/** * Basic implementation just requires the authorization request to be explicitly approved and the * user to be authenticated. * * @param authorizationRequest The authorization request. * @param userAuthentication the current user authentication * @return Whether the specified request has been approved by the current user. */ public boolean isApproved( AuthorizationRequest authorizationRequest, Authentication userAuthentication) { String flag = authorizationRequest.getApprovalParameters().get(approvalParameter); boolean approved = flag != null && flag.toLowerCase().equals("true"); OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest, userAuthentication); if (logger.isDebugEnabled()) { StringBuilder builder = new StringBuilder("Looking up existing token for "); builder.append("client_id=" + authorizationRequest.getClientId()); builder.append(", scope=" + authorizationRequest.getScope()); builder.append(" and username="******"Existing access token=" + accessToken); if (accessToken != null && !accessToken.isExpired()) { logger.debug("User already approved with token=" + accessToken); // A token was already granted and is still valid, so this is already approved approved = true; } else { logger.debug("Checking explicit approval"); approved = userAuthentication.isAuthenticated() && approved; } return approved; }
@Override public AuthorizationRequest updateAfterApproval( AuthorizationRequest authorizationRequest, Authentication userAuthentication) { Map<String, String> approvalParameters = authorizationRequest.getApprovalParameters(); Set<String> scopes = new LinkedHashSet(); for (Map.Entry<String, String> entry : approvalParameters.entrySet()) { String key = entry.getKey(); String value = entry.getValue(); if (value.equals("true")) { scopes.add(key); } } authorizationRequest.setScope(scopes); String flag = approvalParameters.get(approvalParameter); boolean approved = flag != null && flag.toLowerCase().equals("true"); authorizationRequest.setApproved(approved); return authorizationRequest; }