Beranda / Shiro Pull Request 914

Shiro Pull Request 914

https stash.corp.netflix.com projects cme repos shiro pull-requests 914
https stash.corp.netflix.com projects cme repos shiro pull-requests 914

https://stash.corp.netflix.com/projects/CME/repos/shiro/pull-requests/914

Synopsis

This kind of pull request provides support for OAuth2 bearer tokens for you to the Shiro authentication framework. This makes it possible for Shiro to be used with OAuth2-based applications, such as those that make use of Google or Myspace for authentication.

Changes

The right after changes were manufactured to implement this kind of feature:

  • A fresh OAuth2Token school was added in order to represent an OAuth2 bearer token.
  • The ShiroFilter class was basically modified to assistance OAuth2 bearer expression authentication.
  • A new OAuth2Realm class was initially added to provide the necessary authentication logic.
  • A new OAuth2Filter class seemed to be added to provide a simple method to filter desires that require OAuth2 bearer token authentication.

Benefits

This feature supplies the following rewards:

  • Allows Shiro in order to be used together with OAuth2-based applications.
  • Simplifies the process of authenticating users in OAuth2-based applications.
  • Provides a a lot more secure way to be able to authenticate users inside of OAuth2-based applications.

Utilization

For you to use this feature, you must initial add the next dependency to your own project: 

 < dependency> < groupId> org. apache. shiro< /groupId> < artifactId> shiro-oauth2< /artifactId> < version> 2. 0. 0-SNAPSHOT< /version> < /dependency>

Once you experience added the addiction, you can then configure Shiro for you to use OAuth2 bearer token authentication. This following is a good example of just how to do this: 

 // Create a new ShiroFilter example. ShiroFilter filter = new ShiroFilter(); // Set the logon URL. filter. setLoginUrl("/login"); // Set this success URL. filtration. setSuccessUrl("/home"); // Set the unauthorized WEB LINK. filter. setUnauthorizedUrl("/unauthorized"); // Create a fresh OAuth2Realm instance. OAuth2Realm realm = new OAuth2Realm(); // Established the realm about the ShiroFilter illustration. filter. setRealm(realm); // Add the OAuth2Filter to the ShiroFilter instance. filter. addFilter("oauth2", new OAuth2Filter()); // Set the ShiroFilter instance on typically the ServletContext. ServletContext servletContext = getServletContext(); servletContext. setAttribute(ShiroFilter. FILTER_NAME, filter);

Once you have configured Shiro to be able to use OAuth2 bearer token authentication, anyone can then use the OAuth2Token class to represent OAuth2 bearer tokens. The following is usually an example associated with how to conduct this: 

 // Generate a new OAuth2Token instance. OAuth2Token expression = new OAuth2Token("accessToken"); // Set this token on typically the SecurityContext. SecurityContext securityContext = SecurityUtils. getSubject(). getSession(); securityContext. setAuthentication(new OAuth2Authentication(token));

Conclusion

This feature adds support intended for OAuth2 bearer bridal party to the Shiro authentication framework. This particular allows Shiro in order to be used together with OAuth2-based applications, this kind of as those that will use Google or perhaps Facebook for authentication.