org.apache.cxf.rs.security.oauth2.provider

Class JPAOAuthDataProvider

java.lang.Object

org.apache.cxf.rs.security.oauth2.provider.AbstractOAuthDataProvider

org.apache.cxf.rs.security.oauth2.provider.JPAOAuthDataProvider

All Implemented Interfaces:

ClientRegistrationProvider, OAuthDataProvider

Direct Known Subclasses:

JPACodeDataProvider

public class JPAOAuthDataProvider
extends AbstractOAuthDataProvider

Provides a Jpa BMT implementation for OAuthDataProvider. If your application runs in a container and if you want to use container managed persistence, you'll have to override the following methods :

• getEntityManager()
• commitIfNeeded(EntityManager)
• closeIfNeeded(EntityManager)

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static interface	JPAOAuthDataProvider.EntityManagerOperation<T>

Constructor Summary

Constructors

Constructor and Description
JPAOAuthDataProvider()

Method Summary

Modifier and Type	Method and Description
protected javax.persistence.EntityTransaction	beginIfNeeded(javax.persistence.EntityManager em) Begins the current transaction.
protected void	closeIfNeeded(javax.persistence.EntityManager em) Closes the current em.
protected void	commitIfNeeded(javax.persistence.EntityManager em) Commits the current transaction.
protected ServerAccessToken	doCreateAccessToken(AccessTokenRegistration atReg)
Client	doGetClient(String clientId)
protected void	doRemoveClient(Client c)
protected void	doRevokeAccessToken(ServerAccessToken at)
protected void	doRevokeRefreshToken(RefreshToken rt)
protected <T> T	execute(JPAOAuthDataProvider.EntityManagerOperation<T> operation)
protected <T> T	executeInTransaction(JPAOAuthDataProvider.EntityManagerOperation<T> operation)
protected void	flushIfNeeded(javax.persistence.EntityManager em) Flush the current transaction.
ServerAccessToken	getAccessToken(String accessToken) Get access token
List<ServerAccessToken>	getAccessTokens(Client c, UserSubject sub) Return all access tokens associated with a given client
List<Client>	getClients(UserSubject resourceOwner) Get a list of clients registered by a resource owner.
protected javax.persistence.TypedQuery<Client>	getClientsQuery(UserSubject resourceOwnerSubject, javax.persistence.EntityManager entityManager)
protected javax.persistence.EntityManager	getEntityManager() Returns the entityManaged used for the current operation.
protected RefreshToken	getRefreshToken(String refreshTokenKey)
List<RefreshToken>	getRefreshTokens(Client c, UserSubject sub) Return all refresh tokens associated with a given client
protected javax.persistence.TypedQuery<RefreshToken>	getRefreshTokensQuery(Client c, UserSubject resourceOwnerSubject, javax.persistence.EntityManager entityManager)
protected javax.persistence.TypedQuery<BearerAccessToken>	getTokensQuery(Client c, UserSubject resourceOwnerSubject, javax.persistence.EntityManager entityManager)
protected void	linkRefreshTokenToAccessToken(RefreshToken rt, ServerAccessToken at)
protected void	persistEntity(Object entity)
protected void	removeEntity(Object entity)
protected void	saveAccessToken(ServerAccessToken serverToken)
protected void	saveRefreshToken(RefreshToken refreshToken)
void	setClient(Client client) Set a Client
void	setEntityManagerFactory(javax.persistence.EntityManagerFactory emf)

Methods inherited from class org.apache.cxf.rs.security.oauth2.provider.AbstractOAuthDataProvider

authenticateUnregisteredClient, checkRequestedScopes, close, convertScopeToPermissions, convertSingleScopeToPermission, createAccessToken, createClientCredentialsClient, createJwtAccessToken, createNewAccessToken, createNewRefreshToken, doCreateNewRefreshToken, doRefreshAccessToken, getClient, getCurrentClientSecret, getCurrentRequestedGrantType, getCurrentTokenRequestParams, getDefaultScopes, getInvisibleToClientScopes, getJwtAccessTokenClaimMap, getJwtAccessTokenProducer, getMessageContext, getPermissionMap, getPreauthorizedToken, getRequiredScopes, handleLinkedRefreshToken, init, isClientMatched, isRecycleRefreshTokens, isRefreshTokenSupported, isSupportPreauthorizedTokens, isTokenMatched, isUseJwtFormatForAccessTokens, linkAccessTokenToRefreshToken, processJwtAccessToken, refreshAccessToken, removeClient, removeClientTokens, revokeAccessToken, revokeAccessTokens, revokeRefreshToken, revokeToken, setAccessTokenLifetime, setAuthenticationStrategy, setClients, setDefaultScopes, setInvisibleToClientScopes, setJwtAccessTokenClaimMap, setJwtAccessTokenProducer, setMessageContext, setPermissionMap, setRecycleRefreshTokens, setRefreshTokenLifetime, setRequiredScopes, setSupportedScopes, setSupportPreauthorizedTokens, setUseJwtFormatForAccessTokens, unlinkRefreshAccessToken, updateExistingRefreshToken, updateRefreshToken

