Package org.apache.cxf.rs.security.oauth.data

Examples of org.apache.cxf.rs.security.oauth.data.Client


        if (LOG.isLoggable(Level.FINE)) {
            LOG.log(Level.FINE, "OAuth security filter for url: {0}", req.getRequestURL());
        }
       
        AccessToken accessToken = null;
        Client client = null;
       
        OAuthMessage oAuthMessage = OAuthServlet.getMessage(new CustomHttpServletWrapper(req),
                                                            OAuthServlet.getRequestURL(req));
        if (oAuthMessage.getParameter(OAuth.OAUTH_TOKEN) != null) {
            oAuthMessage.requireParameters(REQUIRED_PARAMETERS);

            accessToken = dataProvider.getAccessToken(oAuthMessage.getToken());

            //check if access token is not null
            if (accessToken == null) {
                LOG.warning("Access token is unavailable");
                throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
            }
            client = accessToken.getClient();
           
            OAuthUtils.validateMessage(oAuthMessage, client, accessToken,
                                       dataProvider, validator);   
        } else {
            String consumerKey = null;
            String consumerSecret = null;
           
            String authHeader = oAuthMessage.getHeader("Authorization");
            if (authHeader != null) {
                if (authHeader.startsWith("OAuth")) {
                    consumerKey = oAuthMessage.getParameter(OAuth.OAUTH_CONSUMER_KEY);
                    consumerSecret = oAuthMessage.getParameter(OAuthConstants.OAUTH_CONSUMER_SECRET);
                } else if (authHeader.startsWith("Basic")) {
                    AuthorizationPolicy policy = getAuthorizationPolicy(authHeader);
                    if (policy != null) {
                        consumerKey = policy.getUserName();
                        consumerSecret = policy.getPassword();
                    }
                }
            }
           
            if (consumerKey != null) {
                client = dataProvider.getClient(consumerKey);
            }
            if (client == null) {
                LOG.warning("Client is invalid");
                throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
            }
           
            if (consumerSecret != null && !consumerSecret.equals(client.getSecretKey())) {
                LOG.warning("Client secret is invalid");
                throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
            } else {
                OAuthUtils.validateMessage(oAuthMessage, client, null,
                                           dataProvider, validator);
            }
            accessToken = client.getPreAuthorizedToken();
            if (accessToken == null || !accessToken.isPreAuthorized()) {
                LOG.warning("Preauthorized access token is unavailable");
                throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
            }
        }
View Full Code Here


    public Response handle(HttpServletRequest request, OAuthDataProvider dataProvider) {
        try {
            OAuthMessage oAuthMessage =
                OAuthUtils.getOAuthMessage(request, REQUIRED_PARAMETERS);

            Client client = dataProvider
                .getClient(oAuthMessage.getParameter(OAuth.OAUTH_CONSUMER_KEY));
            //client credentials not found
            if (client == null) {
                OAuthProblemException problemEx = new OAuthProblemException(
                    OAuth.Problems.CONSUMER_KEY_UNKNOWN);
View Full Code Here

        if (LOG.isLoggable(Level.FINE)) {
            LOG.log(Level.FINE, "OAuth security filter for url: {0}", req.getRequestURL());
        }
       
        AccessToken accessToken = null;
        Client client = null;
       
        OAuthMessage oAuthMessage = OAuthServlet.getMessage(req, req.getRequestURL().toString());
        if (oAuthMessage.getParameter(OAuth.OAUTH_TOKEN) != null) {
            oAuthMessage.requireParameters(REQUIRED_PARAMETERS);

            accessToken = dataProvider.getAccessToken(oAuthMessage.getToken());

            //check if access token is not null
            if (accessToken == null) {
                LOG.warning("Access token is unavailable");
                throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
            }
            client = accessToken.getClient();
           
        } else {
            String consumerKey = oAuthMessage.getParameter(OAuth.OAUTH_CONSUMER_KEY);
            String consumerSecret = oAuthMessage.getParameter("oauth_consumer_secret");
            client = dataProvider.getClient(consumerKey);
            if (client == null || consumerSecret == null || !consumerSecret.equals(client.getSecretKey())) {
                LOG.warning("Client is invalid");
                throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
            }
        }
View Full Code Here

    public Response handle(MessageContext mc, OAuthDataProvider dataProvider) {
        try {
            OAuthMessage oAuthMessage =
                OAuthUtils.getOAuthMessage(mc, mc.getHttpServletRequest(), REQUIRED_PARAMETERS);

