OAuth20HandlerInterceptorAdapter.java

package org.apereo.cas.support.oauth.web;

import org.apereo.cas.support.oauth.OAuth20Constants;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.regex.Pattern;

/**
 * This is {@link OAuth20HandlerInterceptorAdapter}.
 *
 * @author Misagh Moayyed
 * @since 5.1.0
 */
public class OAuth20HandlerInterceptorAdapter extends HandlerInterceptorAdapter {
    /** Access token interceptor. */
    protected final HandlerInterceptorAdapter requiresAuthenticationAccessTokenInterceptor;

    /** Authorization interceptor. */
    protected final HandlerInterceptorAdapter requiresAuthenticationAuthorizeInterceptor;

    public OAuth20HandlerInterceptorAdapter(final HandlerInterceptorAdapter requiresAuthenticationAccessTokenInterceptor,
                                            final HandlerInterceptorAdapter requiresAuthenticationAuthorizeInterceptor) {
        this.requiresAuthenticationAccessTokenInterceptor = requiresAuthenticationAccessTokenInterceptor;
        this.requiresAuthenticationAuthorizeInterceptor = requiresAuthenticationAuthorizeInterceptor;
    }

    @Override
    public boolean preHandle(final HttpServletRequest request, final HttpServletResponse response,
                             final Object handler) throws Exception {
        if (isAccessTokenRequestRequest(request.getRequestURI())) {
            return requiresAuthenticationAccessTokenInterceptor.preHandle(request, response, handler);
        }

        if (isAuthorizationRequest(request.getRequestURI())) {
            return requiresAuthenticationAuthorizeInterceptor.preHandle(request, response, handler);
        }
        return true;
    }

    /**
     * Is access token request request.
     *
     * @param requestPath the request path
     * @return the boolean
     */
    protected boolean isAccessTokenRequestRequest(final String requestPath) {
        return doesUriMatchPattern(requestPath, OAuth20Constants.ACCESS_TOKEN_URL)
                || doesUriMatchPattern(requestPath, OAuth20Constants.TOKEN_URL);
    }

    /**
     * Is authorization request.
     *
     * @param requestPath the request path
     * @return the boolean
     */
    protected boolean isAuthorizationRequest(final String requestPath) {
        return doesUriMatchPattern(requestPath, OAuth20Constants.AUTHORIZE_URL);
    }

    /**
     * Does uri match pattern.
     *
     * @param requestPath the request path
     * @param patternUrl  the pattern
     * @return the boolean
     */
    protected boolean doesUriMatchPattern(final String requestPath, final String patternUrl) {
        final Pattern pattern = Pattern.compile('/' + patternUrl + "(/)*$");
        return pattern.matcher(requestPath).find();
    }
}