Examples of OAuthUnauthenticatedTokenRequest

Examples of org.apache.oltu.oauth2.as.request.OAuthUnauthenticatedTokenRequest

56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
    @POST
    @Consumes("application/x-www-form-urlencoded")
    @Produces("application/json")
    public Response token(@Context HttpServletRequest request) throws OAuthSystemException {

        OAuthUnauthenticatedTokenRequest oauthRequest = null;

        OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());

        try {
            oauthRequest = new OAuthUnauthenticatedTokenRequest(request);

            // check if clientid is valid
            if (!Common.CLIENT_ID.equals(oauthRequest.getParam(OAuth.OAUTH_CLIENT_ID))) {
                OAuthResponse response =
                    OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                        .setError(OAuthError.TokenResponse.INVALID_CLIENT).setErrorDescription("client_id not found")
                        .buildJSONMessage();
                return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
            }

            // do checking for different grant types
            if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE)
                .equals(GrantType.AUTHORIZATION_CODE.toString())) {
                if (!Common.AUTHORIZATION_CODE.equals(oauthRequest.getParam(OAuth.OAUTH_CODE))) {
                    OAuthResponse response = OAuthASResponse
                        .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                        .setError(OAuthError.TokenResponse.INVALID_GRANT)
                        .setErrorDescription("invalid authorization code")
                        .buildJSONMessage();
                    return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
                }
            } else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE)
                .equals(GrantType.PASSWORD.toString())) {
                if (!Common.PASSWORD.equals(oauthRequest.getPassword())
                    || !Common.USERNAME.equals(oauthRequest.getUsername())) {
                    OAuthResponse response = OAuthASResponse
                        .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                        .setError(OAuthError.TokenResponse.INVALID_GRANT)
                        .setErrorDescription("invalid username or password")
                        .buildJSONMessage();
                    return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
                }
            } else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE)
                .equals(GrantType.REFRESH_TOKEN.toString())) {
                // refresh token is not supported in this implementation hence the oauth error.
                OAuthResponse response = OAuthASResponse
                    .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                    .setError(OAuthError.TokenResponse.INVALID_GRANT)
View Full Code Here

Examples of org.apache.oltu.oauth2.as.request.OAuthUnauthenticatedTokenRequest

63
64
65
66
67
68
69
70
71
72
73
        assertInvalidTokenRequest(request);
    }

    private void assertInvalidTokenRequest(HttpServletRequest request) throws OAuthSystemException {
        try {
            new OAuthUnauthenticatedTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }
View Full Code Here

Examples of org.apache.oltu.oauth2.as.request.OAuthUnauthenticatedTokenRequest

275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
                .expectRedirectUri(REDIRECT_URI)
                .expectBasicAuthHeader(null)
                .build();
        replay(request);

        OAuthUnauthenticatedTokenRequest req = null;
        try {
            req = new OAuthUnauthenticatedTokenRequest(request);

        } catch (OAuthProblemException e) {
            fail("Exception not expected");
        }
        assertEquals(GrantType.AUTHORIZATION_CODE.toString(), req.getGrantType());
        assertEquals(CLIENT_ID, req.getClientId());
        assertEquals(REDIRECT_URI, req.getRedirectURI());
        assertEquals(ACCESS_GRANT, req.getCode());

        verify(request);

        request = new OauthMockRequestBuilder()
                .expectGrantType(GrantType.PASSWORD.toString())
                .expectHttpMethod(OAuth.HttpMethod.POST)
                .expectContentType(OAuth.ContentType.URL_ENCODED)
                .expectClientId(CLIENT_ID)
                .expectBasicAuthHeader(null)
                .expectOauthUsername(USERNAME)
                .expectOauthPassword(PASSWORD)
                .build();
        replay(request);

        try {
            req = new OAuthUnauthenticatedTokenRequest(request);

        } catch (OAuthProblemException e) {
            fail("Exception not expected");
        }
        assertEquals(CLIENT_ID, req.getClientId());
        assertEquals(USERNAME, req.getUsername());
        assertEquals(PASSWORD, req.getPassword());

        verify(request);

        request = new OauthMockRequestBuilder()
                .expectGrantType(GrantType.REFRESH_TOKEN.toString())
                .expectHttpMethod(OAuth.HttpMethod.POST)
                .expectContentType(OAuth.ContentType.URL_ENCODED)
                .expectClientId(CLIENT_ID)
                .expectOauthRefreshToken(REFRESH_TOKEN)
                .expectBasicAuthHeader(null)
                .build();
        replay(request);

        try {
            req = new OAuthUnauthenticatedTokenRequest(request);

        } catch (OAuthProblemException e) {
            fail("Exception not expected");
        }
        assertEquals(CLIENT_ID, req.getClientId());
        assertEquals(REFRESH_TOKEN, req.getRefreshToken());

        verify(request);
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.