Source Code of demo.oauth.server.controllers.ApplicationController

/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package demo.oauth.server.controllers;


import java.security.Principal;
import java.security.SecureRandom;
import java.util.Set;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;


import org.apache.cxf.common.util.StringUtils;


import org.apache.cxf.rs.security.oauth.data.Client;
import org.apache.cxf.rs.security.oauth.provider.MD5SequenceGenerator;
import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider;
import org.apache.cxf.rs.security.oauth.utils.OAuthUtils;


import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.context.ServletContextAware;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.view.RedirectView;


import demo.oauth.server.ClientApp;


@Controller
public class ApplicationController implements ServletContextAware {


    private OAuthDataProvider oauthDataProvider;


    private OAuthClientManager clientManager;


    @RequestMapping("/newClientForm")
    public ModelAndView handleRequest(@ModelAttribute("client") ClientApp clientApp) {
        return new ModelAndView("newClientForm");
    }


    @RequestMapping("/registerClient")
    public ModelAndView registerApp(@ModelAttribute("client") ClientApp clientApp)
        throws Exception {


        if (StringUtils.isEmpty(clientApp.getClientName())) {
            clientApp.setError("Client name field is required!");


            return handleInternalRedirect(clientApp);
        }


        MD5SequenceGenerator tokenGen = new MD5SequenceGenerator();
        Principal principal = SecurityContextHolder.getContext().getAuthentication();
        String consumerKey = clientApp.getConsumerKey();
        if (StringUtils.isEmpty(consumerKey)) {
            consumerKey = tokenGen
                .generate((principal.getName() + clientApp.getClientName()).getBytes("UTF-8"));
        }


        String secretKey = tokenGen.generate(new SecureRandom().generateSeed(20));


        Client clientInfo = 
            new Client(consumerKey, secretKey, clientApp.getClientName(), null);
        clientInfo.setCallbackURI(clientApp.getCallbackURL());
        clientInfo.setLoginName(principal.getName());


        Client authNInfo = clientManager.registerNewClient(consumerKey, clientInfo);
        if (authNInfo != null) {
            clientApp.setError("Client already exists!");


            return handleInternalRedirect(clientApp);
        }


        ModelAndView modelAndView = new ModelAndView("clientDetails");
        modelAndView.getModel().put("clientInfo", clientInfo);


        return modelAndView;
    }


    @RequestMapping("/listRegisteredClients")
    public ModelAndView listRegisteredClients() {
        Set<Client> apps = clientManager.listRegisteredClients();


        ModelAndView modelAndView = new ModelAndView("registeredClientsList");
        modelAndView.getModelMap().put("clients", apps);
        return modelAndView;
    }


    @RequestMapping("/listAuthorizedClients")
    public ModelAndView listAuthorizedClients() {
        Set<Client> apps = clientManager.listAuthorizedClients();


        ModelAndView modelAndView = new ModelAndView("authorizedClientsList");
        modelAndView.getModelMap().put("clients", apps);
        return modelAndView;
    }


    @RequestMapping("/removeClient")
    public ModelAndView removeClient(HttpServletRequest request) {
        String consumerKey = request.getParameter("consumerKey");


        clientManager.removeRegisteredClient(consumerKey);




        ModelAndView modelAndView = new ModelAndView(new RedirectView("/app/listRegisteredClients"));
        return modelAndView;
    }


    @RequestMapping("/revokeAccess")
    public ModelAndView revokeAccess(HttpServletRequest request) {
        String consumerKey = request.getParameter("consumerKey");
        
        clientManager.removeAllTokens(consumerKey);


        ModelAndView modelAndView = new ModelAndView(new RedirectView("/app/listAuthorizedClients"));
        return modelAndView;
    }


    @RequestMapping("/displayVerifier")
    public ModelAndView displayVerifier() {
        return new ModelAndView("displayVerifier");
    }


    private ModelAndView handleInternalRedirect(ClientApp app) {
        ModelAndView modelAndView = new ModelAndView("newClientForm");
        modelAndView.getModel().put("client", app);
        return modelAndView;
    }


    public void setServletContext(ServletContext servletContext) {
        oauthDataProvider = OAuthUtils.getOAuthDataProvider(null, servletContext);
        clientManager = (OAuthClientManager)oauthDataProvider;
    }
}
Source Code of demo.oauth.server.controllers.ApplicationController

Related Classes of demo.oauth.server.controllers.ApplicationController
