction, postprocess, preprocess, realStoreUpdates, say, shutdownCleanup, storeUpdates, verifyAndGet

Methods inherited from class org.oa4mp.server.api.storage.servlet.EnvServlet

addNotificationListener, loadEnvironment, processStoreCheck, removeNotificationListener

Methods inherited from class edu.uiuc.ncsa.security.servlet.AbstractServlet

checkContentType, CONST, debug, doGet, doPing, doPost, error, error, getConfigurationLoader, getEnvironment, getExceptionHandler, getInitialization, getMyLogger, getRequestIPAddress, handleException, info, init, isDebugOn, logOK, logOK, printAllParameters, printAllParameters, resetState, setConfigurationLoader, setDebugOn, setEnvironment, setExceptionHandler, setInitialization, warn

Methods inherited from class javax.servlet.http.HttpServlet

doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service

Methods inherited from class javax.servlet.GenericServlet

getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

txRecordCleanup

public static edu.uiuc.ncsa.security.core.cache.Cleanup<edu.uiuc.ncsa.security.core.Identifier,TXRecord> txRecordCleanup

Constructor Detail

AbstractAccessTokenServlet2

public AbstractAccessTokenServlet2()

Method Detail

doIt

protected void doIt(javax.servlet.http.HttpServletRequest httpServletRequest,
                    javax.servlet.http.HttpServletResponse httpServletResponse)
             throws Throwable

Specified by:

doIt in class edu.uiuc.ncsa.security.servlet.AbstractServlet

Throws:

Throwable

getATRequest

protected abstract org.oa4mp.delegation.server.request.ATRequest getATRequest(javax.servlet.http.HttpServletRequest request,
                                                                              org.oa4mp.delegation.server.ServiceTransaction transaction,
                                                                              OA2Client client)

getTransaction

protected abstract org.oa4mp.delegation.server.ServiceTransaction getTransaction(AuthorizationGrant ag,
                                                                                 javax.servlet.http.HttpServletRequest req)
                                                                          throws javax.servlet.ServletException

Throws:

javax.servlet.ServletException

getClient

public OA2Client getClient(javax.servlet.http.HttpServletRequest request)

Description copied from class: MultiAuthServlet

This gets the client from the request. Note that this does not check the client password. That is done with the MultiAuthServlet.verifyClient(OA2Client, HttpServletRequest)

Overrides:

getClient in class MultiAuthServlet

checkAGExpiration

protected abstract AuthorizationGrant checkAGExpiration(AuthorizationGrant ag)

Contract: if the token gets updated (might have to because of changes to token versions), return it. If no changes, return null.

Parameters:

ag -

Returns:

doDelegation

protected IssuerTransactionState doDelegation(Client client,
                                              javax.servlet.http.HttpServletRequest httpServletRequest,
                                              javax.servlet.http.HttpServletResponse httpServletResponse)
                                       throws Throwable,
                                              javax.servlet.ServletException

Throws:

Throwable

javax.servlet.ServletException

getIssuerTransactionState

protected IssuerTransactionState getIssuerTransactionState(javax.servlet.http.HttpServletRequest httpServletRequest,
                                                           javax.servlet.http.HttpServletResponse httpServletResponse,
                                                           AuthorizationGrant updatedAG,
                                                           org.oa4mp.delegation.server.ServiceTransaction transaction,
                                                           OA2Client client,
                                                           edu.uiuc.ncsa.security.storage.XMLMap backup)
                                                    throws Throwable

Default for standard token endpoint call.

Parameters:

httpServletRequest -

httpServletResponse -

updatedAG -

transaction -

Returns:

Throws:

Throwable

getIssuerTransactionState

protected IssuerTransactionState getIssuerTransactionState(javax.servlet.http.HttpServletRequest httpServletRequest,
                                                           javax.servlet.http.HttpServletResponse httpServletResponse,
                                                           AuthorizationGrant updatedAG,
                                                           org.oa4mp.delegation.server.ServiceTransaction transaction,
                                                           OA2Client client,
                                                           edu.uiuc.ncsa.security.storage.XMLMap backup,
                                                           boolean isRFC8628)
                                                    throws Throwable

Throws:

Throwable

doDelegation

protected IssuerTransactionState doDelegation(javax.servlet.http.HttpServletRequest httpServletRequest,
                                              javax.servlet.http.HttpServletResponse httpServletResponse)
                                       throws Throwable,
                                              javax.servlet.ServletException

Note that this method does not write the response (using the issuer response). You must do that in your implementation after you have finished all processing. If we were to do that here, the response would be written prematurely.

Parameters:

httpServletRequest -

httpServletResponse -

Returns:

Throws:

Throwable

javax.servlet.ServletException