Examples of OAuth2Client

Examples of org.apache.shindig.gadgets.oauth2.persistence.OAuth2Client

188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
    state.setScope(scope);

    OAuth2Accessor ret = this.cache.getOAuth2Accessor(state);

    if (ret == null || !ret.isValid()) {
      final OAuth2Client client = this.getClient(user, gadgetUri, serviceName);

      if (client != null) {
        final OAuth2Token accessToken = this.getToken(gadgetUri, serviceName, user, scope,
            OAuth2Token.Type.ACCESS);
        final OAuth2Token refreshToken = this.getToken(gadgetUri, serviceName, user, scope,
            OAuth2Token.Type.REFRESH);

        final BasicOAuth2Accessor newAccessor = new BasicOAuth2Accessor(gadgetUri, serviceName,
            user, scope, client.isAllowModuleOverride(), this, this.globalRedirectUri,
            this.authority, this.contextRoot);
        newAccessor.setAccessToken(accessToken);
        newAccessor.setAuthorizationUrl(client.getAuthorizationUrl());
        newAccessor.setClientAuthenticationType(client.getClientAuthenticationType());
        newAccessor.setAuthorizationHeader(client.isAuthorizationHeader());
        newAccessor.setUrlParameter(client.isUrlParameter());
        newAccessor.setClientId(client.getClientId());
        newAccessor.setClientSecret(client.getClientSecret());
        newAccessor.setGrantType(client.getGrantType());
        newAccessor.setRedirectUri(client.getRedirectUri());
        newAccessor.setRefreshToken(refreshToken);
        newAccessor.setTokenUrl(client.getTokenUrl());
        newAccessor.setType(client.getType());
        newAccessor.setAllowedDomains(client.getAllowedDomains());
        ret = newAccessor;

        this.storeOAuth2Accessor(ret);
      }
    }
View Full Code Here

Examples of org.apache.shindig.gadgets.oauth2.persistence.OAuth2Client

371
372
373
374
375
376
377
378
379
380
381
382
383
384
  }

  protected String getGadgetUri(final String userId, final String gadgetUri, final String serviceName)
          throws GadgetException {
    String ret = gadgetUri;
    final OAuth2Client client = this.getClient(ret, serviceName);
    if (client != null) {
      if (client.isSharedToken()) {
        ret = client.getClientId() + ':' + client.getServiceName();
      }
    }

    return ret;
  }
View Full Code Here

Examples of org.apache.shindig.social.core.oauth2.OAuth2Client

44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
    return "authorization_code";
  }

  public void validateRequest(OAuth2NormalizedRequest servletRequest)
      throws OAuth2Exception {
    OAuth2Client client = service.getClient(servletRequest.getClientId());
    if (client == null || client.getFlow() != Flow.AUTHORIZATION_CODE) {
      OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
      resp.setError(ErrorType.INVALID_CLIENT.toString());
      resp.setErrorDescription("Invalid client");
      resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
      throw new OAuth2Exception(resp);
    }
    OAuth2Code authCode = service.getAuthorizationCode(
        servletRequest.getClientId(), servletRequest.getAuthorizationCode());
    if (authCode == null) {
      OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
      response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
      response.setError(ErrorType.INVALID_GRANT.toString());
      response.setErrorDescription("Bad authorization code");
      response.setBodyReturned(true);
      throw new OAuth2Exception(response);
    }
    if (servletRequest.getRedirectURI() != null
        && !servletRequest.getRedirectURI().equals(authCode.getRedirectURI())) {
      OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
      response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
      response.setError(ErrorType.INVALID_GRANT.toString());
      response
          .setErrorDescription("The redirect URI does not match the one used in the authorization request");
      response.setBodyReturned(true);
      throw new OAuth2Exception(response);
    }

    // ensure authorization code has not already been used
    if (authCode.getRelatedAccessToken() != null) {
      service.unregisterAccessToken(client.getId(), authCode
          .getRelatedAccessToken().getValue());
      OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
      response.setStatus(HttpServletResponse.SC_FORBIDDEN);
      response.setError(ErrorType.INVALID_GRANT.toString());
      response
View Full Code Here

