http4k / org.http4k.security / OAuthPersistence
interface OAuthPersistence
Provides persistence for OAuth lifecycle values:
Name | Summary |
---|---|
assignCsrf | Assign a CSRF token to this OAuth auth redirection (to the end-service) response. Opportunity here to modify the response returned to the user when the redirection happens.abstract fun assignCsrf(redirect: Response , csrf: CrossSiteRequestForgeryToken ): Response |
assignNonce | Assign a nonce to this OIDC auth redirection (to the end-service) response. Opportunity here to modify the response returned to the user when the redirection happens.abstract fun assignNonce(redirect: Response , nonce: Nonce ): Response |
assignOriginalUri | opportunity to store the uri that the request was made before authentication this will then be redirected back to after authabstract fun assignOriginalUri(redirect: Response , originalUri: Uri ): Response |
assignToken | Assign the swapped AccessToken (and optional IdToken) returned by the end-service. Opportunity here to modify the response returned to the user when the redirection happens.abstract fun assignToken(request: Request , redirect: Response , accessToken: AccessToken , idToken: IdToken ? = null): Response |
authFailureResponse | Build the default failure response which occurs when a failure occurs during the callback process (eg. a mismatch/missing CSRF or failure occurring when calling into the end-service for the access-token.open fun authFailureResponse(): Response |
retrieveCsrf | Retrieve the stored CSRF token for this user requestabstract fun retrieveCsrf(request: Request ): CrossSiteRequestForgeryToken ? |
retrieveNonce | Retrieve the stored nonce token for this user requestabstract fun retrieveNonce(request: Request ): Nonce ? |
retrieveOriginalUri | Retrieve the stored original uri for this user requestabstract fun retrieveOriginalUri(request: Request ): Uri ? |
retrieveToken | Retrieve the stored AccessToken token for this user requestabstract fun retrieveToken(request: Request ): AccessToken ? |
Name | Summary |
---|---|
InsecureCookieBasedOAuthPersistence | This is an example implementation which stores CSRF and AccessToken values in an INSECURE client-side cookie. Access-tokens for end-services are fully available to the browser so do not use this in production!class InsecureCookieBasedOAuthPersistence : OAuthPersistence |