Package org.apache.cxf.rs.security.oauth2.common

Examples of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration


            MacAuthorizationScheme macAuthData = new MacAuthorizationScheme(httpProps, token);
            String macAlgo = token.getParameters().get(OAuthConstants.MAC_TOKEN_ALGORITHM);
            String macKey = token.getParameters().get(OAuthConstants.MAC_TOKEN_KEY);
            sb.append(macAuthData.toAuthorizationHeader(macAlgo, macKey));
        } else {
            throw new ClientException(new OAuthServiceException("Unsupported token type"));
        }
       
    }
View Full Code Here


        if (grant == null) {
            return null;
        }
        // check it has not expired, the client ids are the same
        if (OAuthUtils.isExpired(grant.getIssuedAt(), grant.getLifetime())) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }
        if (!grant.getClient().getClientId().equals(client.getClientId())) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }
        // redirect URIs must match too
        String expectedRedirectUri = grant.getRedirectUri();
        String providedRedirectUri = params.getFirst(OAuthConstants.REDIRECT_URI);
        if (providedRedirectUri != null) {
            if (expectedRedirectUri == null || !providedRedirectUri.equals(expectedRedirectUri)) {
                throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST);
            }
        } else if (expectedRedirectUri == null && !isCanSupportPublicClients()
            || expectedRedirectUri != null
                && (client.getRedirectUris().size() != 1
                || !client.getRedirectUris().contains(expectedRedirectUri))) {
            throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST);
        }
       
        String tempClientSecretHash = grant.getTempClientSecretHash();
        if (tempClientSecretHash != null) {
            String tempClientSecret = params.getFirst(OAuthConstants.TEMP_CLIENT_SECRET);
            if (!compareTcshWithTch(tempClientSecretHash, tempClientSecret)) {
                throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
            }
        }
       
        return doCreateAccessToken(client,
                                   grant.getSubject(),
View Full Code Here

                ClientAccessToken token = new ClientAccessToken(
                                              tokenType,
                                              map.get(OAuthConstants.ACCESS_TOKEN));
                return token;
            } else {
                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
            }
        } else if (400 == response.getStatus() && map.containsValue(OAuthConstants.ERROR_KEY)) {
            OAuthError error = new OAuthError(map.get(OAuthConstants.ERROR_KEY),
                                              map.get(OAuthConstants.ERROR_DESCRIPTION_KEY));
            throw new OAuthServiceException(error);
        }
        throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
    }
View Full Code Here

            sb.append(OAuthConstants.BEARER_AUTHORIZATION_SCHEME);
            sb.append(" ");
            sb.append(token.getTokenKey());
        } else {
            // deal with MAC and other tokens
            throw new OAuthServiceException("Unsupported token type");
        }
       
    }
View Full Code Here

            throw new ClientException(ex);
        }
        if (200 == response.getStatus()) {
            ClientAccessToken token = fromMapToClientToken(map);
            if (token == null) {
                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
            } else {
                return token;
            }
        } else if (400 == response.getStatus() && map.containsKey(OAuthConstants.ERROR_KEY)) {
            OAuthError error = new OAuthError(map.get(OAuthConstants.ERROR_KEY),
                                              map.get(OAuthConstants.ERROR_DESCRIPTION_KEY));
            error.setErrorUri(map.get(OAuthConstants.ERROR_URI_KEY));
            throw new OAuthServiceException(error);
        }
        throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
    }
View Full Code Here

            MacAuthorizationScheme macAuthData = new MacAuthorizationScheme(httpProps, token);
            String macAlgo = token.getParameters().get(OAuthConstants.MAC_TOKEN_ALGORITHM);
            String macKey = token.getParameters().get(OAuthConstants.MAC_TOKEN_KEY);
            sb.append(macAuthData.toAuthorizationHeader(macAlgo, macKey));
        } else {
            throw new ClientException(new OAuthServiceException("Unsupported token type"));
        }
       
    }
View Full Code Here

    }

    @Override
    public ServerAccessToken createAccessToken(AccessTokenRegistration accessToken)
        throws OAuthServiceException {
        return new BearerAccessToken(accessToken.getClient(), 3600);
    }
View Full Code Here

        return new Client("alice", "alice", true);
    }

    public ServerAccessToken createAccessToken(AccessTokenRegistration accessToken)
        throws OAuthServiceException {
        return new BearerAccessToken(accessToken.getClient(), 3600);
    }
View Full Code Here

            sb.append(token.getTokenKey());
        } else if (OAuthConstants.MAC_TOKEN_TYPE.equals(token.getTokenType())) {
            if (httpProps == null) {
                throw new IllegalArgumentException("MAC scheme requires HTTP Request properties");
            }
            MacAuthorizationScheme macAuthData = new MacAuthorizationScheme(httpProps, token);
            String macAlgo = token.getParameters().get(OAuthConstants.MAC_TOKEN_ALGORITHM);
            String macKey = token.getParameters().get(OAuthConstants.MAC_TOKEN_KEY);
            sb.append(macAuthData.toAuthorizationHeader(macAlgo, macKey));
        } else {
            throw new ClientException(new OAuthServiceException("Unsupported token type"));
        }
       
    }
View Full Code Here

   
    private boolean compareTcshWithTch(String tempClientSecretHash, String tempClientSecret) {
        if (tempClientSecret == null) {
            return false;
        }
        MessageDigestGenerator mdg = new MessageDigestGenerator();
        byte[] digest = mdg.createDigest(tempClientSecret, "SHA-256");
        int length = digest.length > 128 / 8 ? 128 / 8 : digest.length;
       
        String expectedHash = Base64UrlUtility.encodeChunk(digest, 0, length);
        return tempClientSecretHash.equals(expectedHash);
       
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.