Package org.apache.cxf.rs.security.oauth2.common

Examples of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken


   
    private MacAccessToken validateSchemeData(MacAuthorizationScheme macAuthInfo,
                                              String clientMacString) {
        String macKey = macAuthInfo.getMacKey();
       
        ServerAccessToken accessToken = dataProvider.getAccessToken(macKey);
        if (!(accessToken instanceof MacAccessToken)) {
            throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
        }
        MacAccessToken macAccessToken = (MacAccessToken)accessToken;
       
View Full Code Here


                                   String redirectUri,
                                   List<String> requestedScope,
                                   List<String> approvedScope,
                                   UserSubject userSubject,
                                   ServerAccessToken preAuthorizedToken) {
        ServerAccessToken token = null;
        if (preAuthorizedToken == null) {
            AccessTokenRegistration reg = new AccessTokenRegistration();
            reg.setClient(client);
            reg.setGrantType(OAuthConstants.IMPLICIT_GRANT);
            reg.setSubject(userSubject);
            reg.setRequestedScope(requestedScope);       
            reg.setApprovedScope(approvedScope);
            token = getDataProvider().createAccessToken(reg);
        } else {
            token = preAuthorizedToken;
        }

  
       // return the code by appending it as a fragment parameter to the redirect URI
       
        String state = params.getFirst(OAuthConstants.STATE);
        StringBuilder sb = getUriWithFragment(state, redirectUri);
        if (state != null) {
            sb.append("&");
        }
        sb.append(OAuthConstants.ACCESS_TOKEN).append("=").append(token.getTokenKey());
        sb.append("&")
            .append(OAuthConstants.ACCESS_TOKEN_TYPE).append("=").append(token.getTokenType());
        if (reportClientId) {
            sb.append("&")
                .append(OAuthConstants.CLIENT_ID).append("=").append(client.getClientId());
        }
        if (isWriteOptionalParameters()) {
            sb.append("&").append(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN)
                .append("=").append(token.getExpiresIn());
            // Reporting scope is required if the approved scope is different and
            // optional - otherwise; lets always report it for now if it is non-empty
            List<OAuthPermission> perms = token.getScopes();
            if (!perms.isEmpty()) {
                String scope = OAuthUtils.convertPermissionsToScope(perms);
                sb.append("&").append(OAuthConstants.SCOPE).append("=")
                    .append(HttpUtils.queryEncode(scope));
            }
View Full Code Here

        if (handler == null) {
            return createErrorResponse(params, OAuthConstants.UNSUPPORTED_GRANT_TYPE);
        }
       
        // Create the access token
        ServerAccessToken serverToken = null;
        try {
            serverToken = handler.createAccessToken(client, params);
        } catch (OAuthServiceException ex) {
            OAuthError customError = ex.getError();
            if (writeCustomErrors && customError != null) {
                return createErrorResponseFromBean(customError);
            }

        }
        if (serverToken == null) {
            return createErrorResponse(params, OAuthConstants.INVALID_GRANT);
        }
       
        // Extract the information to be of use for the client
        ClientAccessToken clientToken = new ClientAccessToken(serverToken.getTokenType(),
                                                              serverToken.getTokenKey());
        clientToken.setRefreshToken(serverToken.getRefreshToken());
        if (writeOptionalParameters) {
            clientToken.setExpiresIn(serverToken.getExpiresIn());
            List<OAuthPermission> perms = serverToken.getScopes();
            if (!perms.isEmpty()) {
                clientToken.setApprovedScope(OAuthUtils.convertPermissionsToScope(perms));   
            }
            clientToken.setParameters(serverToken.getParameters());
        }
       
        // Return it to the client
        return Response.ok(clientToken)
                       .header(HttpHeaders.CACHE_CONTROL, "no-store")
View Full Code Here

       
        // Create a UserSubject representing the end user
        UserSubject userSubject = createUserSubject(sc);
       
        // Request a new grant only if no pre-authorized token is available
        ServerAccessToken preauthorizedToken = getDataProvider().getPreauthorizedToken(
            client, userSubject, supportedGrantType);
        if (preauthorizedToken != null) {
            return createGrant(params,
                               client,
                               redirectUri,
View Full Code Here

        if (!OAuthUtils.isGrantSupportedForClient(client, true, OAuthConstants.REFRESH_TOKEN_GRANT)) {
            throw new OAuthServiceException(OAuthConstants.UNAUTHORIZED_CLIENT);   
        }
        String refreshToken = params.getFirst(OAuthConstants.REFRESH_TOKEN);
       
