All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.gatein.api.oauth.OAuthProvider Maven / Gradle / Ivy

There is a newer version: 1.1.0.Final
Show newest version
/*
 * JBoss, a division of Red Hat
 * Copyright 2013, Red Hat Middleware, LLC, and individual
 * contributors as indicated by the @authors tag. See the
 * copyright.txt in the distribution for a full listing of
 * individual contributors.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, write to the Free
 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
 */

package org.gatein.api.oauth;

import java.io.IOException;

import org.gatein.api.oauth.exception.OAuthApiException;
import org.gatein.api.oauth.exception.OAuthApiExceptionCode;

/**
 * Object, which represents single OAuth provider (Social network). It's used to interact with Portal to load/save needed
 * informations or inform Portal that we want to start some OAuth actions.
 *
 * @author Marek Posolda
 */
public interface OAuthProvider {

    /**
     * Key under which Facebook OAuth provider is registered
     */
    static final String FACEBOOK = "FACEBOOK";

    /**
     * Key under which Google+ OAuth provider is registered
     */
    static final String GOOGLE = "GOOGLE";

    /**
     * Key under which Twitter OAuth provider is registered
     */
    static final String TWITTER = "TWITTER";

    /**
     * Return key of this OAuth provider. For example {@link #FACEBOOK}
     *
     * @return key of this OAuth provider
     */
    String getKey();

    /**
     * Return friendly name of this OAuth provider. For example "Facebook". It might be useful for messages, which will be shown
     * to end user
     *
     * @return friendly name of this OAuth provider
     */
    String getFriendlyName();

    /**
     * Return access token for given user from portal identity storage (DB or LDAP). Return null if access token wasn't found
     *
     * @param username name of portal user
     * @return access token of given user
     * @throws OAuthApiException if error occured. Error code would be {@link OAuthApiExceptionCode#PERSISTENCE_ERROR} if error
     * occured in communication between Portal and Identity storage (DB or LDAP)
     */
    AccessToken loadAccessToken(String username) throws OAuthApiException;

    /**
     * Save access token for given user to portal identity storage (DB or LDAP)
     *
     * @param username name of portal user
     * @param accessToken access token to save
     * @throws OAuthApiException if error occured. Error code would be {@link OAuthApiExceptionCode#PERSISTENCE_ERROR} if error
     * occured in communication between Portal and Identity storage (DB or LDAP)
     */
    void saveAccessToken(String username, AccessToken accessToken) throws OAuthApiException;

    /**
     * Remove access token of given user from portal identity storage (DB or LDAP)
     *
     * @param username name of portal user
     * @throws OAuthApiException if error occured. Error code would be {@link OAuthApiExceptionCode#PERSISTENCE_ERROR} if error
     * occured in communication between Portal and Identity storage (DB or LDAP)
     */
    void removeAccessToken(String username) throws OAuthApiException;

    /**
     * Start OAuth or OAuth2 workflow, which means redirection to OAuth provider (Social network) login screen and authorization
     * screen and obtaining of access token for current portal user. After calling this method, current Servlet request is finished because it's redirected
     * to OAuth provider
     *
     * 

After whole OAuth workflow is successfully finished, you can obtain access token of current user via * {@link #loadAccessToken(String)}

* * @param neededCustomScope required OAuth scope. This parameter can be null and in this case, OAuth workflow will be started * just with scopes from Portal configuration * @throws OAuthApiException if this operation is not supported or some other OAuth error occured * @throws IOException if some I/O error occured (For example when calling redirecting current Servlet response) */ void startOAuthWorkflow(String neededCustomScope) throws OAuthApiException, IOException; /** * Check if given access token is valid and possibly update some info (like scopes or access token itself if it was refreshed) * In case that access token has been refreshed (updated) you may call {@link #saveAccessToken(String, AccessToken)} to update * it in DB (it's not done by Portal itself during call of this method) * * @param accessToken access token to validate * @return Validated access token with all refreshed info (In some cases it could be equal to passed access token) * @throws OAuthApiException if error occured during validation. Error code could be {@link OAuthApiExceptionCode#ACCESS_TOKEN_ERROR} * if passed access token is invalid or revoked, or {@link OAuthApiExceptionCode#IO_ERROR} if network error happened during * communication with OAuth provider */ AccessToken validateTokenAndUpdateScopes(AccessToken accessToken) throws OAuthApiException; /** * Revoke current access token on OAuth provider side, so access token won't be valid anymore and portal application * can't be seen in list of available applications of OAuth provider (For example: * https://www.facebook.com/settings?tab=applications in case of Facebook) * * @param accessToken access token to revoke * @throws OAuthApiException with code {@link OAuthApiExceptionCode#TOKEN_REVOCATION_FAILED} if revocation failed * (For example network error or access token has been already revoked before) */ void revokeToken(AccessToken accessToken) throws OAuthApiException; /** * Return "accessor" object, which can be used to call some operations on Social network * * @param accessToken access token used to initialize object * @param socialApiObjectType Type of requested social API object * @return Instance of requested social API object * @throws OAuthApiException with code {@link OAuthApiExceptionCode#SOCIAL_API_OBJECT_NOT_FOUND} if object of requested type * is not supported by this OAuth provider */ T getAuthorizedSocialApiObject(AccessToken accessToken, Class socialApiObjectType) throws OAuthApiException; }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy