Package org.jenkinsci.plugins.googlelogin

Class GoogleOAuth2SecurityRealm

java.lang.Object

hudson.model.AbstractDescribableImpl<SecurityRealm>

hudson.security.SecurityRealm

org.jenkinsci.plugins.googlelogin.GoogleOAuth2SecurityRealm

All Implemented Interfaces:

ExtensionPoint, Describable<SecurityRealm>

public class GoogleOAuth2SecurityRealm
extends SecurityRealm

Login with Google using OpenID Connect / OAuth 2

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	GoogleOAuth2SecurityRealm.DescriptorImpl

Nested classes/interfaces inherited from class hudson.security.SecurityRealm

SecurityRealm.SecurityComponents

Nested classes/interfaces inherited from interface hudson.ExtensionPoint

ExtensionPoint.LegacyInstancesAreScopedToHudson

Field Summary

Fields inherited from class hudson.security.SecurityRealm

AUTHENTICATED_AUTHORITY, AUTHENTICATED_AUTHORITY2, LIST, NO_AUTHENTICATION

Constructor Summary

Constructors

Constructor	Description
GoogleOAuth2SecurityRealm(String clientId, String clientSecret, String domain)

Method Summary

Modifier and Type	Method	Description
SecurityRealm.SecurityComponents	createSecurityComponents()	Acegi has this notion that first an Authentication object is created by collecting user information and then the act of authentication is done later (by AuthenticationManager) to verify it.
org.kohsuke.stapler.HttpResponse	doCommenceLogin(org.kohsuke.stapler.StaplerRequest request, String from, String referer)	The login process starts from here.
org.kohsuke.stapler.HttpResponse	doFinishLogin(org.kohsuke.stapler.StaplerRequest request)	This is where the user comes back to at the end of the OpenID redirect ping-pong.
String	getClientId()
Secret	getClientSecret()
String	getDomain()
String	getLoginUrl()	Login begins with our doCommenceLogin(StaplerRequest, String,String) method.
protected String	getPostLogOutUrl(org.kohsuke.stapler.StaplerRequest req, Authentication auth)
boolean	isRootURLFromRequest()
void	setRootURLFromRequest(boolean rootURLFromRequest)

Methods inherited from class hudson.security.SecurityRealm

all, allowsSignup, canLogOut, commenceSignup, commonFilters, createCliAuthenticator, createFilter, doCaptcha, doLogout, getAuthenticationGatewayUrl, getCaptchaSupport, getCaptchaSupportDescriptors, getDescriptor, getFrom, getGroupIdStrategy, getPostLogOutUrl2, getSecurityComponents, getUserIdStrategy, loadGroupByGroupname, loadGroupByGroupname, loadGroupByGroupname2, loadUserByUsername, loadUserByUsername2, setCaptchaSupport, validateCaptcha

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

GoogleOAuth2SecurityRealm

@DataBoundConstructor
public GoogleOAuth2SecurityRealm(String clientId,
                                 String clientSecret,
                                 String domain)
                          throws IOException

Throws:

IOException

Method Detail

isRootURLFromRequest

public boolean isRootURLFromRequest()

setRootURLFromRequest

@DataBoundSetter
public void setRootURLFromRequest(boolean rootURLFromRequest)

getClientId

public String getClientId()

getClientSecret

public Secret getClientSecret()

getDomain

public String getDomain()

getLoginUrl

public String getLoginUrl()

Login begins with our doCommenceLogin(StaplerRequest, String,String) method.

Overrides:

getLoginUrl in class SecurityRealm

createSecurityComponents

public SecurityRealm.SecurityComponents createSecurityComponents()

Acegi has this notion that first an Authentication object is created by collecting user information and then the act of authentication is done later (by AuthenticationManager) to verify it. But in case of OpenID, we create an Authentication only after we verified the user identity, so AuthenticationManager becomes no-op.

Specified by:

createSecurityComponents in class SecurityRealm

getPostLogOutUrl

protected String getPostLogOutUrl(org.kohsuke.stapler.StaplerRequest req,
                                  Authentication auth)

Overrides:

getPostLogOutUrl in class SecurityRealm

doCommenceLogin

@Restricted(org.kohsuke.accmod.restrictions.DoNotUse.class)
public org.kohsuke.stapler.HttpResponse doCommenceLogin(org.kohsuke.stapler.StaplerRequest request,
                                                        @QueryParameter
                                                        String from,
                                                        @Header("Referer")
                                                        String referer)
                                                 throws IOException

The login process starts from here.

Throws:

IOException

doFinishLogin

@Restricted(org.kohsuke.accmod.restrictions.DoNotUse.class)
public org.kohsuke.stapler.HttpResponse doFinishLogin(org.kohsuke.stapler.StaplerRequest request)
                                               throws IOException

This is where the user comes back to at the end of the OpenID redirect ping-pong.

Throws:

IOException