        ServerAccessToken token = dataProvider.refreshAccessToken(client.getClientId(),
                                                                  refreshToken);
        if (token == null) {
            return null;
        }
        String scope = params.getFirst(OAuthConstants.SCOPE);
        if (scope != null) {
            List<String> tokenScopes = OAuthUtils.convertPermissionsToScopeList(token.getScopes());
            if (!tokenScopes.containsAll(OAuthUtils.parseScope(scope))) {           
                throw new OAuthServiceException(OAuthConstants.INVALID_SCOPE);
            }
        }
       
View Full Code Here

                                   String redirectUri,
                                   List<String> requestedScope,
                                   List<String> approvedScope,
                                   UserSubject userSubject,
                                   ServerAccessToken preAuthorizedToken) {
        ServerAccessToken token = null;
        if (preAuthorizedToken != null) {
            AccessTokenRegistration reg = new AccessTokenRegistration();
            reg.setClient(client);
            reg.setGrantType(OAuthConstants.IMPLICIT_GRANT);
            reg.setSubject(userSubject);
            reg.setRequestedScope(requestedScope);       
            reg.setApprovedScope(approvedScope);
            token = getDataProvider().createAccessToken(reg);
        } else {
            token = preAuthorizedToken;
        }

  
       // return the code by appending it as a fragment parameter to the redirect URI
       
        StringBuilder sb = getUriWithFragment(params.getFirst(OAuthConstants.STATE), redirectUri);
        sb.append(OAuthConstants.ACCESS_TOKEN).append("=").append(token.getTokenKey());
        sb.append(OAuthConstants.ACCESS_TOKEN_TYPE).append("=").append(token.getTokenType());
        //TODO: token parameters should also be included probably
        //      though it's not obvious the embedded client can deal with
        //      MAC tokens or other sophisticated tokens
        return Response.seeOther(URI.create(sb.toString())).build();
    }
View Full Code Here

   
    protected ServerAccessToken doCreateAccessToken(Client client,
                                                    UserSubject subject,
                                                    List<String> requestedScope) {
        // Check if a pre-authorized  token available
        ServerAccessToken token = dataProvider.getPreauthorizedToken(
                                     client, subject, supportedGrant);
        if (token != null) {
            return token;
        }
       
View Full Code Here

        if (handler == null) {
            return createErrorResponse(params, OAuthConstants.UNSUPPORTED_GRANT_TYPE);
        }
       
        // Create the access token
        ServerAccessToken serverToken = null;
        try {
            serverToken = handler.createAccessToken(client, params);
        } catch (OAuthServiceException ex) {
            OAuthError customError = ex.getError();
            if (writeCustomErrors && customError != null) {
                return createErrorResponseFromBean(customError);
            }

        }
        if (serverToken == null) {
            return createErrorResponse(params, OAuthConstants.INVALID_GRANT);
        }
       
        // Extract the information to be of use for the client
        ClientAccessToken clientToken = new ClientAccessToken(serverToken.getTokenType(),
                                                              serverToken.getTokenKey());
        clientToken.setRefreshToken(serverToken.getRefreshToken());
        if (isWriteOptionalParameters()) {
            clientToken.setExpiresIn(serverToken.getExpiresIn());
            List<OAuthPermission> perms = serverToken.getScopes();
            if (!perms.isEmpty()) {
                clientToken.setApprovedScope(OAuthUtils.convertPermissionsToScope(perms));   
            }
            clientToken.setParameters(serverToken.getParameters());
        }
       
        // Return it to the client
        return Response.ok(clientToken)
                       .header(HttpHeaders.CACHE_CONTROL, "no-store")
View Full Code Here

       
        // Create a UserSubject representing the end user
        UserSubject userSubject = createUserSubject(sc);
       
        // Request a new grant only if no pre-authorized token is available
        ServerAccessToken preauthorizedToken = getDataProvider().getPreauthorizedToken(
            client, requestedScope, userSubject, supportedGrantType);
        if (preauthorizedToken != null) {
            return createGrant(params,
                               client,
                               redirectUri,
View Full Code Here

                AuthorizationUtils.throwAuthorizationFailure(
                    Collections.singleton(authScheme), realm);
            }
        }
        // Default processing if no registered providers available
        ServerAccessToken localAccessToken = null;
        if (accessTokenV == null && dataProvider != null && authScheme.equals(DEFAULT_AUTH_SCHEME)) {
            try {
                localAccessToken = dataProvider.getAccessToken(authSchemeData);
            } catch (OAuthServiceException ex) {
                // to be handled next
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.