Package org.apache.cxf.rs.security.oauth2.common

Examples of org.apache.cxf.rs.security.oauth2.common.Client


    @Consumes("application/x-www-form-urlencoded")
    @Produces("application/json")
    public Response handleTokenRequest(MultivaluedMap<String, String> params) {
       
        // Make sure the client is authenticated
        Client client = authenticateClientIfNeeded(params);
       
        // Find the grant handler
        AccessTokenGrantHandler handler = findGrantHandler(params);
        if (handler == null) {
            return createErrorResponse(params, OAuthConstants.UNSUPPORTED_GRANT_TYPE);
View Full Code Here


   
    /**
     * Make sure the client is authenticated
     */
    private Client authenticateClientIfNeeded(MultivaluedMap<String, String> params) {
        Client client = null;
        SecurityContext sc = getMessageContext().getSecurityContext();
       
        if (params.containsKey(OAuthConstants.CLIENT_ID)) {
            // both client_id and client_secret are expected in the form payload
            client = getAndValidateClient(params.getFirst(OAuthConstants.CLIENT_ID),
View Full Code Here

        return client;
    }
   
    // Get the Client and check the id and secret
    private Client getAndValidateClient(String clientId, String clientSecret) {
        Client client = getClient(clientId);
        if (canSupportPublicClients
            && !client.isConfidential()
            && client.getClientSecret() == null
            && client.getRedirectUris().isEmpty()
            && clientSecret == null) {
            return client;
        }
        if (clientSecret == null || client.getClientSecret() == null
            || !client.getClientId().equals(clientId)
            || !client.getClientSecret().equals(clientSecret)) {
            throw new NotAuthorizedException(Response.status(401).build());
        }
        return client;
    }
View Full Code Here

     * @param clientId the provided client id
     * @return Client the client reference
     * @throws {@link javax.ws.rs.WebApplicationException} if no matching Client is found
     */
    protected Client getClient(String clientId) {
        Client client = null;
        try {
            client = getValidClient(clientId);
        } catch (OAuthServiceException ex) {
            // log it
        }
View Full Code Here

    @Consumes("application/x-www-form-urlencoded")
    @Produces("application/json")
    public Response handleTokenRevocation(MultivaluedMap<String, String> params) {
       
        // Make sure the client is authenticated
        Client client = authenticateClientIfNeeded(params);
        String token = params.getFirst(OAuthConstants.REVOKED_TOKEN_ID);
        if (token == null) {
            return createErrorResponse(params, OAuthConstants.UNSUPPORTED_TOKEN_TYPE);
        }
        String tokenTypeHint = params.getFirst(OAuthConstants.REVOKED_TOKEN_TYPE_HINT);
View Full Code Here

    @Consumes("application/x-www-form-urlencoded")
    @Produces("application/json")
    public Response handleTokenRequest(MultivaluedMap<String, String> params) {
       
        // Make sure the client is authenticated
        Client client = authenticateClientIfNeeded(params);
       
        if (!OAuthUtils.isGrantSupportedForClient(client,
                                                  isCanSupportPublicClients(),
                                                  params.getFirst(OAuthConstants.GRANT_TYPE))) {
            return createErrorResponse(params, OAuthConstants.UNAUTHORIZED_CLIENT);   
View Full Code Here

   
    /**
     * Make sure the client is authenticated
     */
    protected Client authenticateClientIfNeeded(MultivaluedMap<String, String> params) {
        Client client = null;
        SecurityContext sc = getMessageContext().getSecurityContext();
       
        if (params.containsKey(OAuthConstants.CLIENT_ID)) {
            // both client_id and client_secret are expected in the form payload
            client = getAndValidateClient(params.getFirst(OAuthConstants.CLIENT_ID),
View Full Code Here

        return client;
    }
   
    // Get the Client and check the id and secret
    protected Client getAndValidateClient(String clientId, String clientSecret) {
        Client client = getClient(clientId);
        if (canSupportPublicClients
            && !client.isConfidential()
            && client.getClientSecret() == null
            && clientSecret == null) {
            return client;
        }
        if (clientSecret == null || client.getClientSecret() == null
            || !client.getClientId().equals(clientId)
            || !client.getClientSecret().equals(clientSecret)) {
            throw new NotAuthorizedException(Response.status(401).build());
        }
        return client;
    }
View Full Code Here

     * @param clientId the provided client id
     * @return Client the client reference
     * @throws {@link javax.ws.rs.WebApplicationException} if no matching Client is found
     */
    protected Client getClient(String clientId) {
        Client client = null;
        try {
            client = getValidClient(clientId);
        } catch (OAuthServiceException ex) {
            // log it
        }
View Full Code Here

public class OAuthDataProviderImpl implements OAuthDataProvider {

    @Override
    public Client getClient(String clientId) throws OAuthServiceException {
        Client client = new Client("alice", "alice", true);
        client.getAllowedGrantTypes().add(Constants.SAML2_BEARER_GRANT);
        client.getAllowedGrantTypes().add("custom_grant");
        return client;
    }
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.common.Client

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.