Examples of org.apache.cxf.rs.security.oauth2.common.OAuthContext

• org.apache.cxf.rs.security.oauth2.common.ServerAccessToken
  Captures the information about the current client request which custom filters may use to further protect the endpoints

     * @param mc the {@link MessageContext}
     * @return the list of roles of the logged in user or resource owner
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static List<String> resolveUserRoles(final MessageContext mc) {
        final OAuthContext oauth = getContext(mc);
        return oauth.getSubject().getRoles();
    }

     * @param mc the {@link MessageContext}
     * @return the list of permissions of the used access token
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static List<OAuthPermission> resolvePermissions(final MessageContext mc) {
        final OAuthContext oauth = getContext(mc);
        return oauth.getPermissions();
    }

     * @param mc the {@link MessageContext}
     * @return the token key used to access
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static String resolveTokenKey(MessageContext mc) {
        OAuthContext oauth = getContext(mc);
        return oauth.getTokenKey();
    }

        // Create the access token
        ServerAccessToken serverToken = null;
        try {
            serverToken = handler.createAccessToken(client, params);
        } catch (OAuthServiceException ex) {
            OAuthError customError = ex.getError();
            if (writeCustomErrors && customError != null) {
                return createErrorResponseFromBean(customError);
            }

        }

            return;
        }

        String audienceParam = params.getFirst(OAuthConstants.CLIENT_AUDIENCE);
        if (audienceParam == null) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_REQUEST));
        }
        // must be URL
        try {
            new URL(audienceParam);
        } catch (MalformedURLException ex) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_REQUEST));
        }

        if (!audiences.contains(audienceParam)) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.ACCESS_DENIED));
        }

    }

        return null;
    }

    protected Response createErrorResponse(MultivaluedMap<String, String> params,
                                           String error) {
        return createErrorResponseFromBean(new OAuthError(error));
    }

        return client;

    }

    protected void reportInvalidClient() {
        reportInvalidClient(new OAuthError(OAuthConstants.INVALID_CLIENT));
    }

                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
            } else {
                return token;
            }
        } else if (400 == response.getStatus() && map.containsKey(OAuthConstants.ERROR_KEY)) {
            OAuthError error = new OAuthError(map.get(OAuthConstants.ERROR_KEY),
                                              map.get(OAuthConstants.ERROR_DESCRIPTION_KEY));
            error.setErrorUri(map.get(OAuthConstants.ERROR_URI_KEY));
            throw new OAuthServiceException(error);
        }
        throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
    }

    protected void reportInvalidRequestError(String errorDescription) {
        reportInvalidRequestError(errorDescription, MediaType.APPLICATION_JSON_TYPE);
    }

    protected void reportInvalidRequestError(String errorDescription, MediaType mt) {
        OAuthError error =
            new OAuthError(OAuthConstants.INVALID_REQUEST, errorDescription);
        reportInvalidRequestError(error, mt);
    }

        if (handler == null) {
            return createErrorResponse(params, OAuthConstants.UNSUPPORTED_GRANT_TYPE);
        }

        // Create the access token
        ServerAccessToken serverToken = null;
        try {
            serverToken = handler.createAccessToken(client, params);
        } catch (OAuthServiceException ex) {
            OAuthError customError = ex.getError();
            if (writeCustomErrors && customError != null) {
                return createErrorResponseFromBean(customError);
            }

        }
        if (serverToken == null) {
            return createErrorResponse(params, OAuthConstants.INVALID_GRANT);
        }

        // Extract the information to be of use for the client
        ClientAccessToken clientToken = new ClientAccessToken(serverToken.getTokenType(),
                                                              serverToken.getTokenKey());
        clientToken.setRefreshToken(serverToken.getRefreshToken());
        if (isWriteOptionalParameters()) {
            clientToken.setExpiresIn(serverToken.getExpiresIn());
            List<OAuthPermission> perms = serverToken.getScopes();
            if (!perms.isEmpty()) {
                clientToken.setApprovedScope(OAuthUtils.convertPermissionsToScope(perms));
            }
            clientToken.setParameters(serverToken.getParameters());
        }

        // Return it to the client
        return Response.ok(clientToken)
                       .header(HttpHeaders.CACHE_CONTROL, "no-store")