Class OAuth1ServerFilter
- java.lang.Object
-
- org.glassfish.jersey.server.oauth1.OAuth1ServerFilter
-
- All Implemented Interfaces:
javax.ws.rs.container.ContainerRequestFilter
@Priority(1000) class OAuth1ServerFilter extends java.lang.Object implements javax.ws.rs.container.ContainerRequestFilterOAuth request filter that filters all requests indicating in the Authorization header they use OAuth. Checks if the incoming requests are properly authenticated and populates the security context with the corresponding user principal and roles.
-
-
Field Summary
Fields Modifier and Type Field Description private java.util.regex.PatternignorePathPatternRegular expression pattern for path to ignore.private NonceManagernoncesManages and validates incoming nonces.private OAuth1SignatureoAuth1Signatureprivate booleanoptionalprivate OAuth1ProviderproviderOAuth Serverprivate javax.inject.Provider<ExtendedUriInfo>uriInfoprivate java.util.Set<java.lang.String>versionsOAuth protocol versions that are supported.private java.lang.StringwwwAuthenticateHeaderValue to return in www-authenticate header when 401 response returned.
-
Constructor Summary
Constructors Constructor Description OAuth1ServerFilter(javax.ws.rs.core.Configuration rc)Create a new filter.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description voidfilter(javax.ws.rs.container.ContainerRequestContext request)private OAuth1SecurityContextgetSecurityContext(javax.ws.rs.container.ContainerRequestContext request)private static booleanmatch(java.util.regex.Pattern pattern, java.lang.String value)private static OAuth1ExceptionnewBadRequestException()private OAuth1ExceptionnewUnauthorizedException()private static java.util.regex.Patternpattern(java.lang.String p)private static java.lang.StringrequiredOAuthParam(java.lang.String value)private static java.lang.StringsupportedOAuthParam(java.lang.String value, java.util.Set<java.lang.String> set)private booleanverifySignature(OAuthServerRequest osr, OAuth1Parameters params, OAuth1Secrets secrets)
-
-
-
Field Detail
-
provider
@Inject private OAuth1Provider provider
OAuth Server
-
nonces
private final NonceManager nonces
Manages and validates incoming nonces.
-
wwwAuthenticateHeader
private final java.lang.String wwwAuthenticateHeader
Value to return in www-authenticate header when 401 response returned.
-
versions
private final java.util.Set<java.lang.String> versions
OAuth protocol versions that are supported.
-
ignorePathPattern
private final java.util.regex.Pattern ignorePathPattern
Regular expression pattern for path to ignore.
-
oAuth1Signature
@Inject private OAuth1Signature oAuth1Signature
-
uriInfo
@Inject private javax.inject.Provider<ExtendedUriInfo> uriInfo
-
optional
private final boolean optional
-
-
Method Detail
-
filter
public void filter(javax.ws.rs.container.ContainerRequestContext request) throws java.io.IOException- Specified by:
filterin interfacejavax.ws.rs.container.ContainerRequestFilter- Throws:
java.io.IOException
-
getSecurityContext
private OAuth1SecurityContext getSecurityContext(javax.ws.rs.container.ContainerRequestContext request) throws OAuth1Exception
- Throws:
OAuth1Exception
-
requiredOAuthParam
private static java.lang.String requiredOAuthParam(java.lang.String value) throws OAuth1Exception- Throws:
OAuth1Exception
-
supportedOAuthParam
private static java.lang.String supportedOAuthParam(java.lang.String value, java.util.Set<java.lang.String> set) throws OAuth1Exception- Throws:
OAuth1Exception
-
pattern
private static java.util.regex.Pattern pattern(java.lang.String p)
-
match
private static boolean match(java.util.regex.Pattern pattern, java.lang.String value)
-
verifySignature
private boolean verifySignature(OAuthServerRequest osr, OAuth1Parameters params, OAuth1Secrets secrets)
-
newBadRequestException
private static OAuth1Exception newBadRequestException() throws OAuth1Exception
- Throws:
OAuth1Exception
-
newUnauthorizedException
private OAuth1Exception newUnauthorizedException() throws OAuth1Exception
- Throws:
OAuth1Exception
-
-