oracle.ocsg.oauth2.ext.annotation
Class OAuth2HandlerConfig.AbstractValidator

java.lang.Object
  oracle.ocsg.oauth2.ext.annotation.OAuth2HandlerConfig.AbstractValidator

All Implemented Interfaces:

CustomizedOAuth2Validator, OAuth2Validator

Enclosing class:

OAuth2HandlerConfig

public static class OAuth2HandlerConfig.AbstractValidator

extends java.lang.Object

implements CustomizedOAuth2Validator

Constructor Summary

AbstractValidator()

Method Summary

void	validateAdditionalParamsInAuthRequest(java.util.Map attributes)
void	validateAdditionalParamsInDelegateAuthRequest(java.util.Map attributes)
void	validateAdditionalParamsInTokenRequest(java.util.Map attributes)
void	validateClientCredentials(java.lang.String clientId, java.lang.String password)
void	validateGrantedScopes(java.lang.String resourceOwner, java.lang.String[] grantedScopes)
java.lang.String	validateRedirectURI(java.lang.String clientId, java.net.URI redirectURI)
void	validateResourceOwner(java.lang.String resourceOwner, java.lang.String password)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AbstractValidator

public AbstractValidator()

Method Detail

validateAdditionalParamsInAuthRequest

public void validateAdditionalParamsInAuthRequest(java.util.Map attributes)
                                           throws OAuth2ServletValidateException

Description copied from interface: CustomizedOAuth2Validator

With the exception of the validation of a resource owner, client, scope, redirect uri, and any additional parameters in an authorization request("oauth2/authorize")can be validated using this method.

Specified by:

validateAdditionalParamsInAuthRequest in interface CustomizedOAuth2Validator

Parameters:

attributes - Additional parameter key-values in authorize request

Throws:

OAuth2ServletValidateException

validateAdditionalParamsInDelegateAuthRequest

public void validateAdditionalParamsInDelegateAuthRequest(java.util.Map attributes)
                                                   throws OAuth2ServletValidateException

Description copied from interface: CustomizedOAuth2Validator

With the exception of the validation of a resource owner, client, scope, redirect uri, and any additional parameters in a grant request("oauth2/grant")can be validated using this method.

Specified by:

validateAdditionalParamsInDelegateAuthRequest in interface CustomizedOAuth2Validator

Parameters:

attributes - Additional parameter key-values in grant request

Throws:

OAuth2ServletValidateException - the exception

validateAdditionalParamsInTokenRequest

public void validateAdditionalParamsInTokenRequest(java.util.Map attributes)
                                            throws OAuth2ServletValidateException

Description copied from interface: CustomizedOAuth2Validator

With the exception of the validation of a resource owner, client, scope redirect uri, and any additional parameters in a token request("oauth2/token")can be validated using this method.

Specified by:

validateAdditionalParamsInTokenRequest in interface CustomizedOAuth2Validator

Parameters:

attributes - Additional parameter key-values in token request

Throws:

OAuth2ServletValidateException

validateClientCredentials

public void validateClientCredentials(java.lang.String clientId,
                                      java.lang.String password)
                               throws OAuth2ServletValidateException

Description copied from interface: CustomizedOAuth2Validator

Validate if one client credential is correct, when token endpoint is triggered.

Specified by:

validateClientCredentials in interface CustomizedOAuth2Validator

Parameters:

clientId - client id

password - Password from client's request

Throws:

OAuth2ServletValidateException

validateGrantedScopes

public void validateGrantedScopes(java.lang.String resourceOwner,
                                  java.lang.String[] grantedScopes)
                           throws OAuth2ServletValidateException

Description copied from interface: CustomizedOAuth2Validator

Validate if the specified resource owner is allowed to grant the specified scope, when the grant endpoint is triggered.

Specified by:

validateGrantedScopes in interface CustomizedOAuth2Validator

Parameters:

resourceOwner - Resource owner name

grantedScopes - Scopes from user input

Throws:

OAuth2ServletValidateException

validateRedirectURI

public java.lang.String validateRedirectURI(java.lang.String clientId,
                                            java.net.URI redirectURI)
                                     throws OAuth2ServletValidateException

Description copied from interface: CustomizedOAuth2Validator

Validate if one redirectURI is valid for specified clientId, when the authorization endpoint is triggered.

Specified by:

validateRedirectURI in interface CustomizedOAuth2Validator

Parameters:

clientId -

redirectURI - from the user's input

Returns:

RedirectUri Returned if the input redirectURI is empty and only one predefined allowed redirect uri exists

Throws:

OAuth2ServletValidateException

validateResourceOwner

public void validateResourceOwner(java.lang.String resourceOwner,
                                  java.lang.String password)
                           throws OAuth2ServletValidateException

Description copied from interface: CustomizedOAuth2Validator

Validate if a resource owner is valid. Only applicable when OCSG is responsible for authenticating the resource owner.

Specified by:

validateResourceOwner in interface CustomizedOAuth2Validator

Parameters:

resourceOwner - Resource owner name

password - Password from user's input

Throws:

OAuth2ServletValidateException