Java tutorial
/* * Licensed to Apereo under one or more contributor license * agreements. See the NOTICE file distributed with this work * for additional information regarding copyright ownership. * Apereo licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file * except in compliance with the License. You may obtain a * copy of the License at the following location: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ package org.jasig.cas.support.oauth.web; import com.fasterxml.jackson.core.JsonFactory; import com.fasterxml.jackson.core.JsonGenerator; import com.fasterxml.jackson.databind.ObjectMapper; import org.apache.commons.lang3.StringUtils; import org.jasig.cas.authentication.principal.Principal; import org.jasig.cas.support.oauth.OAuthConstants; import org.jasig.cas.ticket.TicketGrantingTicket; import org.jasig.cas.ticket.registry.TicketRegistry; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.mvc.AbstractController; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.util.Map; /** * This controller returns a profile for the authenticated user * (identifier + attributes), found with the access token (CAS granting * ticket). * * @author Jerome Leleu * @since 3.5.0 */ public final class OAuth20ProfileController extends AbstractController { private static final Logger LOGGER = LoggerFactory.getLogger(OAuth20ProfileController.class); private static final String ID = "id"; private static final String ATTRIBUTES = "attributes"; private final TicketRegistry ticketRegistry; private final JsonFactory jsonFactory = new JsonFactory(new ObjectMapper()); /** * Instantiates a new o auth20 profile controller. * * @param ticketRegistry the ticket registry */ public OAuth20ProfileController(final TicketRegistry ticketRegistry) { this.ticketRegistry = ticketRegistry; } @Override protected ModelAndView handleRequestInternal(final HttpServletRequest request, final HttpServletResponse response) throws Exception { String accessToken = request.getParameter(OAuthConstants.ACCESS_TOKEN); if (StringUtils.isBlank(accessToken)) { final String authHeader = request.getHeader("Authorization"); if (StringUtils.isNotBlank(authHeader) && authHeader.startsWith(OAuthConstants.BEARER_TOKEN + " ")) { accessToken = authHeader.substring(OAuthConstants.BEARER_TOKEN.length() + 1); } } LOGGER.debug("{} : {}", OAuthConstants.ACCESS_TOKEN, accessToken); try (final JsonGenerator jsonGenerator = this.jsonFactory.createJsonGenerator(response.getWriter())) { response.setContentType("application/json"); // accessToken is required if (StringUtils.isBlank(accessToken)) { LOGGER.error("Missing {}", OAuthConstants.ACCESS_TOKEN); jsonGenerator.writeStartObject(); jsonGenerator.writeStringField("error", OAuthConstants.MISSING_ACCESS_TOKEN); jsonGenerator.writeEndObject(); return null; } // get ticket granting ticket final TicketGrantingTicket ticketGrantingTicket = (TicketGrantingTicket) this.ticketRegistry .getTicket(accessToken); if (ticketGrantingTicket == null || ticketGrantingTicket.isExpired()) { LOGGER.error("expired accessToken : {}", accessToken); jsonGenerator.writeStartObject(); jsonGenerator.writeStringField("error", OAuthConstants.EXPIRED_ACCESS_TOKEN); jsonGenerator.writeEndObject(); return null; } // generate profile : identifier + attributes final Principal principal = ticketGrantingTicket.getAuthentication().getPrincipal(); jsonGenerator.writeStartObject(); jsonGenerator.writeStringField(ID, principal.getId()); jsonGenerator.writeArrayFieldStart(ATTRIBUTES); final Map<String, Object> attributes = principal.getAttributes(); for (final Map.Entry<String, Object> entry : attributes.entrySet()) { jsonGenerator.writeStartObject(); jsonGenerator.writeObjectField(entry.getKey(), entry.getValue()); jsonGenerator.writeEndObject(); } jsonGenerator.writeEndArray(); jsonGenerator.writeEndObject(); return null; } finally { response.flushBuffer(); } } }