Wt
3.7.1
|
Endpoint to retrieve an access token. More...
Public Member Functions | |
OAuthTokenEndpoint (AbstractUserDatabase &db, std::string issuer) | |
Constructor. More... | |
virtual void | handleRequest (const Http::Request &request, Http::Response &response) |
Handles a request. More... | |
void | setAccessExpSecs (int seconds) |
Sets the amount of seconds after which generated access tokens expire. More... | |
void | setIdExpSecs (int seconds) |
Sets the amount of seconds after which generated id tokens expire. More... | |
Public Member Functions inherited from Wt::WResource | |
WResource (WObject *parent=0) | |
Creates a new resource. | |
~WResource () | |
Destroys the resource. More... | |
void | suggestFileName (const Wt::WString &name, DispositionType dispositionType=Attachment) |
Suggests a filename to the user for the data streamed by this resource. More... | |
const Wt::WString & | suggestedFileName () const |
Returns the suggested file name. More... | |
void | setDispositionType (DispositionType cd) |
Configures the Content-Disposition header. More... | |
DispositionType | dispositionType () const |
Returns the currently configured content disposition. More... | |
void | setChanged () |
Generates a new URL for this resource and emits the changed signal. More... | |
void | setInternalPath (const std::string &path) |
Sets an internal path for this resource. More... | |
std::string | internalPath () const |
Returns the internal path. More... | |
const std::string & | generateUrl () |
Generates an URL for this resource. More... | |
const std::string & | url () const |
Returns the current URL for this resource. More... | |
Signal & | dataChanged () |
Signal emitted when the data presented in this resource has changed. More... | |
void | setUploadProgress (bool enabled) |
Indicate interest in upload progress. More... | |
Signal< ::uint64_t, ::uint64_t > & | dataReceived () |
Signal emitted when data has been received for this resource. More... | |
void | write (std::ostream &out, const Http::ParameterMap ¶meters=Http::ParameterMap(), const Http::UploadedFileMap &files=Http::UploadedFileMap()) |
Stream the resource to a stream. More... | |
virtual void | handleAbort (const Http::Request &request) |
Handles a continued request being aborted. More... | |
void | haveMoreData () |
Indicate that more data is available. More... | |
void | setTakesUpdateLock (bool enabled) |
Set whether this resource takes the WApplication's update lock. More... | |
bool | takesUpdateLock () const |
Returns whether this resources takes the WApplication's update lock. More... | |
Public Member Functions inherited from Wt::WObject | |
WObject (WObject *parent=0) | |
Create a WObject with a given parent object. More... | |
virtual | ~WObject () |
Destructor. More... | |
virtual const std::string | id () const |
Returns the (unique) identifier for this object. More... | |
virtual void | setObjectName (const std::string &name) |
Sets an object name. More... | |
virtual std::string | objectName () const |
Returns the object name. More... | |
void | resetLearnedSlots () |
Resets learned stateless slot implementations. More... | |
template<class T > | |
void | resetLearnedSlot (void(T::*method)()) |
Resets a learned stateless slot implementation. More... | |
template<class T > | |
WStatelessSlot * | implementStateless (void(T::*method)()) |
Declares a slot to be stateless and learn client-side behaviour on first invocation. More... | |
template<class T > | |
WStatelessSlot * | implementStateless (void(T::*method)(), void(T::*undoMethod)()) |
Declares a slot to be stateless and learn client-side behaviour in advance. More... | |
void | isNotStateless () |
Marks the current function as not stateless. More... | |
template<class T > | |
WStatelessSlot * | implementJavaScript (void(T::*method)(), const std::string &jsCode) |
Provides a JavaScript implementation for a method. More... | |
void | addChild (WObject *child) |
Adds a child object. More... | |
virtual void | removeChild (WObject *child) |
Removes a child object. More... | |
const std::vector< WObject * > & | children () const |
Returns the children. | |
WObject * | parent () const |
Returns the parent object. | |
Private Member Functions | |
virtual const std::string | idTokenPayload (const std::string &clientId, const std::string &scope, const User &user) |
Is only called when scope contains openid. Generates a JSON Web Token. | |
Additional Inherited Members | |
Public Types inherited from Wt::WResource | |
enum | DispositionType { NoDisposition, Attachment, Inline } |
Values for the disposition type in the Content-Disposition header. More... | |
Public Types inherited from Wt::WObject | |
typedef void(WObject::* | Method) () |
Typedef for a WObject method without arguments. | |
Protected Member Functions inherited from Wt::WResource | |
void | beingDeleted () |
Prepares the resource for deletion. More... | |
Protected Member Functions inherited from Wt::WObject | |
virtual WStatelessSlot * | getStateless (Method method) |
On-demand stateless slot implementation. More... | |
Static Protected Member Functions inherited from Wt::WObject | |
static WObject * | sender () |
Returns the sender of the current slot call. More... | |
Endpoint to retrieve an access token.
The token endpoint is used by the client to obtain an OAuthAccessToken by presenting its authorization grant. This implementation only supports the "authorization_code" grant type. The client ID and secret can be passed with Basic auth or by POST request parameters. When something goes wrong, the reply will include a JSON object with an "error" attribute.
This endpoint is implemented as a WResource, so it's usually deployed using WServer::addResource.
For more information refer to the specification: https://tools.ietf.org/rfc/rfc6749.txt
When the scope includes "openid" an ID Token will be included as specified by the OpenID Connect standard.
This class relies on a correct implementation of several function in the AbstractUserDatabase. Namely AbstractUserDatabase::idpClientFindWithId, AbstractUserDatabase::idpClientAuthMethod, AbstractUserDatabase::idpVerifySecret, AbstractUserDatabase::idpClientId, AbstractUserDatabase::idpTokenFindWithValue, AbstractUserDatabase::idpTokenAdd, AbstractUserDatabase::idpTokenRemove, AbstractUserDatabase::idpTokenRedirectUri, AbstractUserDatabase::idpTokenAuthClient, AbstractUserDatabase::idpTokenUser, and AbstractUserDatabase::idpTokenScope.
Must be deployed using TLS.
Wt::Auth::OAuthTokenEndpoint::OAuthTokenEndpoint | ( | AbstractUserDatabase & | db, |
std::string | issuer | ||
) |
Constructor.
The issuer argument is used for the "iss" attribute in the ID Token when the scope includes "openid".
|
virtual |
Handles a request.
Reimplement this method so that a proper response is generated for the given request. From the request
object you can access request parameters and whether the request is a continuation request. In the response
object, you should set the mime type and stream the output data.
A request may also concern a continuation, indicated in Http::Request::continuation(), in which case the next part for a previously created continuation should be served.
While handling a request, which may happen at any time together with event handling, the library makes sure that the resource is not being concurrently deleted, but multiple requests may happend simultaneously for a single resource.
Implements Wt::WResource.
void Wt::Auth::OAuthTokenEndpoint::setAccessExpSecs | ( | int | seconds | ) |
Sets the amount of seconds after which generated access tokens expire.
Defaults to 3600 seconds.
void Wt::Auth::OAuthTokenEndpoint::setIdExpSecs | ( | int | seconds | ) |
Sets the amount of seconds after which generated id tokens expire.
Defaults to 3600 seconds.