Package org.apache.cxf.rs.security.oauth2.auth.saml

Examples of org.apache.cxf.rs.security.oauth2.auth.saml.Saml2BearerAuthOutInterceptor


            map = new OAuthJSONProvider().readJSONResponse((InputStream)response.getEntity());
        } catch (IOException ex) {
            throw new ClientException(ex);
        }
        if (200 == response.getStatus()) {
            ClientAccessToken token = fromMapToClientToken(map);
            if (token == null) {
                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
            } else {
                return token;
            }
View Full Code Here


    }
   
    public static ClientAccessToken fromMapToClientToken(Map<String, String> map) {
        if (map.containsKey(OAuthConstants.ACCESS_TOKEN)
            && map.containsKey(OAuthConstants.ACCESS_TOKEN_TYPE)) {
            ClientAccessToken token = new ClientAccessToken(
                                          map.remove(OAuthConstants.ACCESS_TOKEN_TYPE),
                                          map.remove(OAuthConstants.ACCESS_TOKEN));
           
            String refreshToken = map.remove(OAuthConstants.REFRESH_TOKEN);
            if (refreshToken != null) {
                token.setRefreshToken(refreshToken);
            }
            String expiresInStr = map.remove(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN);
            if (expiresInStr != null) {
                token.setExpiresIn(Long.valueOf(expiresInStr));
            }
            String issuedAtStr = map.remove(OAuthConstants.ACCESS_TOKEN_ISSUED_AT);
            token.setIssuedAt(issuedAtStr != null ? Long.valueOf(issuedAtStr)
                                                  : System.currentTimeMillis() / 1000);
            String scope = map.remove(OAuthConstants.SCOPE);
            if (scope != null) {
                token.setApprovedScope(scope);
            }
           
            token.setParameters(map);
            return token;
        } else {
            return null;
        }
    }
View Full Code Here

        if (serverToken == null) {
            return createErrorResponse(params, OAuthConstants.INVALID_GRANT);
        }
       
        // Extract the information to be of use for the client
        ClientAccessToken clientToken = new ClientAccessToken(serverToken.getTokenType(),
                                                              serverToken.getTokenKey());
        clientToken.setParameters(serverToken.getParameters());
       
       
        // Return it to the client
        return Response.ok(clientToken)
                       .header(HttpHeaders.CACHE_CONTROL, "no-store")
View Full Code Here

        } catch (OAuthServiceException ex) {
            return createErrorResponse(params, redirectUri, OAuthConstants.INVALID_SCOPE);
        }
   
        // Return the authorization challenge data to the end user
        OAuthAuthorizationData data =
            createAuthorizationData(client, params, redirectUri, permissions);
        personalizeData(data, userSubject);
        return Response.ok(data).build();
       
    }
View Full Code Here

     * Create the authorization challenge data
     */
    protected OAuthAuthorizationData createAuthorizationData(
        Client client, MultivaluedMap<String, String> params, String redirectUri, List<OAuthPermission> perms) {
       
        OAuthAuthorizationData secData = new OAuthAuthorizationData();
       
        addAuthenticityTokenToSession(secData);
               
        secData.setPermissions(perms);
        secData.setProposedScope(OAuthUtils.convertPermissionsToScope(perms));
        secData.setClientId(client.getClientId());
        if (redirectUri != null) {
            secData.setRedirectUri(redirectUri);
        }
        secData.setState(params.getFirst(OAuthConstants.STATE));
       
        secData.setApplicationName(client.getApplicationName());
        secData.setApplicationWebUri(client.getApplicationWebUri());
        secData.setApplicationDescription(client.getApplicationDescription());
        secData.setApplicationLogoUri(client.getApplicationLogoUri());
        secData.setAudience(params.getFirst(OAuthConstants.CLIENT_AUDIENCE));
        List<Property> extraProperties = client.getProperties();
        secData.setExtraApplicationProperties(extraProperties == null ? Collections.<Property>emptyList()
            : Collections.unmodifiableList(extraProperties));
        String replyTo = getMessageContext().getUriInfo()
            .getAbsolutePathBuilder().path("decision").build().toString();
        secData.setReplyTo(replyTo);
       
        return secData;
    }
View Full Code Here

        } catch (OAuthServiceException ex) {
            return createErrorResponse(params, redirectUri, OAuthConstants.INVALID_SCOPE);
        }
   
        // Return the authorization challenge data to the end user
        OAuthAuthorizationData data =
            createAuthorizationData(client, params, permissions);
        return Response.ok(data).build();
       
    }
View Full Code Here

     * @param mc the {@link MessageContext}
     * @return the id of the UserSubject of the logged in user or resource owner
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static String resolveUserId(final MessageContext mc) {
        final OAuthContext oauth = getContext(mc);
        return oauth.getSubject().getId();
    }
View Full Code Here

     * @param mc the {@link MessageContext}
     * @return the name of the UserSubject of the logged in user or resource owner
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static String resolveUserName(final MessageContext mc) {
        final OAuthContext oauth = getContext(mc);
        return oauth.getSubject().getLogin();
    }
View Full Code Here

     * @param mc the {@link MessageContext}
     * @return the list of roles of the logged in user or resource owner
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static List<String> resolveUserRoles(final MessageContext mc) {
        final OAuthContext oauth = getContext(mc);
        return oauth.getSubject().getRoles();
    }
View Full Code Here

     * @param mc the {@link MessageContext}
     * @return the list of permissions of the used access token
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static List<OAuthPermission> resolvePermissions(final MessageContext mc) {
        final OAuthContext oauth = getContext(mc);
        return oauth.getPermissions();
    }
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.auth.saml.Saml2BearerAuthOutInterceptor

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.