Examples of org.apache.shindig.social.core.oauth2.OAuth2Client

39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
  }

  public void validateRequest(OAuth2NormalizedRequest req)
      throws OAuth2Exception {

    OAuth2Client client = store.getClient(req.getClientId());
    if (client == null) {
      OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
      resp.setError(ErrorType.INVALID_REQUEST.toString());
      resp.setErrorDescription("The client is invalid or not registered");
      resp.setBodyReturned(true);
      resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
      throw new OAuth2Exception(resp);
    }
    String storedURI = client.getRedirectURI();
    if (storedURI == null && req.getRedirectURI() == null) {
      OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
      resp.setError(ErrorType.INVALID_REQUEST.toString());
      resp.setErrorDescription("No redirect_uri registered or received in request");
      resp.setBodyReturned(true);
View Full Code Here

Examples of org.apache.shindig.social.core.oauth2.OAuth2Client

43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
    return "authorization_code";
  }

  public void validateRequest(OAuth2NormalizedRequest servletRequest)
      throws OAuth2Exception {
    OAuth2Client client = service.getClient(servletRequest.getClientId());
    if (client == null || client.getFlow() != Flow.AUTHORIZATION_CODE) {
      OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
      resp.setError(ErrorType.INVALID_CLIENT.toString());
      resp.setErrorDescription("Invalid client");
      resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
      throw new OAuth2Exception(resp);
    }
    OAuth2Code authCode = service.getAuthorizationCode(
        servletRequest.getClientId(), servletRequest.getAuthorizationCode());
    if (authCode == null) {
      OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
      response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
      response.setError(ErrorType.INVALID_GRANT.toString());
      response.setErrorDescription("Bad authorization code");
      response.setBodyReturned(true);
      throw new OAuth2Exception(response);
    }
    if (servletRequest.getRedirectURI() != null
        && !servletRequest.getRedirectURI().equals(authCode.getRedirectURI())) {
      OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
      response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
      response.setError(ErrorType.INVALID_GRANT.toString());
      response
          .setErrorDescription("The redirect URI does not match the one used in the authorization request");
      response.setBodyReturned(true);
      throw new OAuth2Exception(response);
    }

    // ensure authorization code has not already been used
    if (authCode.getRelatedAccessToken() != null) {
      service.unregisterAccessToken(client.getId(), authCode
          .getRelatedAccessToken().getValue());
      OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
      response.setStatus(HttpServletResponse.SC_FORBIDDEN);
      response.setError(ErrorType.INVALID_GRANT.toString());
      response
View Full Code Here

Examples of org.apache.shindig.social.core.oauth2.OAuth2Client

67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
        resp.setError(ErrorType.UNSUPPORTED_RESPONSE_TYPE.toString());
        resp.setErrorDescription("Unsupported response type");
        resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
        throw new OAuth2Exception(resp);
      }
      OAuth2Client client = store.getClient(req.getClientId());
      if (client == null || client.getFlow() != Flow.IMPLICIT) {
        OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
        resp.setError(ErrorType.INVALID_CLIENT.toString());
        resp.setErrorDescription(req.getClientId()
            + " is not a registered implicit client");
        resp.setBodyReturned(true);
        resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
        throw new OAuth2Exception(resp);
      }
      if (req.getRedirectURI() == null && client.getRedirectURI() == null) {
        OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
        resp.setError(ErrorType.INVALID_REQUEST.toString());
        resp.setErrorDescription("No redirect_uri registered or received in request");
        resp.setBodyReturned(true);
        resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
        throw new OAuth2Exception(resp);
      }
      if (req.getRedirectURI() != null
          && !req.getRedirectURI().equals(client.getRedirectURI())) {
        OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
        resp.setError(ErrorType.INVALID_REQUEST.toString());
        resp.setErrorDescription("Redirect URI does not match the one registered for this client");
        resp.setBodyReturned(true);
        resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
View Full Code Here

Examples of org.apache.shindig.social.core.oauth2.OAuth2Client

47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
    return "client_credentials";
  }

  public void validateRequest(OAuth2NormalizedRequest req)
      throws OAuth2Exception {
    OAuth2Client cl = service.getClient(req.getClientId());
    if (cl == null || cl.getFlow() != Flow.CLIENT_CREDENTIALS) {
      throwAccessDenied("Bad client id or password");
    }
    if (cl.getType() != ClientType.CONFIDENTIAL) {
      throwAccessDenied("Client credentials flow does not support public clients");
    }
    if (!cl.getSecret().equals(req.getClientSecret())) {
      throwAccessDenied("Bad client id or password");
    }
  }
View Full Code Here