            Client client = dataProvider
                .getClient(oAuthMessage.getParameter(OAuth.OAUTH_CONSUMER_KEY));
            //client credentials not found
            if (client == null) {
                OAuthProblemException problemEx = new OAuthProblemException(
                    OAuth.Problems.CONSUMER_KEY_UNKNOWN);
View Full Code Here

        if (LOG.isLoggable(Level.FINE)) {
            LOG.log(Level.FINE, "OAuth security filter for url: {0}", req.getRequestURL());
        }
       
        AccessToken accessToken = null;
        Client client = null;
       
        OAuthMessage oAuthMessage = OAuthServlet.getMessage(req, req.getRequestURL().toString());
        if (oAuthMessage.getParameter(OAuth.OAUTH_TOKEN) != null) {
            oAuthMessage.requireParameters(REQUIRED_PARAMETERS);

            accessToken = dataProvider.getAccessToken(oAuthMessage.getToken());

            //check if access token is not null
            if (accessToken == null) {
                LOG.warning("Access token is unavailable");
                throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
            }
            client = accessToken.getClient();
           
        } else {
            // TODO: the secret may not be included and only used to create a signature
            //       so the header will effectively be similar to the one used during
            //       RequestToken requests; we'd need to handle this case too
            String consumerKey = oAuthMessage.getParameter(OAuth.OAUTH_CONSUMER_KEY);
            String consumerSecret = oAuthMessage.getParameter("oauth_consumer_secret");
            client = dataProvider.getClient(consumerKey);
            if (client == null || consumerSecret == null || !consumerSecret.equals(client.getSecretKey())) {
                LOG.warning("Client is invalid");
                throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
            }
        }
View Full Code Here

    protected ConcurrentHashMap<String, Token> oauthTokens = new ConcurrentHashMap<String, Token>();

    protected MD5SequenceGenerator tokenGenerator = new MD5SequenceGenerator();

    public MemoryOAuthDataProvider() {
        Client client = new Client(CLIENT_ID, CLIENT_SECRET, APPLICATION_NAME, CALLBACK);
        clientAuthInfo.put(CLIENT_ID, client);
    }
View Full Code Here

    }

    public AccessToken createAccessToken(RequestToken requestToken) throws
            OAuthServiceException {

        Client client = requestToken.getClient();
        requestToken = getRequestToken(requestToken.getTokenKey());

        String accessTokenString = generateToken();
        String tokenSecretString = generateToken();

        AccessToken accessToken = new AccessToken(client, accessTokenString,
            tokenSecretString, 3600, System.currentTimeMillis() / 1000);

        accessToken.setScopes(requestToken.getScopes());
        accessToken.setUris(requestToken.getUris());

        synchronized (oauthTokens) {
            oauthTokens.remove(requestToken.getTokenKey());
            oauthTokens.put(accessTokenString, accessToken);
            synchronized (userAuthorizedClients) {
                userAuthorizedClients.add(client.getConsumerKey(), client.getConsumerKey());
            }
        }

        return accessToken;
    }
View Full Code Here

    }

    public void removeToken(Token t) {
       
        for (Token token : oauthTokens.values()) {
            Client authNInfo = token.getClient();
            if (t.getClient().getConsumerKey().equals(authNInfo.getConsumerKey())) {
                oauthTokens.remove(token.getTokenKey());
                break;
            }
        }
       
View Full Code Here

    protected MD5SequenceGenerator tokenGenerator =
        new MD5SequenceGenerator();

    public MemoryOAuthDataProvider() {
        Client client = new Client(OAuthTestUtils.CLIENT_ID,
            OAuthTestUtils.CLIENT_SECRET,
            OAuthTestUtils.APPLICATION_NAME,
            OAuthTestUtils.CALLBACK);
        clientAuthInfo.put(OAuthTestUtils.CLIENT_ID, client);
    }
View Full Code Here

    }

    public AccessToken createAccessToken(RequestToken requestToken) throws
            OAuthServiceException {

        Client client = requestToken.getClient();
        requestToken = getRequestToken(requestToken.getTokenKey());

        String accessTokenString = generateToken();
        String tokenSecretString = generateToken();

        AccessToken accessToken = new AccessToken(client, accessTokenString, tokenSecretString,
                                                  3600, System.currentTimeMillis() / 1000);

        accessToken.setScopes(requestToken.getScopes());
        accessToken.setUris(requestToken.getUris());

        synchronized (oauthTokens) {
            oauthTokens.remove(requestToken.getTokenKey());
            oauthTokens.put(accessTokenString, accessToken);
            synchronized (userAuthorizedClients) {
                userAuthorizedClients.add(client.getConsumerKey(), client.getConsumerKey());
            }
        }

        return accessToken;
    }
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.oauth.data.Client

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.