Package org.vrspace.server.api
Class Oauth2Controller
- java.lang.Object
-
- org.vrspace.server.api.ApiBase
-
- org.vrspace.server.api.Oauth2Controller
-
@RestController @RequestMapping("/vrspace/api/oauth2") public class Oauth2Controller extends ApiBase
Oauth2 login is completely handled by spring security, this is just callback once it's all done. Client's identity is something like joe:facebook, but hashed. Login name must match the stored identity.- Author:
- joe
-
-
Constructor Summary
Constructors Constructor Description Oauth2Controller()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
callback(String code, String state, javax.servlet.http.HttpServletRequest request)
org.springframework.http.ResponseEntity<String>
login(String name, String provider, String avatar, javax.servlet.http.HttpSession session, javax.servlet.http.HttpServletRequest request)
This endpoint requires both user name and authentication provider id (fb, github, google...Map<String,String>
providers()
List of OAuth2 registered authentication providers.org.springframework.http.ResponseEntity<String>
setProvider(javax.servlet.http.HttpSession session, javax.servlet.http.HttpServletRequest request)
First step in Oauth2 Authentication is to obtain valid authentication provider id.
-
-
-
Field Detail
-
PATH
public static final String PATH
- See Also:
- Constant Field Values
-
-
Method Detail
-
providers
@GetMapping("/providers") public Map<String,String> providers()
List of OAuth2 registered authentication providers.- Returns:
- key-value pair of id and name, as declared in application.properties
-
setProvider
@GetMapping("/provider") public org.springframework.http.ResponseEntity<String> setProvider(javax.servlet.http.HttpSession session, javax.servlet.http.HttpServletRequest request)
First step in Oauth2 Authentication is to obtain valid authentication provider id. This is never called directly though, the browser is redirected here from the login page. Obtains the provider id from the original request and sends browser redirect.
-
login
@GetMapping("/login") public org.springframework.http.ResponseEntity<String> login(String name, String provider, String avatar, javax.servlet.http.HttpSession session, javax.servlet.http.HttpServletRequest request)
This endpoint requires both user name and authentication provider id (fb, github, google... as defined in app properties file). The framework then performs authentication through a series of on-site and off-site redirects. Only after successful Oauth2 authentication with external provider, this method fetches or creates the Client object, and redirect back to the referring page.- Parameters:
name
- Login name of the user, localprovider
- Oauth2 authentication provider id , as registered in properties file (e.g. github, facebook, google)avatar
- Optional avatar URI, used only when creating a new user
-
-