org.xdi.oxauth.rp.demo.LoginFilter の継承関係図

org.xdi.oxauth.rp.demo.LoginFilter 連携図

公開メンバ関数
void	init (FilterConfig filterConfig) throws ServletException

void	doFilter (ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException

void	destroy ()

静的公開変数類
static final String	WELL_KNOWN_CONNECT_PATH = "/.well-known/openid-configuration"

非公開メンバ関数
void	fetchDiscovery (HttpServletRequest request)

boolean	fetchTokenIfCodeIsPresent (HttpServletRequest request)

void	redirectToLogin (HttpServletRequest request, HttpServletResponse response) throws IOException

非公開変数類
String	authorizeParameters

String	redirectUri

String	authorizationServerHost

String	clientId

String	clientSecret

OpenIdConfigurationResponse	discoveryResponse

静的非公開変数類
static final Logger	LOG = Logger.getLogger(LoginFilter.class)

詳解

著者: yuriyz on 07/19/2016.

関数詳解

◆ destroy()

void org.xdi.oxauth.rp.demo.LoginFilter.destroy ( )

inline

136 {

137 }

◆ doFilter()

void org.xdi.oxauth.rp.demo.LoginFilter.doFilter	(	ServletRequest	servletRequest,
		ServletResponse	servletResponse,
		FilterChain	filterChain
	)		throws IOException, ServletException

inline

                                                                                                                                                        {
         HttpServletRequest request = (HttpServletRequest) servletRequest;
         HttpServletResponse response = (HttpServletResponse) servletResponse;
 
         boolean redirectForLogin = fetchTokenIfCodeIsPresent(request);
 
         Object accessToken = request.getSession(true).getAttribute("access_token");
         if (accessToken == null) {
             if (redirectForLogin) {
                 redirectToLogin(request, response);
             } else {
                 LOG.trace("Login failed.");
                 response.setContentType("text/html;charset=utf-8");
 
                 PrintWriter pw = response.getWriter();
                 pw.println("<h3>Login failed.</h3>");
             }
         } else {
             LOG.trace("User is already authenticated.");
             filterChain.doFilter(servletRequest, servletResponse);
         }
     }

◆ fetchDiscovery()

void org.xdi.oxauth.rp.demo.LoginFilter.fetchDiscovery ( HttpServletRequest request )

inlineprivate

                                                             {
         try {
             if (discoveryResponse != null) { // already initialized
                 return;
             }
 
             OpenIdConfigurationClient discoveryClient = new OpenIdConfigurationClient(authorizationServerHost + WELL_KNOWN_CONNECT_PATH);
             discoveryClient.setExecutor(Utils.createTrustAllExecutor());
 
             discoveryResponse = discoveryClient.execOpenIdConfiguration();
             LOG.trace("Discovery: " + discoveryResponse);
 
             if (discoveryResponse.getStatus() == 200) {
                 return;
             }
         } catch (Exception e) {
             LOG.error(e.getMessage(), e);
         }
 
         throw new RuntimeException("Failed to fetch discovery information at : " + authorizationServerHost + WELL_KNOWN_CONNECT_PATH);
     }

◆ fetchTokenIfCodeIsPresent()

boolean org.xdi.oxauth.rp.demo.LoginFilter.fetchTokenIfCodeIsPresent ( HttpServletRequest request )

inlineprivate

引数

request request

戻り値: whether login is still required

                                                                           {
         String code = request.getParameter("code");
         if (code != null && !code.trim().isEmpty()) {
             LOG.trace("Fetching token for code " + code + " ...");
             fetchDiscovery(request);
 
             TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
             tokenRequest.setCode(code);
             tokenRequest.setRedirectUri(redirectUri);
             tokenRequest.setAuthUsername(clientId);
             tokenRequest.setAuthPassword(clientSecret);
             tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
 
             TokenClient tokenClient = new TokenClient(discoveryResponse.getTokenEndpoint());
             tokenClient.setExecutor(Utils.createTrustAllExecutor());
             tokenClient.setRequest(tokenRequest);
 
