List of usage examples for org.springframework.security.oauth2.common OAuth2AccessToken BEARER_TYPE
String BEARER_TYPE
To view the source code for org.springframework.security.oauth2.common OAuth2AccessToken BEARER_TYPE.
Click Source Link
From source file:org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter.java
/** * Parse the OAuth header parameters. The parameters will be oauth-decoded. * /* w ww . j a v a2 s . co m*/ * @param request The request. * @return The parsed parameters, or null if no OAuth authorization header was supplied. */ protected String parseHeaderToken(HttpServletRequest request) { @SuppressWarnings("unchecked") Enumeration<String> headers = request.getHeaders("Authorization"); while (headers.hasMoreElements()) { // typically there is only one (most servers enforce that) String value = headers.nextElement(); if ((value.toLowerCase().startsWith(OAuth2AccessToken.BEARER_TYPE.toLowerCase()))) { String authHeaderValue = value.substring(OAuth2AccessToken.BEARER_TYPE.length()).trim(); int commaIndex = authHeaderValue.indexOf(','); if (commaIndex > 0) { authHeaderValue = authHeaderValue.substring(0, commaIndex); } return authHeaderValue; } else { // todo: support additional authorization schemes for different token types, e.g. "MAC" specified by // http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token } } return null; }
From source file:org.springframework.security.oauth2.provider.error.DefaultWebResponseExceptionTranslator.java
private ResponseEntity<OAuth2Exception> handleOAuth2Exception(OAuth2Exception e) throws IOException { if (logger.isDebugEnabled()) { logger.debug("OAuth error.", e); }/* www. ja va 2 s. c o m*/ int status = e.getHttpErrorCode(); HttpHeaders headers = new HttpHeaders(); headers.set("Cache-Control", "no-store"); if (status == HttpStatus.UNAUTHORIZED.value()) { headers.set("WWW-Authenticate", String.format("%s %s", OAuth2AccessToken.BEARER_TYPE, e.getSummary())); } ResponseEntity<OAuth2Exception> response = new ResponseEntity<OAuth2Exception>(e, headers, HttpStatus.valueOf(status)); return response; }