Class OAuth1ServerProperties

java.lang.Object
org.glassfish.jersey.server.oauth1.OAuth1ServerProperties

public final class OAuth1ServerProperties extends Object
Properties used to configure OAuth server module.
  • Field Details

    • REALM

      public static final String REALM
      OAuth realm (String property).

      A default value is 'default'.

      The name of the configuration property is "jersey.config.server.oauth1.realm".

      See Also:
    • IGNORE_PATH_PATTERN

      public static final String IGNORE_PATH_PATTERN
      Property that can be set to a regular expression used to match the path (relative to the base URI) this filter should not be applied to.

      A default value is null.

      The name of the configuration property is "jersey.config.server.oauth1.ignorePathPattern".

      See Also:
    • MAX_AGE

      public static final String MAX_AGE
      Property defines maximum age (in milliseconds) of nonces that should be tracked (default = 300000 ms = 5 min).

      A default value is 300000 which corresponds to 5 minutes.

      The name of the configuration property is "jersey.config.server.oauth1.maxAge".

      See Also:
    • GC_PERIOD

      public static final String GC_PERIOD
      Property that can be set to frequency of collecting nonces exceeding max. age (default = 100 = every 100 requests).
      See Also:
    • TIMESTAMP_UNIT

      public static final String TIMESTAMP_UNIT
      Unit of oauth_timestamp attribute used in authorization headers. The value must be one of the enum values of TimeUnit (e.g. SECONDS, MILLISECONDS, MINUTES).

      A default value is SECONDS.

      The name of the configuration property is "jersey.config.server.oauth1.timestamp.unit".

      See Also:
    • MAX_NONCE_CACHE_SIZE

      public static final String MAX_NONCE_CACHE_SIZE
      Defines maximum number of nonces that can be stored in the nonce cache. If more nonces will be used, the cache will not store any other nonce and requests will be refused. Note that cache is automatically cleaned as it keeps only nonces delivered with timestamp withing the MAX_AGE period.

      This setting is used to limit the maximum size of internal cache and thanks to this it prevents exhausting of memory and failing of the server.

      The value must be a long.

      A default value is 2000000.

      The name of the configuration property is "jersey.config.server.oauth1.max.nonce.size".

      See Also:
    • NO_FAIL

      public static final String NO_FAIL
      If set to true makes the correct OAuth authentication optional. Instead of returning the appropriate status code (Response.Status.BAD_REQUEST or Response.Status.UNAUTHORIZED) the OAuth filter will ignore this request (as if it was not authenticated) and let the web application deal with it.

      A default value is false.

      The name of the configuration property is "jersey.config.server.oauth1.noFail".

      See Also:
    • ENABLE_TOKEN_RESOURCES

      public static final String ENABLE_TOKEN_RESOURCES
      If set to true, token resources will be exposed. Token resources are JAX-RS resources for retrieving Request Tokens and Access Tokens. If the property is set to false, the resources will not be exposed and it is responsibility of the user custom resource to issue Request Tokens and Access Tokens.

      URIs of exposed resources can be specified by REQUEST_TOKEN_URI and ACCESS_TOKEN_URI.

      A default value is true.

      The name of the configuration property is "jersey.config.server.oauth1.resource.enabled".

      See Also:
    • REQUEST_TOKEN_URI

      public static final String REQUEST_TOKEN_URI
      If exposure of token resources is enabled (e.g. by the property ENABLE_TOKEN_RESOURCES), this property defines the relative URI of exposed Request Token Resource. The URI must be relative to the base URI of the JAX-RS application.

      Request Token resource is the resource which issues a Request Token and Request Token secret during the Authorization process (temporary credentials IDs).

      The property is undefined by default.

      The name of the configuration property is "jersey.config.server.oauth1.resource.requestToken.uri".

      See Also:
    • ACCESS_TOKEN_URI

      public static final String ACCESS_TOKEN_URI
      If exposure of token resources is enabled (e.g. by the property ENABLE_TOKEN_RESOURCES), this property defines the relative URI of exposed Access Token Resource. The URI must be relative to the base URI of the JAX-RS application.

      Access Token resource is the resource which issues a Access Token and Access Token secret during the Authorization process.

      The property is undefined by default.

      The name of the configuration property is "jersey.config.server.oauth1.resource.accessToken.uri".

      See Also:
  • Constructor Details

    • OAuth1ServerProperties

      public OAuth1ServerProperties()
  • Method Details

    • getValue

      public static <T> T getValue(Map<String,?> properties, String key, Class<T> type)
      Get the value of the specified property. If the property is not set or the real value type is not compatible with the specified value type, returns null.
      Type Parameters:
      T - Type of the property value.
      Parameters:
      properties - Map of properties to get the property value from.
      key - Name of the property.
      type - Type to retrieve the value as.
      Returns:
      Value of the property or null.
      Since:
      2.8
    • getValue

      public static <T> T getValue(Map<String,?> properties, String key, T defaultValue)
      Get the value of the specified property. If the property is not set or the real value type is not compatible with defaultValue type, the specified defaultValue is returned. Calling this method is equivalent to calling OAuth1ServerProperties.getValue(properties, key, defaultValue, (Class<T>) defaultValue.getClass())
      Type Parameters:
      T - Type of the property value.
      Parameters:
      properties - Map of properties to get the property value from.
      key - Name of the property.
      defaultValue - Default value if property is not registered
      Returns:
      Value of the property or null.
      Since:
      2.8
    • getValue

      public static <T> T getValue(Map<String,?> properties, String key, T defaultValue, Class<T> type)
      Get the value of the specified property. If the property is not set or the real value type is not compatible with the specified value type, returns defaultValue.
      Type Parameters:
      T - Type of the property value.
      Parameters:
      properties - Map of properties to get the property value from.
      key - Name of the property.
      defaultValue - Default value if property is not registered
      type - Type to retrieve the value as.
      Returns:
      Value of the property or null.
      Since:
      2.8