             TokenResponse tokenResponse = tokenClient.exec();
             if (!Strings.isNullOrEmpty(tokenResponse.getAccessToken())) {
                 LOG.trace("Token is successfully fetched.");
 
                 LOG.trace("Put in session access_token: " + tokenResponse.getAccessToken() + ", id_token: " + tokenResponse.getIdToken() + ", userinfo_endpoint: " + discoveryResponse.getUserInfoEndpoint());
                 request.getSession(true).setAttribute("access_token", tokenResponse.getAccessToken());
                 request.getSession(true).setAttribute("id_token", tokenResponse.getIdToken());
                 request.getSession(true).setAttribute("userinfo_endpoint", discoveryResponse.getUserInfoEndpoint());
             } else {
                 LOG.trace("Failed to obtain token. Status: " + tokenResponse.getStatus() + ", entity: " + tokenResponse.getEntity());
             }
             return false;
         }
         return true;
     }

◆ init()

void org.xdi.oxauth.rp.demo.LoginFilter.init ( FilterConfig filterConfig ) throws ServletException

inline

                                                                         {
         authorizeParameters = filterConfig.getInitParameter("authorizeParameters");
         redirectUri = filterConfig.getInitParameter("redirectUri");
         authorizationServerHost = filterConfig.getInitParameter("authorizationServerHost");
         clientId = filterConfig.getInitParameter("clientId");
         clientSecret = filterConfig.getInitParameter("clientSecret");
 
         Preconditions.checkState(redirectUri.startsWith("https:"), "Redirect URI must use https protocol for client application_type=web.");
     }

◆ redirectToLogin()

void org.xdi.oxauth.rp.demo.LoginFilter.redirectToLogin	(	HttpServletRequest	request,
		HttpServletResponse	response
	)		throws IOException

inlineprivate

                                                                                                               {
         fetchDiscovery(request);
 
         String redirectTo = discoveryResponse.getAuthorizationEndpoint() +
                 "?redirect_uri=" + redirectUri + "&client_id=" + clientId + "&" + authorizeParameters;
         LOG.trace("Redirecting to authorization url : " + redirectTo);
         response.sendRedirect(redirectTo);
     }

メンバ詳解

◆ authorizationServerHost

String org.xdi.oxauth.rp.demo.LoginFilter.authorizationServerHost

private

◆ authorizeParameters

String org.xdi.oxauth.rp.demo.LoginFilter.authorizeParameters

private

◆ clientId

String org.xdi.oxauth.rp.demo.LoginFilter.clientId

private

◆ clientSecret

String org.xdi.oxauth.rp.demo.LoginFilter.clientSecret

private

◆ discoveryResponse

OpenIdConfigurationResponse org.xdi.oxauth.rp.demo.LoginFilter.discoveryResponse

private

◆ LOG

final Logger org.xdi.oxauth.rp.demo.LoginFilter.LOG = Logger.getLogger(LoginFilter.class)

staticprivate

◆ redirectUri

String org.xdi.oxauth.rp.demo.LoginFilter.redirectUri

private

◆ WELL_KNOWN_CONNECT_PATH

final String org.xdi.oxauth.rp.demo.LoginFilter.WELL_KNOWN_CONNECT_PATH = "/.well-known/openid-configuration"

static

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/gluu/src/oxAuth/RP-Demo/src/main/java/org/xdi/oxauth/rp/demo/LoginFilter.java

公開メンバ関数

静的公開変数類

非公開メンバ関数

非公開変数類

静的非公開変数類

詳解

関数詳解

◆ destroy()

◆ doFilter()

◆ fetchDiscovery()

◆ fetchTokenIfCodeIsPresent()

◆ init()

◆ redirectToLogin()

メンバ詳解

◆ authorizationServerHost

◆ authorizeParameters

◆ clientId

◆ clientSecret

◆ discoveryResponse

◆ LOG

◆ redirectUri

◆ WELL_KNOWN_CONNECT_PATH