AddConsumerReciprocalServlet

Class Overview

This servlet is the counterpart of AddConsumerByUrlServlet and AddConsumerManuallyServlet.

Both those servlets redirect to this servlet on the other machine so oauth can be added as an outbound authentication provider on this host. When this servlet finishes, it redirects back to caller with a URL parameter to signify success or failure (for instance when this is a one-way link and the server id is not registered on this host -- which is possible when the process was initiated by a user that is logged in on the remote host and didn't realize).

This "cross-host dance" to establish an oauth link can fail for several reasons:

• the link is one-way and the server id isn't registered on this host
• the user accessing this servlet does not have admin privileges
• the server has no access at all and cannot even log in to this host

As a result, it's important the calling servlet does not make any local state changes if the reciprocal operation failed.

This servlet takes to following url parameters:

• callback=[absolute-url]

When redirecting back to callback, the following parameters are sent:

• success=[true|false]
• message=[description] -- optional parameter used to describe the error

This servlet is bound under: [PUT|DELETE] /applinks/auth/conf/oauth/outbound/apl/?callback=url To enable oauth for outbound requests to the specified Application Links, use PUT. To disable the oauth authentication provider, use DELETE.

Summary

Constants
String	CALLBACK_PARAM
String	ENABLE_OAUTH_AUTHENTICATION_PARAMETER
String	SUCCESS_PARAM

[Expand] Inherited Constants
From class com.atlassian.applinks.core.auth.oauth.servlets.AbstractOAuthConfigServlet String MESSAGE_PARAM
From class com.atlassian.applinks.ui.AbstractApplinksServlet String WEB_RESOURCE_KEY String XSRF_AUTH_TEMPLATE
From interface com.atlassian.applinks.ui.XsrfProtectedServlet String OVERRIDE_HEADER_NAME String OVERRIDE_HEADER_VALUE

[Expand] Inherited Fields
From class com.atlassian.applinks.core.auth.AbstractAuthServlet public static String HOST_URL_PARAM
From class com.atlassian.applinks.ui.AbstractAppLinksAdminOnlyServlet protected final AdminUIAuthenticator adminUIAuthenticator
From class com.atlassian.applinks.ui.AbstractApplinksServlet protected final BatchedJSONi18NBuilderFactory batchedJSONi18NBuilderFactory protected final DocumentationLinker documentationLinker protected final I18nResolver i18nResolver protected final InternalHostApplication internalHostApplication protected final Logger logger protected final MessageFactory messageFactory protected final TemplateRenderer templateRenderer protected final WebResourceManager webResourceManager

Public Constructors

AddConsumerReciprocalServlet(I18nResolver i18nResolver, MessageFactory messageFactory, TemplateRenderer templateRenderer, WebResourceManager webResourceManager, ApplicationLinkService applicationLinkService, AdminUIAuthenticator adminUIAuthenticator, AuthenticationConfigurationManager authenticationConfigurationManager, ConsumerTokenStoreService consumerTokenStoreService, InternalHostApplication internalHostApplication, BatchedJSONi18NBuilderFactory batchedJSONi18NBuilderFactory, LoginUriProvider loginUriProvider, DocumentationLinker documentationLinker, WebSudoManager webSudoManager, XsrfTokenAccessor xsrfTokenAccessor, XsrfTokenValidator xsrfTokenValidator)

Public Methods
static String	getReciprocalServletUrl(URI baseUrl, ApplicationId applicationId, String callbackUrl, String actionParamValue)

Protected Methods
void	doGet(HttpServletRequest request, HttpServletResponse resp)

[Expand] Inherited Methods
From class com.atlassian.applinks.core.auth.oauth.servlets.AbstractOAuthConfigServlet final String checkRequiredFormParameter(HttpServletRequest request, String parameterName, Map<String, String> errorMessages, String messageKey) String getMessage(HttpServletRequest request) List<String> getRequiredWebResources() Implement this method to get one of more Plugin Web Resources included in the rendered page.
From class com.atlassian.applinks.core.auth.AbstractAuthServlet ApplicationLink getRequiredApplicationLink(HttpServletRequest request) List<String> getRequiredWebResources() Implement this method to get one of more Plugin Web Resources included in the rendered page.
From class com.atlassian.applinks.ui.AbstractAppLinksAdminOnlyServlet void doProtectedService(HttpServletRequest request, HttpServletResponse response) Override this method for operations that need to occur before control is delegated to {{doGet()}}, {{doPost()}}, etc. final void doService(HttpServletRequest request, HttpServletResponse response) Override this method for operations that need to occur before control is delegated to {{doGet()}}, {{doPost()}}, etc.
From class com.atlassian.applinks.ui.AbstractApplinksServlet RendererContextBuilder createContextBuilder(ApplicationLink applicationLink) void doService(HttpServletRequest request, HttpServletResponse response) Override this method for operations that need to occur before control is delegated to {{doGet()}}, {{doPost()}}, etc. final Map<String, Object> emptyContext() String getRequiredParameter(HttpServletRequest request, String name) List<String> getRequiredWebResources() Implement this method to get one of more Plugin Web Resources included in the rendered page. void render(String template, Map<String, Object> renderContext, HttpServletRequest request, HttpServletResponse response) final void service(HttpServletRequest request, HttpServletResponse response)
From class javax.servlet.http.HttpServlet void doDelete(HttpServletRequest arg0, HttpServletResponse arg1) void doGet(HttpServletRequest arg0, HttpServletResponse arg1) void doHead(HttpServletRequest arg0, HttpServletResponse arg1) void doOptions(HttpServletRequest arg0, HttpServletResponse arg1) void doPost(HttpServletRequest arg0, HttpServletResponse arg1) void doPut(HttpServletRequest arg0, HttpServletResponse arg1) void doTrace(HttpServletRequest arg0, HttpServletResponse arg1) long getLastModified(HttpServletRequest arg0) void service(ServletRequest arg0, ServletResponse arg1) void service(HttpServletRequest arg0, HttpServletResponse arg1)
From class javax.servlet.GenericServlet void destroy() String getInitParameter(String arg0) Enumeration getInitParameterNames() ServletConfig getServletConfig() ServletContext getServletContext() String getServletInfo() String getServletName() void init() void init(ServletConfig arg0) void log(String arg0, Throwable arg1) void log(String arg0) abstract void service(ServletRequest arg0, ServletResponse arg1)
From class java.lang.Object Object clone() boolean equals(Object arg0) void finalize() final Class<?> getClass() int hashCode() final void notify() final void notifyAll() String toString() final void wait() final void wait(long arg0, int arg1) final void wait(long arg0)
From interface javax.servlet.Servlet abstract void destroy() abstract ServletConfig getServletConfig() abstract String getServletInfo() abstract void init(ServletConfig arg0) abstract void service(ServletRequest arg0, ServletResponse arg1)
From interface javax.servlet.ServletConfig abstract String getInitParameter(String arg0) abstract Enumeration getInitParameterNames() abstract ServletContext getServletContext() abstract String getServletName()