org.apache.cxf.rs.security.oidc.idp

Class OidcHybridService

java.lang.Object

org.apache.cxf.rs.security.oauth2.services.AbstractOAuthService

org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService

org.apache.cxf.rs.security.oauth2.services.AbstractImplicitGrantService

org.apache.cxf.rs.security.oauth2.services.ImplicitGrantService

org.apache.cxf.rs.security.oidc.idp.OidcImplicitService

org.apache.cxf.rs.security.oidc.idp.OidcHybridService

@Path(value="authorize-hybrid")
public class OidcHybridService
extends OidcImplicitService

Field Summary

Fields inherited from class org.apache.cxf.rs.security.oauth2.services.AbstractOAuthService

LOG

Constructor Summary

Constructors

Constructor and Description
OidcHybridService()
OidcHybridService(boolean hybridOnly)

Method Summary

Modifier and Type	Method and Description
protected boolean	canAccessTokenBeReturned(String responseType)
protected org.apache.cxf.rs.security.oauth2.common.AbstractFormImplicitResponse	prepareFormResponse(org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState state, org.apache.cxf.rs.security.oauth2.common.Client client, List<String> requestedScope, List<String> approvedScope, org.apache.cxf.rs.security.oauth2.common.UserSubject userSubject, org.apache.cxf.rs.security.oauth2.common.ServerAccessToken preAuthorizedToken)
protected org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant	prepareHybrideCode(org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState state, org.apache.cxf.rs.security.oauth2.common.Client client, List<String> requestedScope, List<String> approvedScope, org.apache.cxf.rs.security.oauth2.common.UserSubject userSubject, org.apache.cxf.rs.security.oauth2.common.ServerAccessToken preAuthorizedToken)
protected StringBuilder	prepareRedirectResponse(org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState state, org.apache.cxf.rs.security.oauth2.common.Client client, List<String> requestedScope, List<String> approvedScope, org.apache.cxf.rs.security.oauth2.common.UserSubject userSubject, org.apache.cxf.rs.security.oauth2.common.ServerAccessToken preAuthorizedToken)
void	setCodeService(OidcAuthorizationCodeService codeService)

Methods inherited from class org.apache.cxf.rs.security.oidc.idp.OidcImplicitService

canAuthorizationBeSkipped, processIdToken, recreateRedirectionStateFromParams, setIdTokenJoseHandler, setIdTokenProvider, setSkipAuthorizationWithOidcScope, startAuthorization

Methods inherited from class org.apache.cxf.rs.security.oauth2.services.ImplicitGrantService

createAuthorizationData

Methods inherited from class org.apache.cxf.rs.security.oauth2.services.AbstractImplicitGrantService

canRedirectUriBeEmpty, canSupportPublicClient, createErrorResponse, createGrant, createTokenRegistration, finalizeResponse, getClientAccessToken, getUriWithFragment, processClientAccessToken, processRefreshToken, setReportClientId, setResponseFilter, setResponseFilters

Methods inherited from class org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService

authorize, authorizeDecision, authorizeDecisionForm, authorizePost, completeAuthorization, createErrorResponse, createHtmlResponse, createUserSubject, getAndValidateSecurityContext, getApprovedScope, getClient, getSupportedGrantType, getSupportedResponseTypes, isFormResponse, isRevokePreauthorizedTokenOnApproval, noConsentForRequestedScopes, personalizeData, recreateRedirectionStateFromSession, setAuthorizationFilter, setHidePreauthorizedScopesInForm, setMatchRedirectUriWithApplicationUri, setMaxDefaultSessionInterval, setPartialMatchScopeValidation, setResourceOwnerNameProvider, setRevokePreauthorizedTokenOnApproval, setScopesRequiringNoConsent, setSessionAuthenticityTokenProvider, setSubjectCreator, setSupportSinglePageApplications, setUseAllClientScopes, setUseRegisteredRedirectUriIfPossible, startAuthorization, validateRedirectUri

Methods inherited from class org.apache.cxf.rs.security.oauth2.services.AbstractOAuthService

checkTransportSecurity, getDataProvider, getMessageContext, getQueryParameters, getValidClient, getValidClient, injectContextIntoOAuthProviders, isWriteOptionalParameters, reportInvalidRequestError, reportInvalidRequestError, reportInvalidRequestError, reportInvalidRequestError, setBlockUnsecureRequests, setDataProvider, setMessageContext, setWriteOptionalParameters

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OidcHybridService

public OidcHybridService()

OidcHybridService

public OidcHybridService(boolean hybridOnly)

Method Detail

canAccessTokenBeReturned

protected boolean canAccessTokenBeReturned(String responseType)

Overrides:

canAccessTokenBeReturned in class OidcImplicitService

prepareRedirectResponse

protected StringBuilder prepareRedirectResponse(org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState state,
                                                org.apache.cxf.rs.security.oauth2.common.Client client,
                                                List<String> requestedScope,
                                                List<String> approvedScope,
                                                org.apache.cxf.rs.security.oauth2.common.UserSubject userSubject,
                                                org.apache.cxf.rs.security.oauth2.common.ServerAccessToken preAuthorizedToken)

Overrides:

prepareRedirectResponse in class OidcImplicitService

prepareFormResponse

protected org.apache.cxf.rs.security.oauth2.common.AbstractFormImplicitResponse prepareFormResponse(org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState state,
                                                                                                    org.apache.cxf.rs.security.oauth2.common.Client client,
                                                                                                    List<String> requestedScope,
                                                                                                    List<String> approvedScope,
                                                                                                    org.apache.cxf.rs.security.oauth2.common.UserSubject userSubject,
                                                                                                    org.apache.cxf.rs.security.oauth2.common.ServerAccessToken preAuthorizedToken)

Overrides:

prepareFormResponse in class OidcImplicitService

prepareHybrideCode

protected org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant prepareHybrideCode(org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState state,
                                                                                                        org.apache.cxf.rs.security.oauth2.common.Client client,
                                                                                                        List<String> requestedScope,
                                                                                                        List<String> approvedScope,
                                                                                                        org.apache.cxf.rs.security.oauth2.common.UserSubject userSubject,
                                                                                                        org.apache.cxf.rs.security.oauth2.common.ServerAccessToken preAuthorizedToken)

setCodeService

public void setCodeService(OidcAuthorizationCodeService codeService)