Examples of org.apache.shindig.social.core.oauth2.OAuth2Client

40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
  }

  public void validateRequest(OAuth2NormalizedRequest req)
      throws OAuth2Exception {

    OAuth2Client client = store.getClient(req.getClientId());
    if (client == null) {
      OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
      resp.setError(ErrorType.INVALID_REQUEST.toString());
      resp.setErrorDescription("The client is invalid or not registered");
      resp.setBodyReturned(true);
      resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
      throw new OAuth2Exception(resp);
    }
    String storedURI = client.getRedirectURI();
    if (storedURI == null && req.getRedirectURI() == null) {
      OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
      resp.setError(ErrorType.INVALID_REQUEST.toString());
      resp.setErrorDescription("No redirect_uri registered or received in request");
      resp.setBodyReturned(true);
View Full Code Here

Examples of org.apache.shindig.social.core.oauth2.OAuth2Client

44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
    return "authorization_code";
  }

  public void validateRequest(OAuth2NormalizedRequest servletRequest)
      throws OAuth2Exception {
    OAuth2Client client = service.getClient(servletRequest.getClientId());
    if (client == null || client.getFlow() != Flow.AUTHORIZATION_CODE) {
      OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
      resp.setError(ErrorType.INVALID_CLIENT.toString());
      resp.setErrorDescription("Invalid client");
      resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
      throw new OAuth2Exception(resp);
    }
    OAuth2Code authCode = service.getAuthorizationCode(
        servletRequest.getClientId(), servletRequest.getAuthorizationCode());
    if (authCode == null) {
      OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
      response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
      response.setError(ErrorType.INVALID_GRANT.toString());
      response.setErrorDescription("Bad authorization code");
      response.setBodyReturned(true);
      throw new OAuth2Exception(response);
    }
    if (authCode.getRedirectURI() != null
        && !authCode.getRedirectURI().equals(servletRequest.getRedirectURI())) {
      OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
      response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
      response.setError(ErrorType.INVALID_GRANT.toString());
      response
          .setErrorDescription("The redirect URI does not match the one used in the authorization request");
      response.setBodyReturned(true);
      throw new OAuth2Exception(response);
    }

    // ensure authorization code has not already been used
    if (authCode.getRelatedAccessToken() != null) {
      service.unregisterAccessToken(client.getId(), authCode
          .getRelatedAccessToken().getValue());
      OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
      response.setStatus(HttpServletResponse.SC_FORBIDDEN);
      response.setError(ErrorType.INVALID_GRANT.toString());
      response
View Full Code Here

Examples of org.apache.shindig.social.core.oauth2.OAuth2Client

68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
        resp.setError(ErrorType.UNSUPPORTED_RESPONSE_TYPE.toString());
        resp.setErrorDescription("Unsupported response type");
        resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
        throw new OAuth2Exception(resp);
      }
      OAuth2Client client = store.getClient(req.getClientId());
      if (client == null || client.getFlow() != Flow.IMPLICIT) {
        OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
        resp.setError(ErrorType.INVALID_CLIENT.toString());
        resp.setErrorDescription(req.getClientId()
            + " is not a registered implicit client");
        resp.setBodyReturned(true);
        resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
        throw new OAuth2Exception(resp);
      }
      if (req.getRedirectURI() == null && client.getRedirectURI() == null) {
        OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
        resp.setError(ErrorType.INVALID_REQUEST.toString());
        resp.setErrorDescription("No redirect_uri registered or received in request");
        resp.setBodyReturned(true);
        resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
        throw new OAuth2Exception(resp);
      }
      if (req.getRedirectURI() != null
          && !req.getRedirectURI().equals(client.getRedirectURI())) {
        OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
        resp.setError(ErrorType.INVALID_REQUEST.toString());
        resp.setErrorDescription("Redirect URI does not match the one registered for this client");
        resp.setBodyReturned(true);
        resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.