Examples with AuthorizationDecisionHandlerSpi com.authlete.jaxrs.spi.AuthorizationDecisionHandlerSpi used on opensource projects

Example 1 with AuthorizationDecisionHandlerSpi

use of com.authlete.jaxrs.spi.AuthorizationDecisionHandlerSpi in project java-oauth-server by authlete.

the class AuthorizationDecisionEndpoint method post.

/**
 * Process a request from the form in the authorization page.
 *
 * <p>
 * NOTE:
 * A better implementation would re-display the authorization page
 * when the pair of login ID and password is wrong, but this
 * implementation does not do it for brevity. A much better
 * implementation would check the login credentials by Ajax.
 * </p>
 *
 * @param request
 *         A request from the form in the authorization page.
 *
 * @param parameters
 *         Request parameters.
 *
 * @return
 *         A response to the user agent. Basically, the response
 *         will trigger redirection to the client's redirect
 *         endpoint.
 */
@POST
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response post(@Context HttpServletRequest request, MultivaluedMap<String, String> parameters) {
    // Get the existing session.
    HttpSession session = getSession(request);
    // Retrieve some variables from the session. See the implementation
    // of AuthorizationRequestHandlerSpiImpl.getAuthorizationPage().
    Params params = (Params) takeAttribute(session, "params");
    String[] acrs = (String[]) takeAttribute(session, "acrs");
    Client client = (Client) takeAttribute(session, "client");
    User user = getUser(session, parameters);
    Date authTime = (Date) session.getAttribute("authTime");
    // Implementation of AuthorizationDecisionHandlerSpi.
    AuthorizationDecisionHandlerSpi spi = new AuthorizationDecisionHandlerSpiImpl(parameters, user, authTime, params.getIdTokenClaims(), acrs, client);
    // Handle the end-user's decision.
    return handle(AuthleteApiFactory.getDefaultApi(), spi, params);
}