Class OAuthProcess
- Direct Known Subclasses:
OidcProcess
public class OAuthProcess extends WObject
The process implements the state machine that is needed to complete an OAuth authorization cycle.
Optionally, it also provides authentication, by using the service-specific logic which uses the access token to return identity information.
A process is created for a particular scope, which represents what kind of information one wants to access, and which is used to inform the user of the kind of operations he needs to authorize for your application to make with his protected data.
- See Also:
OAuthService.createProcess(String scope)
-
Nested Class Summary
Nested Classes Modifier and Type Class Description protected static class
OAuthProcess.TokenError
Exception thrown while parsing a token response.Nested classes/interfaces inherited from class eu.webtoolkit.jwt.WObject
WObject.FormData
-
Constructor Summary
Constructors Modifier Constructor Description protected
OAuthProcess(OAuthService service, java.lang.String scope)
Constructor. -
Method Summary
Modifier and Type Method Description Signal1<Identity>
authenticated()
Authentication signal.Signal1<OAuthAccessToken>
authorized()
Authorization signal.void
connectStartAuthenticate(AbstractEventSignal s)
Connects an implementation to start an authentication process to a signal.WString
getError()
Error information, in case authentication or identification failed.void
getIdentity(OAuthAccessToken token)
Obtains an authenticated identity.java.lang.String
getScope()
Returns the scope for which this process was created.OAuthService
getService()
Returns the OAuth service which spawned this process.OAuthAccessToken
getToken()
Returns the access token.protected OAuthAccessToken
parseTokenResponse(eu.webtoolkit.jwt.auth.HttpMessage response)
Parses the response for a token request.protected void
setError(java.lang.CharSequence error)
Sets the error.void
startAuthenticate()
Starts an authorization and authentication process.void
startAuthorize()
Starts an authorization process.Methods inherited from class eu.webtoolkit.jwt.WObject
addChild, getId, getObjectName, remove, setFormData, setObjectName, tr
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Constructor Details
-
OAuthProcess
Constructor.- See Also:
OAuthService.createProcess(String scope)
-
-
Method Details
-
getScope
public java.lang.String getScope()Returns the scope for which this process was created.The scope represents how much protected information the web application wants to access, and in what way.
-
getService
Returns the OAuth service which spawned this process.- See Also:
OAuthService.createProcess(String scope)
-
startAuthorize
public void startAuthorize()Starts an authorization process.This starts an authorization process to request an accesstoken to access protected information within the process scope.
The authorization process ends with the
authorized()
signal which signals the obtained token.Note: To be able to use a popup (instead of a page redirect), you should connect this method directly to an, since popup windows are blocked in most web browsers unless they are the direct consequence of an event.
-
startAuthenticate
public void startAuthenticate()Starts an authorization and authentication process.This is
startAuthorize()
followed bygetIdentity()
.This requires that the process is created with an authorization scope that includes sufficient rights for authentication (at least
OAuthService.getAuthenticationScope()
)The authentication process ends with the
authenticated()
signal which signals the obtained identity.Note: To be able to use a popup (instead of a page redirect), you should connect this method directly to an, since popup windows are blocked in most web browsers unless they are the direct consequence of an event.
-
connectStartAuthenticate
Connects an implementation to start an authentication process to a signal.If JavaScript is available, this method connects a JavaScript function to the
signal
, otherwisestartAuthenticate()
is connected tosignal
. -
getIdentity
Obtains an authenticated identity.The authentication process uses an access token to issue one or more protected requests for obtaining identity information. This is not part of the OAuth protocol, since OAuth does not standardize the use of the access token to obtain this information.
The authentication process ends with the
authenticated()
signal which signals the obtained identity. -
getError
Error information, in case authentication or identification failed.The error message contains details when the
authorized()
orauthenticated()
signals indicate respectively an invalid token or invalid identity. -
getToken
Returns the access token.This returns the access token that was obtained in the last authorization cycle.
-
authorized
Authorization signal.This signal indicates the end of an authorization process started with
startAuthorize()
. If the authorization process was successful, then the parameter carries a valid access token that was obtained. If the authorization process failed then the access token parameter is invalid, and you can get more information usinggetError()
.Authorization can fail because of a protocol error, aconfiguration problem, or because the user denied the authorization.
- See Also:
startAuthorize()
,OAuthAccessToken.isValid()
-
authenticated
Authentication signal.This signal indicates the end of an authentication process started with
startAuthenticate()
orgetIdentity()
. If the authentication process was successful, then the parameter is a valid and authentic identity. If the authentication process failed then the identity parameter is invalid, and you can get more information usinggetError()
.Authentication can fail because authorization failed (in case of
startAuthenticate()
), or because of a protocol error, or configuration problem. -
parseTokenResponse
Parses the response for a token request.Throws a
OAuthProcess.TokenError
when the response indicates an error, or when the response could not be properly parsed.Some OAuth implementations may uses a non-standard encoding of the token.
-
setError
protected void setError(java.lang.CharSequence error)Sets the error.This should be used in
getIdentity()
implementations to set the error, before emittingauthenticated()
with an invalidIdentity
.
-