Java tutorial
/******************************************************************************* * Copyright 2012 The MITRE Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ package org.mitre.oauth2.view; import java.io.Writer; import java.lang.reflect.Type; import java.text.DateFormat; import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; import org.springframework.security.core.GrantedAuthority; import org.springframework.validation.BeanPropertyBindingResult; import org.springframework.web.servlet.view.AbstractView; import com.google.gson.ExclusionStrategy; import com.google.gson.FieldAttributes; import com.google.gson.Gson; import com.google.gson.GsonBuilder; import com.google.gson.JsonArray; import com.google.gson.JsonElement; import com.google.gson.JsonObject; import com.google.gson.JsonPrimitive; import com.google.gson.JsonSerializationContext; import com.google.gson.JsonSerializer; public class TokenIntrospection extends AbstractView { @Override protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) throws Exception { Gson gson = new GsonBuilder().setExclusionStrategies(new ExclusionStrategy() { @Override public boolean shouldSkipField(FieldAttributes f) { /* if (f.getDeclaringClass().isAssignableFrom(OAuth2AccessTokenEntity.class)) { // we don't want to serialize the whole object, just the scope and timeout if (f.getName().equals("scope")) { return false; } else if (f.getName().equals("expiration")) { return false; } else { // skip everything else on this class return true; } } else { // serialize other classes without filter (lists and sets and things) return false; } */ return false; } @Override public boolean shouldSkipClass(Class<?> clazz) { // skip the JPA binding wrapper if (clazz.equals(BeanPropertyBindingResult.class)) { return true; } else { return false; } } }).registerTypeAdapter(OAuth2AccessTokenEntity.class, new JsonSerializer<OAuth2AccessTokenEntity>() { public JsonElement serialize(OAuth2AccessTokenEntity src, Type typeOfSrc, JsonSerializationContext context) { JsonObject token = new JsonObject(); token.addProperty("valid", true); JsonArray scopes = new JsonArray(); for (String scope : src.getScope()) { scopes.add(new JsonPrimitive(scope)); } token.add("scope", scopes); token.add("expires", context.serialize(src.getExpiration())); return token; } }).setDateFormat("yyyy-MM-dd'T'HH:mm:ssZ").create(); response.setContentType("application/json"); Writer out = response.getWriter(); Object obj = model.get("entity"); if (obj == null) { obj = model; } gson.toJson(obj, out); } }