List of usage examples for org.springframework.security.oauth.consumer.token OAuthConsumerTokenServices removeToken
void removeToken(String resourceId);
From source file:org.springframework.security.oauth.consumer.OAuthConsumerProcessingFilter.java
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; Set<String> accessTokenDeps = getAccessTokenDependencies(request, response, chain); if (!accessTokenDeps.isEmpty()) { try {//w ww .ja v a2 s. c om Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (requireAuthenticated && !authentication.isAuthenticated()) { throw new InsufficientAuthenticationException("An authenticated principal must be present."); } OAuthConsumerTokenServices tokenServices = getTokenServicesFactory() .getTokenServices(authentication, request); List<OAuthConsumerToken> tokens = new ArrayList<OAuthConsumerToken>(); for (String dependency : accessTokenDeps) { OAuthConsumerToken token = tokenServices.getToken(dependency); if (token == null) { if (LOG.isDebugEnabled()) { LOG.debug("Obtaining request token for dependency: " + dependency); } //obtain authorization. String callbackURL = response.encodeRedirectURL(getCallbackURL(request)); OAuthConsumerToken requestToken = getConsumerSupport() .getUnauthorizedRequestToken(dependency, callbackURL); if (LOG.isDebugEnabled()) { LOG.debug("Request token obtained for dependency " + dependency + ": " + requestToken); } tokenServices.storeToken(dependency, requestToken); String redirect = getUserAuthorizationRedirectURL(requestToken, callbackURL); if (LOG.isDebugEnabled()) { LOG.debug("Redirecting request to " + redirect + " for user authorization of the request token for dependency " + dependency + "."); } response.sendRedirect(redirect); return; } else { if (!token.isAccessToken()) { if (LOG.isDebugEnabled()) { LOG.debug("Obtaining access token for dependency: " + dependency); } //authorize the request token and store it. try { token = getConsumerSupport().getAccessToken(token, request.getParameter(OAuthProviderParameter.oauth_verifier.toString())); } finally { //make sure any request tokens are removed. tokenServices.removeToken(dependency); } if (LOG.isDebugEnabled()) { LOG.debug("Access token " + token + " obtained for dependency " + dependency + ". Now storing and using."); } tokenServices.storeToken(dependency, token); } else if (LOG.isDebugEnabled()) { LOG.debug("Authorized access token " + token + " loaded for dependency " + dependency + "."); } //token already authorized. tokens.add(token); } } if (LOG.isDebugEnabled()) { LOG.debug("Storing access tokens in request attribute '" + getAccessTokensRequestAttribute() + "'."); } request.setAttribute(getAccessTokensRequestAttribute(), tokens); chain.doFilter(request, response); } catch (OAuthException ae) { fail(request, response, ae); } catch (ServletException e) { if (e.getRootCause() instanceof OAuthException) { fail(request, response, (OAuthException) e.getRootCause()); } else { throw e; } } } else { if (LOG.isDebugEnabled()) { LOG.debug("No access token dependencies for request."); } chain.doFilter(servletRequest, servletResponse); } }