Package org.apache.cxf.rs.security.oauth2.common

Examples of org.apache.cxf.rs.security.oauth2.common.OAuthContext


     * @param mc the {@link MessageContext}
     * @return the token key used to access
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static String resolveTokenKey(MessageContext mc) {
        OAuthContext oauth = getContext(mc);
        return oauth.getTokenKey();
    }
View Full Code Here


     * @param mc the {@link MessageContext}
     * @return the client registration id
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static String resolveClient(MessageContext mc) {
        OAuthContext oauth = getContext(mc);
        return oauth.getClientId();
    }
View Full Code Here

     * @param mc the {@link MessageContext}
     * @return the {@link OAuthContext} of the given {@link MessageContext}
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static OAuthContext getContext(final MessageContext mc) {
        final OAuthContext oauth = mc.getContent(OAuthContext.class);
        if ((oauth == null) || (oauth.getSubject() == null) || (oauth.getSubject().getLogin() == null)) {
            throw ExceptionUtils.toNotAuthorizedException(null, null);
        }
        return oauth;
    }
View Full Code Here

    this.accounts = accounts;
  }
 
  @GET
  public Calendar getUserCalendar() {
      OAuthContext oauth = getOAuthContext();
      String userName = oauth.getSubject().getLogin();
      UserAccount account = accounts.getAccount(userName);
      if (account == null) {
        account = accounts.getAccountWithAlias(userName);
      }
    return account.getCalendar();
View Full Code Here

  public void updateCalendar(@FormParam("hour") int hour,
                             @FormParam("description") String description) {
      // This permission check can be done in a custom filter; it can be simpler to do
      // in the actual service code if the context data (such as an hour in this case)
      // are not available in the request URI but in the message payload
      OAuthContext oauth = getOAuthContext();
      List<OAuthPermission> perms = oauth.getPermissions();
      boolean checkPassed = false;
      for (OAuthPermission perm : perms) {
          if (perm.getPermission().startsWith(OAuthConstants.UPDATE_CALENDAR_SCOPE)) {
              int authorizedHour =
                  Integer.valueOf(perm.getPermission().substring(OAuthConstants.UPDATE_CALENDAR_SCOPE.length()));
View Full Code Here

      Calendar calendar = getUserCalendar();
      calendar.getEntry(hour).setEventDescription(description);
  }
 
  private OAuthContext getOAuthContext() {
      OAuthContext oauth = mc.getContent(OAuthContext.class);
        if (oauth == null || oauth.getSubject() == null || oauth.getSubject().getLogin() == null) {
            throw new WebApplicationException(403);
        }
        return oauth;
  }
View Full Code Here

        // Create the security context and make it available on the message
        SecurityContext sc = createSecurityContext(req, accessTokenV);
        m.put(SecurityContext.class, sc);
       
        // Also set the OAuthContext
        OAuthContext oauthContext = new OAuthContext(accessTokenV.getTokenSubject(),
                                                     accessTokenV.getClientSubject(),
                                                     matchingPermissions,
                                                     accessTokenV.getTokenGrantType());
       
        oauthContext.setClientId(accessTokenV.getClientId());
        oauthContext.setTokenKey(accessTokenV.getTokenKey());
       
        m.setContent(OAuthContext.class, oauthContext);
       
        return null;
    }
View Full Code Here

        // Create the security context and make it available on the message
        SecurityContext sc = createSecurityContext(req, accessTokenV);
        m.put(SecurityContext.class, sc);
       
        // Also set the OAuthContext
        OAuthContext oauthContext = new OAuthContext(accessTokenV.getTokenSubject(),
                                                     accessTokenV.getClientSubject(),
                                                     matchingPermissions,
                                                     accessTokenV.getTokenGrantType());
       
        oauthContext.setClientId(accessTokenV.getClientId());
        oauthContext.setTokenKey(accessTokenV.getTokenKey());
        oauthContext.setTokenAudience(accessTokenV.getAudience());
       
        m.setContent(OAuthContext.class, oauthContext);
    }
View Full Code Here

        // Create the security context and make it available on the message
        SecurityContext sc = createSecurityContext(req, accessTokenV);
        m.put(SecurityContext.class, sc);
       
        // Also set the OAuthContext
        OAuthContext oauthContext = new OAuthContext(accessTokenV.getTokenSubject(),
                                                     accessTokenV.getClientSubject(),
                                                     matchingPermissions,
                                                     accessTokenV.getTokenGrantType());
       
        oauthContext.setClientId(accessTokenV.getClientId());
        oauthContext.setTokenKey(accessTokenV.getTokenKey());
        oauthContext.setTokenAudience(accessTokenV.getAudience());
       
        m.setContent(OAuthContext.class, oauthContext);
    }
View Full Code Here

     * @param mc the {@link MessageContext}
     * @return the name of the UserSubject of the logged in user or resource owner
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static String resolveUserName(final MessageContext mc) {
        final OAuthContext oauth = getContext(mc);
        return oauth.getSubject().getLogin();
    }
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.common.OAuthContext

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.