OAuth2AuthenticationEntryPoint (Broadleaf Authentication Services 1.6.1-SNAPSHOT API)

java.lang.Object
- org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
- - com.broadleafcommerce.auth.user.session.OAuth2AuthenticationEntryPoint

All Implemented Interfaces:

org.springframework.beans.factory.InitializingBean, org.springframework.security.web.AuthenticationEntryPoint
```
public class OAuth2AuthenticationEntryPoint
extends org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
```
Provides a behavior consistent with http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest. Specifically, inclusion of the prompt=none parameter. This implementation will detect the inclusion of the prompt request param, and if detected to be none, will return an error response consistent with OIDC, rather than redirect to the login page. This allows for silent authentication flows that are suitable for SPA use cases.

Author:

Jeff Fischer

Constructor Summary

Constructors
Constructor and Description
`OAuth2AuthenticationEntryPoint(String loginFormUrl, org.springframework.security.oauth2.provider.ClientDetailsService clientDetailsService, org.springframework.security.oauth2.provider.endpoint.RedirectResolver redirectResolver, boolean useRedirectUriHost)` The `useRedirectUriHost` flag has been deprecated as the ForwardedHeaderFilter should be used in all circumstances to correctly determine the redirect URI.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`commence(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException authException)`
`protected String`	`determineUrlToUseForThisRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException exception)`
`org.springframework.security.oauth2.provider.ClientDetailsService`	`getClientDetailsService()`
`org.springframework.security.oauth2.provider.endpoint.RedirectResolver`	`getRedirectResolver()`
`org.springframework.security.web.RedirectStrategy`	`getRedirectStrategy()`
`boolean`	`isUseRedirectUriHost()`
`void`	`setClientDetailsService(org.springframework.security.oauth2.provider.ClientDetailsService clientDetailsService)`
`void`	`setRedirectResolver(org.springframework.security.oauth2.provider.endpoint.RedirectResolver redirectResolver)`
`void`	`setRedirectStrategy(org.springframework.security.web.RedirectStrategy redirectStrategy)`
`void`	`setUseRedirectUriHost(boolean useRedirectUriHost)`

Methods inherited from class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
afterPropertiesSet, buildHttpsRedirectUrlForRequest, buildRedirectUrlToLoginPage, getLoginFormUrl, getPortMapper, getPortResolver, isForceHttps, isUseForward, setForceHttps, setPortMapper, setPortResolver, setUseForward

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OAuth2AuthenticationEntryPoint

public OAuth2AuthenticationEntryPoint(String loginFormUrl,
                                      org.springframework.security.oauth2.provider.ClientDetailsService clientDetailsService,
                                      org.springframework.security.oauth2.provider.endpoint.RedirectResolver redirectResolver,
                                      @Deprecated
                                      boolean useRedirectUriHost)

The useRedirectUriHost flag has been deprecated as the ForwardedHeaderFilter should be used in all circumstances to correctly determine the redirect URI. When it is used, the requests will automatically be redirected to the forwarded host/path.

Method Detail

commence

public void commence(javax.servlet.http.HttpServletRequest request,
                     javax.servlet.http.HttpServletResponse response,
                     org.springframework.security.core.AuthenticationException authException)
              throws IOException,
                     javax.servlet.ServletException

Specified by:: commence in interface org.springframework.security.web.AuthenticationEntryPoint
Overrides:: commence in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
Throws:: IOException; javax.servlet.ServletException

determineUrlToUseForThisRequest

protected String determineUrlToUseForThisRequest(javax.servlet.http.HttpServletRequest request,
                                                 javax.servlet.http.HttpServletResponse response,
                                                 org.springframework.security.core.AuthenticationException exception)

Overrides:: determineUrlToUseForThisRequest in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint

getRedirectResolver

public org.springframework.security.oauth2.provider.endpoint.RedirectResolver getRedirectResolver()

getClientDetailsService

public org.springframework.security.oauth2.provider.ClientDetailsService getClientDetailsService()

getRedirectStrategy

public org.springframework.security.web.RedirectStrategy getRedirectStrategy()

isUseRedirectUriHost
```
public boolean isUseRedirectUriHost()
```

setRedirectResolver

public void setRedirectResolver(org.springframework.security.oauth2.provider.endpoint.RedirectResolver redirectResolver)

setClientDetailsService

public void setClientDetailsService(org.springframework.security.oauth2.provider.ClientDetailsService clientDetailsService)

setRedirectStrategy

public void setRedirectStrategy(org.springframework.security.web.RedirectStrategy redirectStrategy)

setUseRedirectUriHost

public void setUseRedirectUriHost(boolean useRedirectUriHost)

Class OAuth2AuthenticationEntryPoint