Beranda / Shiro Pull Request 914

Shiro Pull Request 914

https stash.corp.netflix.com projects cme repos shiro pull-requests 914
https stash.corp.netflix.com projects cme repos shiro pull-requests 914

https://stash.corp.netflix.com/projects/CME/repos/shiro/pull-requests/914

Summary

This specific pull request gives support for OAuth2 bearer tokens in order to the Shiro authentication framework. This makes it possible for Shiro to become used with OAuth2-based applications, such while those that use Google or Facebook for authentication.

Changes

The following changes were built to implement this kind of feature:

  • A fresh OAuth2Token school was added to be able to represent an OAuth2 bearer token.
  • The ShiroFilter class has been modified to help OAuth2 bearer token authentication.
  • A new OAuth2Realm class has been added to offer the necessary authentication logic.
  • A new OAuth2Filter class was added to supply a simple approach to filter demands that require OAuth2 bearer token authentication.

Benefits

This feature provides the following advantages:

  • Allows Shiro in order to be used along with OAuth2-based applications.
  • Simplifies the process of authenticating users in OAuth2-based applications.
  • Provides a a lot more secure way to be able to authenticate users in OAuth2-based applications.

Usage

For you to use this feature, you must initial add the next dependency to your own project: 

 < dependency> < groupId> org. apache. shiro< /groupId> < artifactId> shiro-oauth2< /artifactId> < version> 2. 0. 0-SNAPSHOT< /version> < /dependency>

Once you need added the habbit, you can after that configure Shiro for you to use OAuth2 bearer token authentication. Typically the following is the example of how to do this particular: 

 // Create a new ShiroFilter occasion. ShiroFilter filter = new ShiroFilter(); // Set the get access URL. filter. setLoginUrl("/login"); // Set this success URL. filtering. setSuccessUrl("/home"); // Arranged the unauthorized WEB ADDRESS. filter. setUnauthorizedUrl("/unauthorized"); // Create a brand-new OAuth2Realm instance. OAuth2Realm realm = brand new OAuth2Realm(); // Established the realm in the ShiroFilter occasion. filter. setRealm(realm); // Add the OAuth2Filter to the ShiroFilter instance. filter. addFilter("oauth2", new OAuth2Filter()); // Set the ShiroFilter instance on this ServletContext. ServletContext servletContext = getServletContext(); servletContext. setAttribute(ShiroFilter. FILTER_NAME, filter);

Once you have got configured Shiro for you to use OAuth2 bearer token authentication, anyone can then use the OAuth2Token class to signify OAuth2 bearer bridal party. The following is usually an example involving how to can this: 

 // Produce a new OAuth2Token instance. OAuth2Token token = new OAuth2Token("accessToken"); // Set this token on the SecurityContext. SecurityContext securityContext = SecurityUtils. getSubject(). getSession(); securityContext. setAuthentication(new OAuth2Authentication(token));

Conclusion

This characteristic adds support with regard to OAuth2 bearer tokens to the Shiro authentication framework. This allows Shiro for you to be used with OAuth2-based applications, these kinds of as those the fact that use Google or Facebook for authentication.