Class FacebookService

java.lang.Object
eu.webtoolkit.jwt.auth.OAuthService
eu.webtoolkit.jwt.auth.FacebookService

public class FacebookService extends OAuthService
OAuth service for Facebook as third-party authenticator.

The configuration of the service is done using properties, whose values need to match the values configured at Facebook.

  • facebook-oauth2-redirect-endpoint: the URL of the local redirect endpoint, to which the Facebook OAuth service redirects the user after authentication. See also getRedirectEndpoint()
  • facebook-oauth2-redirect-endpoint-path: optionally, the deployment path that corresponds to the redirect endpoint. See also getRedirectEndpointPath()
  • facebook-oauth2-app-id: The application ID
  • facebook-oauth2-app-secret: The application secret.

For example:


 <properties>
 <property name="facebook-oauth2-redirect-endpoint">
 http://localhost:8080/oauth2callback
 </property>
 <property name="facebook-oauth2-app-id">
 1234567890123456
 </property>
 <property name="facebook-oauth2-app-secret">
 a3cf1630b1ae415c7260d849efdf444d
 </property>
 </properties>

 

Like all service classes, this class holds only configuration state. Thus, once configured, it can be safely shared between multiple sessions since its state (the configuration) is read-only.

See also: http://developers.facebook.com/docs/authentication/

  • Constructor Details

    • FacebookService

      public FacebookService(AuthService baseAuth)
      Constructor.
  • Method Details

    • configured

      public static boolean configured()
      Checks whether a FacebookAuth service is properly configured.

      This returns true if a value is found for the three configuration properties.

    • getName

      public String getName()
      Description copied from class: OAuthService
      Returns the provider name.

      This is a short identifier.

      Specified by:
      getName in class OAuthService
      See Also:
    • getDescription

      public WString getDescription()
      Description copied from class: OAuthService
      Returns the provider description.

      This returns a description useful for e.g. tool tips on a login icon.

      Specified by:
      getDescription in class OAuthService
      See Also:
    • getPopupWidth

      public int getPopupWidth()
      Description copied from class: OAuthService
      Returns the desired width for the popup window.

      Specified by:
      getPopupWidth in class OAuthService
      See Also:
    • getPopupHeight

      public int getPopupHeight()
      Description copied from class: OAuthService
      Returns the desired height for the popup window.

      Specified by:
      getPopupHeight in class OAuthService
      See Also:
    • getAuthenticationScope

      public String getAuthenticationScope()
      Description copied from class: OAuthService
      Returns the scope needed for authentication.

      This returns the scope that is needed (and sufficient) for obtaining identity information, and thus to authenticate the user.

      Specified by:
      getAuthenticationScope in class OAuthService
      See Also:
    • getRedirectEndpoint

      public String getRedirectEndpoint()
      Description copied from class: OAuthService
      Returns the redirection endpoint URL.

      This is the local URL to which the browser is redirect from the service provider, after the authorization process. You need to configure this URL with the third party authentication service.

      A static resource will be deployed at this URL.

      Specified by:
      getRedirectEndpoint in class OAuthService
    • getRedirectEndpointPath

      public String getRedirectEndpointPath()
      Description copied from class: OAuthService
      Returns the deployment path of the redirection endpoint.

      This returns the path at which the static resource is deployed that corresponds to the getRedirectEndpoint().

      The default implementation will derive this path from the getRedirectEndpoint() URL.

      Overrides:
      getRedirectEndpointPath in class OAuthService
    • getAuthorizationEndpoint

      public String getAuthorizationEndpoint()
      Description copied from class: OAuthService
      Returns the authorization endpoint URL.

      This is a remote URL which hosts the OAuth authorization user interface. This URL is loaded in the popup window at the start of an authorization process.

      Specified by:
      getAuthorizationEndpoint in class OAuthService
    • getTokenEndpoint

      public String getTokenEndpoint()
      Description copied from class: OAuthService
      Returns the token endpoint URL.

      This is a remote URL which hosts a web-service that generates access tokens.

      Specified by:
      getTokenEndpoint in class OAuthService
    • getClientId

      public String getClientId()
      Description copied from class: OAuthService
      Returns the client ID.

      This is the identification for this web application with the OAuth authorization server.

      Specified by:
      getClientId in class OAuthService
    • getClientSecret

      public String getClientSecret()
      Description copied from class: OAuthService
      Returns the client secret.

      This is the secret credentials for this web application with the OAuth authorization server.

      Specified by:
      getClientSecret in class OAuthService
    • getClientSecretMethod

      public ClientSecretMethod getClientSecretMethod()
      Description copied from class: OAuthService
      Returns the method to transfer the client secret.

      Some implementations (like Facebook) encode the secret in the GET request parameters, while this is explicitly not allowed in the OAuth 2.0 specification.

      The default implementation returns HttpAuthorizationBasic (the recommended method).

      Specified by:
      getClientSecretMethod in class OAuthService
    • getTokenRequestMethod

      public Method getTokenRequestMethod()
      Description copied from class: OAuthService
      Returns the HTTP method used for the token request.

      While the current OAuth 2.0 draft mandates the use of POST, some implementations (like Facebook) use URL-encoding and a GET request.

      The default implementation returns Http::Method::Post (corresponding to the current draft).

      Overrides:
      getTokenRequestMethod in class OAuthService
    • createProcess

      public OAuthProcess createProcess(String scope)
      Description copied from class: OAuthService
      Creates a new authorization process.

      This creates a new authorization process for the indicated scope. Valid names for the scope are service provider dependent.

      Specified by:
      createProcess in class OAuthService
      See Also: