Search in sources :

Example 1 with OAuth2SessionRef

use of com.peterphi.std.guice.web.rest.auth.oauth2.OAuth2SessionRef in project stdlib by petergeneric.

the class OAuth2ClientCallbackRestServiceImpl method callback.

@Override
@AuthConstraint(id = "oauth2_client_callback", skip = true, comment = "Allow non-logged-in users to be redirected to the callback page so they can be logged in")
public Response callback(final String code, final String state, final String error, final String errorText, final String errorUri) {
    final OAuth2SessionRef sessionRef = sessionRefProvider.get();
    // Check the state nonce value and retrieve the returnTo data
    // This ensures that we always warn the user if the nonce value does not match
    final URI redirectTo = sessionRef.getRedirectToFromState(state);
    if (StringUtils.isNotBlank(error)) {
        throw new IllegalArgumentException("The authorisation server failed the authorisation request with error " + error + " with description " + errorText + "." + ((errorUri != null) ? " Additional information can be found at this page: " + errorUri : ""));
    }
    // Now call to exchange the authorisation code for a token
    final String responseStr = remote.getToken(UserManagerOAuthService.GRANT_TYPE_AUTHORIZATION_CODE, code, sessionRef.getOwnCallbackUri().toString(), clientId, clientSecret, null, null, null, null);
    final OAuth2TokenResponse response = OAuth2TokenResponse.decode(responseStr);
    // Store the token information so that it is accessible across the session
    sessionRef.load(response);
    if (redirectTo == null) {
        return Response.seeOther(URI.create("/")).cacheControl(CacheControl.valueOf(NO_CACHE)).build();
    } else {
        return Response.seeOther(redirectTo).cacheControl(CacheControl.valueOf(NO_CACHE)).build();
    }
}
Also used : OAuth2SessionRef(com.peterphi.std.guice.web.rest.auth.oauth2.OAuth2SessionRef) OAuth2TokenResponse(com.peterphi.usermanager.rest.iface.oauth2server.types.OAuth2TokenResponse) URI(java.net.URI) AuthConstraint(com.peterphi.std.guice.common.auth.annotations.AuthConstraint)

Aggregations

AuthConstraint (com.peterphi.std.guice.common.auth.annotations.AuthConstraint)1 OAuth2SessionRef (com.peterphi.std.guice.web.rest.auth.oauth2.OAuth2SessionRef)1 OAuth2TokenResponse (com.peterphi.usermanager.rest.iface.oauth2server.types.OAuth2TokenResponse)1 URI (java.net.URI)1