Examples with RequestMapping org.springframework.web.bind.annotation.RequestMapping used on opensource projects

Example 31 with RequestMapping

use of org.springframework.web.bind.annotation.RequestMapping in project spring-security-oauth by spring-projects.

the class AuthorizationEndpoint method authorize.

@RequestMapping(value = "/oauth/authorize")
public ModelAndView authorize(Map<String, Object> model, @RequestParam Map<String, String> parameters, SessionStatus sessionStatus, Principal principal) {
    // Pull out the authorization request first, using the OAuth2RequestFactory. All further logic should
    // query off of the authorization request instead of referring back to the parameters map. The contents of the
    // parameters map will be stored without change in the AuthorizationRequest object once it is created.
    AuthorizationRequest authorizationRequest = getOAuth2RequestFactory().createAuthorizationRequest(parameters);
    Set<String> responseTypes = authorizationRequest.getResponseTypes();
    if (!responseTypes.contains("token") && !responseTypes.contains("code")) {
        throw new UnsupportedResponseTypeException("Unsupported response types: " + responseTypes);
    }
    if (authorizationRequest.getClientId() == null) {
        throw new InvalidClientException("A client id must be provided");
    }
    try {
        if (!(principal instanceof Authentication) || !((Authentication) principal).isAuthenticated()) {
            throw new InsufficientAuthenticationException("User must be authenticated with Spring Security before authorization can be completed.");
        }
        ClientDetails client = getClientDetailsService().loadClientByClientId(authorizationRequest.getClientId());
        // The resolved redirect URI is either the redirect_uri from the parameters or the one from
        // clientDetails. Either way we need to store it on the AuthorizationRequest.
        String redirectUriParameter = authorizationRequest.getRequestParameters().get(OAuth2Utils.REDIRECT_URI);
        String resolvedRedirect = redirectResolver.resolveRedirect(redirectUriParameter, client);
        if (!StringUtils.hasText(resolvedRedirect)) {
            throw new RedirectMismatchException("A redirectUri must be either supplied or preconfigured in the ClientDetails");
        }
        authorizationRequest.setRedirectUri(resolvedRedirect);
        // We intentionally only validate the parameters requested by the client (ignoring any data that may have
        // been added to the request by the manager).
        oauth2RequestValidator.validateScope(authorizationRequest, client);
        // Some systems may allow for approval decisions to be remembered or approved by default. Check for
        // such logic here, and set the approved flag on the authorization request accordingly.
        authorizationRequest = userApprovalHandler.checkForPreApproval(authorizationRequest, (Authentication) principal);
        // TODO: is this call necessary?
        boolean approved = userApprovalHandler.isApproved(authorizationRequest, (Authentication) principal);
        authorizationRequest.setApproved(approved);
        // Validation is all done, so we can check for auto approval...
        if (authorizationRequest.isApproved()) {
            if (responseTypes.contains("token")) {
                return getImplicitGrantResponse(authorizationRequest);
            }
            if (responseTypes.contains("code")) {
                return new ModelAndView(getAuthorizationCodeResponse(authorizationRequest, (Authentication) principal));
            }
        }
        // Place auth request into the model so that it is stored in the session
        // for approveOrDeny to use. That way we make sure that auth request comes from the session,
        // so any auth request parameters passed to approveOrDeny will be ignored and retrieved from the session.
        model.put("authorizationRequest", authorizationRequest);
        return getUserApprovalPageResponse(model, authorizationRequest, (Authentication) principal);
    } catch (RuntimeException e) {
        sessionStatus.setComplete();
        throw e;
    }
}

Example 32 with RequestMapping

use of org.springframework.web.bind.annotation.RequestMapping in project spring-security-oauth by spring-projects.

the class CheckTokenEndpoint method checkToken.

@RequestMapping(value = "/oauth/check_token")
@ResponseBody
public Map<String, ?> checkToken(@RequestParam("token") String value) {
    OAuth2AccessToken token = resourceServerTokenServices.readAccessToken(value);
    if (token == null) {
        throw new InvalidTokenException("Token was not recognised");
    }
    if (token.isExpired()) {
        throw new InvalidTokenException("Token has expired");
    }
    OAuth2Authentication authentication = resourceServerTokenServices.loadAuthentication(token.getValue());
    Map<String, ?> response = accessTokenConverter.convertAccessToken(token, authentication);
    return response;
}

Example 33 with RequestMapping

use of org.springframework.web.bind.annotation.RequestMapping in project spring-data-document-examples by spring-projects.

the class SignUpController method updateForm.

@RequestMapping(value = "/{username}", params = "form2", method = RequestMethod.GET)
public String updateForm(@PathVariable("username") String userName, Model model) {
    UserAccount userAccount = userAccountDao.findByName(userName);
    model.addAttribute("userAccount", userAccount);
    addDateTimeFormatPatterns(model);
    return "useraccounts/update";
}

Example 34 with RequestMapping

use of org.springframework.web.bind.annotation.RequestMapping in project spring-data-document-examples by spring-projects.

the class RestaurantController method addFavoriteRestaurant.

@RequestMapping(value = "/{id}/{userId}", params = "favorite", method = RequestMethod.PUT)
public String addFavoriteRestaurant(@PathVariable("id") String id, @PathVariable("userId") String userId, Model model) {
    Restaurant restaurant = this.restaurantDao.findRestaurant(id);
    //TODO will always return demo user.
    UserAccount account = this.userAccountDao.findUserAccount(314L);
    account.getFavorites().add(restaurant.getId());
    this.userAccountDao.persist(account);
    addDateTimeFormatPatterns(model);
    model.addAttribute("useraccount", account);
    model.addAttribute("itemId", id);
    //TODO converted to return 'getUserName' instead of 'getId'
    return "redirect:/useraccounts/" + account.getUserName();
}

Example 35 with RequestMapping

use of org.springframework.web.bind.annotation.RequestMapping in project jstorm by alibaba.

the class ClusterAPIController method topology.

@RequestMapping("/topology/summary")
public Map topology(@PathVariable String clusterName) {
    Map ret = new HashMap<>();
    NimbusClient client = null;
    try {
        client = NimbusClientManager.getNimbusClient(clusterName);
        ClusterSummary clusterSummary = client.getClient().getClusterInfo();
        List<TopologyEntity> topologies = UIUtils.getTopologyEntities(clusterSummary);
        ret.put("topologies", topologies);
    } catch (Exception e) {
        NimbusClientManager.removeClient(clusterName);
        ret = UIUtils.exceptionJson(e);
        LOG.error(e.getMessage(), e);
    }
    return ret;
}