Java tutorial
package com.ecsteam.sample.oauth2.configuration.util; /* * Copyright 2002-2011 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ import java.util.Collection; import org.springframework.security.core.Authentication; import org.springframework.security.oauth2.provider.AuthorizationRequest; import org.springframework.security.oauth2.provider.ClientDetails; import org.springframework.security.oauth2.provider.ClientDetailsService; import org.springframework.security.oauth2.provider.ClientRegistrationException; import org.springframework.security.oauth2.provider.approval.ApprovalStoreUserApprovalHandler; /** * @author Dave Syer * */ public class SampleApprovalHandler extends ApprovalStoreUserApprovalHandler { private boolean useApprovalStore = true; private ClientDetailsService clientDetailsService; /** * Service to load client details (optional) for auto approval checks. * * @param clientDetailsService * a client details service */ public void setClientDetailsService(ClientDetailsService clientDetailsService) { this.clientDetailsService = clientDetailsService; super.setClientDetailsService(clientDetailsService); } /** * @param useApprovalStore * the useTokenServices to set */ public void setUseApprovalStore(boolean useApprovalStore) { this.useApprovalStore = useApprovalStore; } /** * Allows automatic approval for a white list of clients in the implicit * grant case. * * @param authorizationRequest * The authorization request. * @param userAuthentication * the current user authentication * * @return An updated request if it has already been approved by the current * user. */ @Override public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) { // boolean approved = false; // // If we are allowed to check existing approvals this will short circuit // // the decision // if (useApprovalStore) { // authorizationRequest = super.checkForPreApproval( // authorizationRequest, userAuthentication); // approved = authorizationRequest.isApproved(); // } else { // if (clientDetailsService != null) { // Collection<String> requestedScopes = authorizationRequest // .getScope(); // try { // ClientDetails client = clientDetailsService // .loadClientByClientId(authorizationRequest // .getClientId()); // for (String scope : requestedScopes) { // if (client.isAutoApprove(scope) // || client.isAutoApprove("all")) { // approved = true; // break; // } // } // } catch (ClientRegistrationException e) { // } // } // } authorizationRequest.setApproved(true); return authorizationRequest; } }