...
Alternatively, if you prefer, a custom MessageBodyWriter implementation can be registered instead.
...
AccessTokenValidatorService
The AccessTokenValidationService AccessTokenValidatorService is a CXF specific OAuth2 service for accepting the remote access token validation requests. Typically, OAuthRequestFilter (see on it below) may choose to impersonate itself as a third-party client and will ask AccessTokenValidationService AccessTokenValidatorService to return the information relevant to the current access token, before setting up a security context. More on it below.
...
If the remote token validation is supported then have AccessTokenValidationService AccessTokenValidatorService added too:
Code Block | ||||
---|---|---|---|---|
| ||||
<!-- implements OAuthDataProvider --> <bean id="oauthProvider" class="oauth.manager.OAuthManager"/> <bean id="accessTokenService" class="org.apache.cxf.rs.security.oauth2.services.AccessTokenService"> <property name="dataProvider" ref="oauthProvider"/> </bean> <bean id="accessTokenValidateService" class="org.apache.cxf.rs.security.oauth2.services.AccessTokenValidateServiceAccessTokenValidatorService"> <property name="dataProvider" ref="oauthProvider"/> </bean> <jaxrs:server id="oauthServer" address="/oauth"> <jaxrs:serviceBeans> <ref bean="accessTokenService"/> <ref bean="accessTokenValidateService"/> </jaxrs:serviceBeans> </jaxrs:server> |
...
When one has Authorization and AccessToken service not collocated with the application endpoints, the following may work better:
Code Block | ||||
---|---|---|---|---|
| ||||
<bean id="tvServiceClientFactory" class="org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean"> <property name="address" value="http://localhost:${http.port}/services/oauth/validate"/> <property name="headers"> <map> <entry key="Accept" value="application/xml"/> <entry </map>key="Content-Type" value="application/x-www-form-urlencoded"/> </property>map> </property> </bean> <bean id="tvServiceClient" factory-bean="tvServiceClientFactory" factory-method="createWebClient"/> <bean id="tokenValidator" class="org.apache.cxf.rs.security.oauth2.filters.AccessTokenValidatorClient"> <property name="tokenValidatorClient" ref="tvServiceClient"/> </bean> <bean id="oauthFiler" class="org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter"> <property name="tokenValidator" ref="tokenValidator"/> </bean> <bean id="myApp" class="org.myapp.MyApp"/> <jaxrs:server id="fromThirdPartyToMyApp" address="/thirdparty-to-myapp"> <jaxrs:serviceBeans> <ref bean="myApp"/> </jaxrs:serviceBeans> <jaxrs:providers> <ref bean="oauthFilter"/> </jaxrs:providers> </jaxrs:server> |
...