org.glassfish.jersey.server.oauth1

Class OAuth1ServerProperties

java.lang.Object

org.glassfish.jersey.server.oauth1.OAuth1ServerProperties

public final class OAuth1ServerProperties
extends Object

Properties used to configure OAuth server module.

Author:

Miroslav Fuksa

Field Summary

Fields

Modifier and Type	Field and Description
static String	ACCESS_TOKEN_URI If exposure of token resources is enabled (e.g.
static String	ENABLE_TOKEN_RESOURCES If set to true, token resources will be exposed.
static String	GC_PERIOD Property that can be set to frequency of collecting nonces exceeding max.
static String	IGNORE_PATH_PATTERN Property that can be set to a regular expression used to match the path (relative to the base URI) this filter should not be applied to.
static String	MAX_AGE Property defines maximum age (in milliseconds) of nonces that should be tracked (default = 300000 ms = 5 min).
static String	MAX_NONCE_CACHE_SIZE Defines maximum number of nonces that can be stored in the nonce cache.
static String	NO_FAIL If set to true makes the correct OAuth authentication optional.
static String	REALM OAuth realm (String property).
static String	REQUEST_TOKEN_URI If exposure of token resources is enabled (e.g.
static String	TIMESTAMP_UNIT Unit of oauth_timestamp attribute used in authorization headers.

Constructor Summary

Constructors

Constructor and Description
OAuth1ServerProperties()

Method Summary

Modifier and Type	Method and Description
static <T> T	getValue(Map<String,?> properties, String key, Class<T> type) Get the value of the specified property.
static <T> T	getValue(Map<String,?> properties, String key, T defaultValue) Get the value of the specified property.
static <T> T	getValue(Map<String,?> properties, String key, T defaultValue, Class<T> type) Get the value of the specified property.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

REALM

public static final String REALM

OAuth realm (String property).

A default value is 'default'.

The name of the configuration property is "jersey.config.server.oauth1.realm".

See Also:

Constant Field Values

IGNORE_PATH_PATTERN

public static final String IGNORE_PATH_PATTERN

Property that can be set to a regular expression used to match the path (relative to the base URI) this filter should not be applied to.

A default value is null.

The name of the configuration property is "jersey.config.server.oauth1.ignorePathPattern".

See Also:

Constant Field Values

MAX_AGE

public static final String MAX_AGE

Property defines maximum age (in milliseconds) of nonces that should be tracked (default = 300000 ms = 5 min).

A default value is 300000 which corresponds to 5 minutes.

The name of the configuration property is "jersey.config.server.oauth1.maxAge".

See Also:

Constant Field Values

GC_PERIOD

public static final String GC_PERIOD

Property that can be set to frequency of collecting nonces exceeding max. age (default = 100 = every 100 requests).

See Also:

Constant Field Values

TIMESTAMP_UNIT

public static final String TIMESTAMP_UNIT

Unit of oauth_timestamp attribute used in authorization headers. The value must be one of the enum values of TimeUnit (e.g. SECONDS, MILLISECONDS, MINUTES).

A default value is SECONDS.

The name of the configuration property is "jersey.config.server.oauth1.timestamp.unit".

See Also:

Constant Field Values

MAX_NONCE_CACHE_SIZE

public static final String MAX_NONCE_CACHE_SIZE

Defines maximum number of nonces that can be stored in the nonce cache. If more nonces will be used, the cache will not store any other nonce and requests will be refused. Note that cache is automatically cleaned as it keeps only nonces delivered with timestamp withing the MAX_AGE period.

This setting is used to limit the maximum size of internal cache and thanks to this it prevents exhausting of memory and failing of the server.

The value must be a long.

A default value is 2000000.

The name of the configuration property is "jersey.config.server.oauth1.max.nonce.size".

See Also:

Constant Field Values

NO_FAIL

public static final String NO_FAIL

If set to true makes the correct OAuth authentication optional. Instead of returning the appropriate status code (Response.Status.BAD_REQUEST or Response.Status.UNAUTHORIZED) the OAuth filter will ignore this request (as if it was not authenticated) and let the web application deal with it.

A default value is false.

The name of the configuration property is "jersey.config.server.oauth1.noFail".

See Also:

Constant Field Values

ENABLE_TOKEN_RESOURCES

public static final String ENABLE_TOKEN_RESOURCES

If set to true, token resources will be exposed. Token resources are JAX-RS resources for retrieving Request Tokens and Access Tokens. If the property is set to false, the resources will not be exposed and it is responsibility of the user custom resource to issue Request Tokens and Access Tokens.

URIs of exposed resources can be specified by REQUEST_TOKEN_URI and ACCESS_TOKEN_URI.

A default value is true.

The name of the configuration property is "jersey.config.server.oauth1.resource.enabled".

See Also:

Constant Field Values

REQUEST_TOKEN_URI

public static final String REQUEST_TOKEN_URI

If exposure of token resources is enabled (e.g. by the property ENABLE_TOKEN_RESOURCES), this property defines the relative URI of exposed Request Token Resource. The URI must be relative to the base URI of the JAX-RS application.

Request Token resource is the resource which issues a Request Token and Request Token secret during the Authorization process (temporary credentials IDs).

The property is undefined by default.

The name of the configuration property is "jersey.config.server.oauth1.resource.requestToken.uri".

See Also:

Constant Field Values

ACCESS_TOKEN_URI

public static final String ACCESS_TOKEN_URI

If exposure of token resources is enabled (e.g. by the property ENABLE_TOKEN_RESOURCES), this property defines the relative URI of exposed Access Token Resource. The URI must be relative to the base URI of the JAX-RS application.

Access Token resource is the resource which issues a Access Token and Access Token secret during the Authorization process.

The property is undefined by default.

The name of the configuration property is "jersey.config.server.oauth1.resource.accessToken.uri".

See Also:

Constant Field Values

Constructor Detail

OAuth1ServerProperties

public OAuth1ServerProperties()

Method Detail

getValue

public static <T> T getValue(Map<String,?> properties,
                             String key,
                             Class<T> type)

Get the value of the specified property. If the property is not set or the real value type is not compatible with the specified value type, returns null.

Type Parameters:

T - Type of the property value.

Parameters:

properties - Map of properties to get the property value from.

key - Name of the property.

type - Type to retrieve the value as.

Returns:

Value of the property or null.

Since:

2.8

getValue

public static <T> T getValue(Map<String,?> properties,
                             String key,
                             T defaultValue)

Get the value of the specified property. If the property is not set or the real value type is not compatible with defaultValue type, the specified defaultValue is returned. Calling this method is equivalent to calling OAuth1ServerProperties.getValue(properties, key, defaultValue, (Class<T>) defaultValue.getClass())

Type Parameters:

T - Type of the property value.

Parameters:

properties - Map of properties to get the property value from.

key - Name of the property.

defaultValue - Default value if property is not registered

Returns:

Value of the property or null.

Since:

2.8

getValue

public static <T> T getValue(Map<String,?> properties,
                             String key,
                             T defaultValue,
                             Class<T> type)

Get the value of the specified property. If the property is not set or the real value type is not compatible with the specified value type, returns defaultValue.

Type Parameters:

T - Type of the property value.

Parameters:

properties - Map of properties to get the property value from.

key - Name of the property.

defaultValue - Default value if property is not registered

type - Type to retrieve the value as.

Returns:

Value of the property or null.

Since:

2.8