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JPAOAuthDataProvider

public JPAOAuthDataProvider()

Method Detail

setEntityManagerFactory

public void setEntityManagerFactory(javax.persistence.EntityManagerFactory emf)

doGetClient

public Client doGetClient(String clientId)
                   throws OAuthServiceException

Specified by:

doGetClient in class AbstractOAuthDataProvider

Throws:

OAuthServiceException

execute

protected <T> T execute(JPAOAuthDataProvider.EntityManagerOperation<T> operation)

executeInTransaction

protected <T> T executeInTransaction(JPAOAuthDataProvider.EntityManagerOperation<T> operation)

setClient

public void setClient(Client client)

Description copied from interface: ClientRegistrationProvider

Set a Client

Parameters:

client - the client

doRemoveClient

protected void doRemoveClient(Client c)

Specified by:

doRemoveClient in class AbstractOAuthDataProvider

getClients

public List<Client> getClients(UserSubject resourceOwner)

Description copied from interface: ClientRegistrationProvider

Get a list of clients registered by a resource owner.

Parameters:

resourceOwner - the resource owner, can be null

Returns:

the list of clients

getAccessTokens

public List<ServerAccessToken> getAccessTokens(Client c,
                                               UserSubject sub)

Description copied from interface: OAuthDataProvider

Return all access tokens associated with a given client

Parameters:

c - the client

sub - the user subject, can be null

Returns:

list of access tokens

getRefreshTokens

public List<RefreshToken> getRefreshTokens(Client c,
                                           UserSubject sub)

Description copied from interface: OAuthDataProvider

Return all refresh tokens associated with a given client

Parameters:

c - the client

sub - the user subject, can be null

Returns:

list of refresh tokens

getAccessToken

public ServerAccessToken getAccessToken(String accessToken)
                                 throws OAuthServiceException

Description copied from interface: OAuthDataProvider

Get access token

Parameters:

accessToken - the token key

Returns:

AccessToken

Throws:

OAuthServiceException

doRevokeAccessToken

protected void doRevokeAccessToken(ServerAccessToken at)

Specified by:

doRevokeAccessToken in class AbstractOAuthDataProvider

linkRefreshTokenToAccessToken

protected void linkRefreshTokenToAccessToken(RefreshToken rt,
                                             ServerAccessToken at)

Overrides:

linkRefreshTokenToAccessToken in class AbstractOAuthDataProvider

getRefreshToken

protected RefreshToken getRefreshToken(String refreshTokenKey)

Specified by:

getRefreshToken in class AbstractOAuthDataProvider

doRevokeRefreshToken

protected void doRevokeRefreshToken(RefreshToken rt)

Specified by:

doRevokeRefreshToken in class AbstractOAuthDataProvider

doCreateAccessToken

protected ServerAccessToken doCreateAccessToken(AccessTokenRegistration atReg)

Overrides:

doCreateAccessToken in class AbstractOAuthDataProvider

saveAccessToken

protected void saveAccessToken(ServerAccessToken serverToken)

Specified by:

saveAccessToken in class AbstractOAuthDataProvider

saveRefreshToken

protected void saveRefreshToken(RefreshToken refreshToken)

Specified by:

saveRefreshToken in class AbstractOAuthDataProvider

persistEntity

protected void persistEntity(Object entity)

removeEntity

protected void removeEntity(Object entity)

getClientsQuery

protected javax.persistence.TypedQuery<Client> getClientsQuery(UserSubject resourceOwnerSubject,
                                                               javax.persistence.EntityManager entityManager)

getTokensQuery

protected javax.persistence.TypedQuery<BearerAccessToken> getTokensQuery(Client c,
                                                                         UserSubject resourceOwnerSubject,
                                                                         javax.persistence.EntityManager entityManager)

getRefreshTokensQuery

protected javax.persistence.TypedQuery<RefreshToken> getRefreshTokensQuery(Client c,
                                                                           UserSubject resourceOwnerSubject,
                                                                           javax.persistence.EntityManager entityManager)

getEntityManager

protected javax.persistence.EntityManager getEntityManager()

Returns the entityManaged used for the current operation.

beginIfNeeded

protected javax.persistence.EntityTransaction beginIfNeeded(javax.persistence.EntityManager em)

Begins the current transaction. This method needs to be overridden in a CMT environment.

flushIfNeeded

protected void flushIfNeeded(javax.persistence.EntityManager em)

Flush the current transaction.

commitIfNeeded

protected void commitIfNeeded(javax.persistence.EntityManager em)

Commits the current transaction. This method needs to be overridden in a CMT environment.

closeIfNeeded

protected void closeIfNeeded(javax.persistence.EntityManager em)

Closes the current em. This method needs to be overriden in a CMT environment.