org.apache.shindig.gadgets.oauth2

Interface OAuth2Accessor

All Superinterfaces:

Serializable

All Known Implementing Classes:

BasicOAuth2Accessor

public interface OAuth2Accessor
extends Serializable

OAuth2 related data accessor. Every OAuth2Request will create an accessor and store it in the OAuth2Store while the request is being issued. It will be removed when the request is done (success or failure.) OAuth2Accessor implementations should be Serializable to facilitate cluster storage and caching across the various phases of OAuth 2.0 flows.

Nested Class Summary

Nested Classes

Modifier and Type	Interface and Description
static class	OAuth2Accessor.Type Enumeration of possible accessor types

Method Summary

Methods

Modifier and Type	Method and Description
OAuth2Token	getAccessToken()
Map<String,String>	getAdditionalRequestParams()
String[]	getAllowedDomains() gets the domains of allowed resource servers
String	getAuthorizationUrl()
String	getClientAuthenticationType() see ClientAuthenticationHandler
String	getClientId()
byte[]	getClientSecret()
OAuth2Error	getError()
String	getErrorContextMessage()
Throwable	getErrorException()
String	getErrorUri()
String	getGadgetUri()
String	getGrantType()
String	getRedirectUri()
OAuth2Token	getRefreshToken()
String	getScope() if the gadget request or gadget spec specifies a scope it will be set here See http://tools.ietf.org/html/draft-ietf-oauth-v2-21#section-3.3
String	getServiceName()
OAuth2CallbackState	getState()
String	getTokenUrl()
OAuth2Accessor.Type	getType()
String	getUser()
void	invalidate() invalidates the accessor once the request is done.
boolean	isAllowModuleOverrides()
boolean	isAuthorizationHeader() Indicates the service provider wants the access token in an "Authorization:" header, per the spec.
boolean	isErrorResponse()
boolean	isRedirecting() is this accessor in the middle of a authorize redirect?
boolean	isUrlParameter() Indicates the service provider wants the access token in an URL Parameter.
boolean	isValid()
void	setAccessToken(OAuth2Token accessToken) updates the access token for the request (does not add it to OAuth2Store)
void	setAdditionalRequestParams(Map<String,String> requestParams) set the oauth2 request parameters
void	setAllowedDomains(String[] allowedDomains) sets the domains of allowed resource servers
void	setAuthorizationUrl(String authorizationUrl) updates the authorization endpoint url
void	setErrorResponse(Throwable exception, OAuth2Error error, String contextMessage, String errorUri)
void	setRedirecting(boolean redirecting) Used to communicate that we are in a redirect authorization flow and the accessor should be preserved.
void	setRefreshToken(OAuth2Token refreshToken) updates the refresh token for the request (does not add it to OAuth2Store)
void	setTokenUrl(String tokenUrl) updates the token endpoint url

Method Detail

getAccessToken

OAuth2Token getAccessToken()

Returns:

the access OAuth2Token or null

getAuthorizationUrl

String getAuthorizationUrl()

Returns:

the authorization endpoint for this accessor.

getClientAuthenticationType

String getClientAuthenticationType()

see ClientAuthenticationHandler

Returns:

the type of client authentication the service provider expects

getClientId

String getClientId()

Returns:

the "client_id" for this accessor

getClientSecret

byte[] getClientSecret()

Returns:

the "client_secret" for this accessor

getError

OAuth2Error getError()

getErrorContextMessage

String getErrorContextMessage()

getErrorException

Throwable getErrorException()

Returns:

the error exception, if this is an error, otherwise null

getErrorUri

String getErrorUri()

Returns:

the error uri, if this is an error, otherwise null

getGadgetUri

String getGadgetUri()

Returns:

the URI of the gadget issuing the request

getGrantType

String getGrantType()

Returns:

grant_type of this client, e.g. "code" or "client_credentials"

getRedirectUri

String getRedirectUri()

Returns:

redirect_uri of the client for this accessor

getRefreshToken

OAuth2Token getRefreshToken()

Returns:

the refresh OAuth2Token or null

getAdditionalRequestParams

Map<String,String> getAdditionalRequestParams()

Returns:

the additional oauth2 request params (never null)

getScope

String getScope()

if the gadget request or gadget spec specifies a scope it will be set here See http://tools.ietf.org/html/draft-ietf-oauth-v2-21#section-3.3

Returns:

scope of the request, or "" if none was specified

getServiceName

String getServiceName()

Returns:

the service name from the gadget spec, defaults to ""

getState

OAuth2CallbackState getState()

Returns:

the state to include on authorization requests

getTokenUrl

String getTokenUrl()

Returns:

the token endpoint for this accessor.

getType

OAuth2Accessor.Type getType()

Returns:

the OAuth2Accessor.Type of client for this accessor

getUser

String getUser()

Returns:

of the page viewer

invalidate

void invalidate()

invalidates the accessor once the request is done.

isAllowModuleOverrides

boolean isAllowModuleOverrides()

Returns:

true if the gadget's can override accessor settings

isAuthorizationHeader

boolean isAuthorizationHeader()

Indicates the service provider wants the access token in an "Authorization:" header, per the spec.

Returns:

isErrorResponse

boolean isErrorResponse()

Returns:

if an error response needs to be sent to the client

isRedirecting

boolean isRedirecting()

is this accessor in the middle of a authorize redirect?

Returns:

isUrlParameter

boolean isUrlParameter()

Indicates the service provider wants the access token in an URL Parameter. This goes against the spec but Google, Facebook and Microsoft all expect it.

Returns:

isValid

boolean isValid()

setAccessToken

void setAccessToken(OAuth2Token accessToken)

updates the access token for the request (does not add it to OAuth2Store)

Parameters:

accessToken -

setAuthorizationUrl

void setAuthorizationUrl(String authorizationUrl)

updates the authorization endpoint url

Parameters:

authorizationUrl -

setErrorResponse

void setErrorResponse(Throwable exception,
                    OAuth2Error error,
                    String contextMessage,
                    String errorUri)

Parameters:

exception -

error -

contextMessage -

errorUri -

setRedirecting

void setRedirecting(boolean redirecting)

Used to communicate that we are in a redirect authorization flow and the accessor should be preserved.

Parameters:

redirecting -

setRefreshToken

void setRefreshToken(OAuth2Token refreshToken)

updates the refresh token for the request (does not add it to OAuth2Store)

Parameters:

accessToken -

setAdditionalRequestParams

void setAdditionalRequestParams(Map<String,String> requestParams)

set the oauth2 request parameters

Parameters:

requestParams -

setTokenUrl

void setTokenUrl(String tokenUrl)

updates the token endpoint url

Parameters:

tokenUrl -

setAllowedDomains

void setAllowedDomains(String[] allowedDomains)

sets the domains of allowed resource servers

Parameters:

allowedDomains -

getAllowedDomains

String[] getAllowedDomains()

gets the domains of allowed resource servers

Returns:

allowed domains, may be empty but never null