Class OAuth1ServerFilter
- java.lang.Object
-
- org.glassfish.jersey.server.oauth1.OAuth1ServerFilter
-
- All Implemented Interfaces:
javax.ws.rs.container.ContainerRequestFilter
@Priority(1000) class OAuth1ServerFilter extends java.lang.Object implements javax.ws.rs.container.ContainerRequestFilter
OAuth request filter that filters all requests indicating in the Authorization header they use OAuth. Checks if the incoming requests are properly authenticated and populates the security context with the corresponding user principal and roles.
-
-
Field Summary
Fields Modifier and Type Field Description private java.util.regex.Pattern
ignorePathPattern
Regular expression pattern for path to ignore.private NonceManager
nonces
Manages and validates incoming nonces.private OAuth1Signature
oAuth1Signature
private boolean
optional
private OAuth1Provider
provider
OAuth Serverprivate javax.inject.Provider<ExtendedUriInfo>
uriInfo
private java.util.Set<java.lang.String>
versions
OAuth protocol versions that are supported.private java.lang.String
wwwAuthenticateHeader
Value to return in www-authenticate header when 401 response returned.
-
Constructor Summary
Constructors Constructor Description OAuth1ServerFilter(javax.ws.rs.core.Configuration rc)
Create a new filter.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
filter(javax.ws.rs.container.ContainerRequestContext request)
private OAuth1SecurityContext
getSecurityContext(javax.ws.rs.container.ContainerRequestContext request)
private static boolean
match(java.util.regex.Pattern pattern, java.lang.String value)
private static OAuth1Exception
newBadRequestException()
private OAuth1Exception
newUnauthorizedException()
private static java.util.regex.Pattern
pattern(java.lang.String p)
private static java.lang.String
requiredOAuthParam(java.lang.String value)
private static java.lang.String
supportedOAuthParam(java.lang.String value, java.util.Set<java.lang.String> set)
private boolean
verifySignature(OAuthServerRequest osr, OAuth1Parameters params, OAuth1Secrets secrets)
-
-
-
Field Detail
-
provider
@Inject private OAuth1Provider provider
OAuth Server
-
nonces
private final NonceManager nonces
Manages and validates incoming nonces.
-
wwwAuthenticateHeader
private final java.lang.String wwwAuthenticateHeader
Value to return in www-authenticate header when 401 response returned.
-
versions
private final java.util.Set<java.lang.String> versions
OAuth protocol versions that are supported.
-
ignorePathPattern
private final java.util.regex.Pattern ignorePathPattern
Regular expression pattern for path to ignore.
-
oAuth1Signature
@Inject private OAuth1Signature oAuth1Signature
-
uriInfo
@Inject private javax.inject.Provider<ExtendedUriInfo> uriInfo
-
optional
private final boolean optional
-
-
Method Detail
-
filter
public void filter(javax.ws.rs.container.ContainerRequestContext request) throws java.io.IOException
- Specified by:
filter
in interfacejavax.ws.rs.container.ContainerRequestFilter
- Throws:
java.io.IOException
-
getSecurityContext
private OAuth1SecurityContext getSecurityContext(javax.ws.rs.container.ContainerRequestContext request) throws OAuth1Exception
- Throws:
OAuth1Exception
-
requiredOAuthParam
private static java.lang.String requiredOAuthParam(java.lang.String value) throws OAuth1Exception
- Throws:
OAuth1Exception
-
supportedOAuthParam
private static java.lang.String supportedOAuthParam(java.lang.String value, java.util.Set<java.lang.String> set) throws OAuth1Exception
- Throws:
OAuth1Exception
-
pattern
private static java.util.regex.Pattern pattern(java.lang.String p)
-
match
private static boolean match(java.util.regex.Pattern pattern, java.lang.String value)
-
verifySignature
private boolean verifySignature(OAuthServerRequest osr, OAuth1Parameters params, OAuth1Secrets secrets)
-
newBadRequestException
private static OAuth1Exception newBadRequestException() throws OAuth1Exception
- Throws:
OAuth1Exception
-
newUnauthorizedException
private OAuth1Exception newUnauthorizedException() throws OAuth1Exception
- Throws:
OAuth1Exception
-
-