Package org.apache.cxf.rs.security.oauth2.common

Examples of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken


        throws OAuthServiceException {
        return null;
    }
   
    protected ServerAccessToken doCreateAccessToken(AccessTokenRegistration accessToken) {
        ServerAccessToken at = createNewAccessToken(accessToken.getClient());
        at.setAudience(accessToken.getAudience());
        at.setGrantType(accessToken.getGrantType());
        List<String> theScopes = accessToken.getApprovedScope();
        if (theScopes.isEmpty()) {
            theScopes = accessToken.getRequestedScope();
        }
        List<OAuthPermission> thePermissions =
            convertScopeToPermissions(accessToken.getClient(), theScopes);
        at.setScopes(thePermissions);
        at.setSubject(accessToken.getSubject());
        createNewRefreshToken(at);
        return at;
    }
View Full Code Here


    }
   
    protected ServerAccessToken doRefreshAccessToken(Client client,
                                                     RefreshToken oldRefreshToken,
                                                     List<String> requestedScopes) {
        ServerAccessToken at = createNewAccessToken(client);
        at.setAudience(oldRefreshToken.getAudience());
        at.setGrantType(oldRefreshToken.getGrantType());
        List<OAuthPermission> theNewScopes = convertScopeToPermissions(client, requestedScopes);
        if (theNewScopes.isEmpty()) {
            at.setScopes(oldRefreshToken.getScopes());
        } else if (oldRefreshToken.getScopes().containsAll(theNewScopes)) {
            at.setScopes(theNewScopes);
        } else {
            throw new OAuthServiceException("Invalid scopes");
        }
        createNewRefreshToken(at);
        return at;
View Full Code Here

  }
 
  // token management
  public ServerAccessToken createAccessToken(AccessTokenRegistration reg)
    throws OAuthServiceException {
    ServerAccessToken token = new BearerAccessToken(reg.getClient(), 3600L);
   
    List<String> scope = reg.getApprovedScope().isEmpty() ? reg.getRequestedScope()
                                                      : reg.getApprovedScope();
    token.setScopes(convertScopeToPermissions(reg.getClient(), scope));
    token.setSubject(reg.getSubject());
    token.setGrantType(reg.getGrantType());
   
    at = token;
   
    return token;
  }
View Full Code Here

   
    private MacAccessToken validateSchemeData(MacAuthorizationScheme macAuthInfo,
                                              String clientMacString) {
        String macKey = macAuthInfo.getMacKey();
       
        ServerAccessToken accessToken = dataProvider.getAccessToken(macKey);
        if (!(accessToken instanceof MacAccessToken)) {
            throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
        }
        MacAccessToken macAccessToken = (MacAccessToken)accessToken;
       
View Full Code Here

       
        // Create a UserSubject representing the end user
        UserSubject userSubject = createUserSubject(sc);
       
        // Request a new grant only if no pre-authorized token is available
        ServerAccessToken preauthorizedToken = getDataProvider().getPreauthorizedToken(
            client, requestedScope, userSubject, supportedGrantType);
        if (preauthorizedToken != null) {
            return createGrant(params,
                               client,
                               redirectUri,
View Full Code Here

                                   String redirectUri,
                                   List<String> requestedScope,
                                   List<String> approvedScope,
                                   UserSubject userSubject,
                                   ServerAccessToken preAuthorizedToken) {
        ServerAccessToken token = null;
        if (preAuthorizedToken == null) {
            AccessTokenRegistration reg = new AccessTokenRegistration();
            reg.setClient(client);
            reg.setGrantType(OAuthConstants.IMPLICIT_GRANT);
            reg.setSubject(userSubject);
            reg.setRequestedScope(requestedScope);       
            reg.setApprovedScope(approvedScope);
            token = getDataProvider().createAccessToken(reg);
        } else {
            token = preAuthorizedToken;
        }

  
       // return the code by appending it as a fragment parameter to the redirect URI
       
        String state = params.getFirst(OAuthConstants.STATE);
        StringBuilder sb = getUriWithFragment(state, redirectUri);
        if (state != null) {
            sb.append("&");
        }
        sb.append(OAuthConstants.ACCESS_TOKEN).append("=").append(token.getTokenKey());
        sb.append("&")
            .append(OAuthConstants.ACCESS_TOKEN_TYPE).append("=").append(token.getTokenType());
        if (isWriteOptionalParameters()) {
            sb.append("&").append(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN)
                .append("=").append(token.getExpiresIn());
            // Reporting scope is required if the approved scope is different and
            // optional - otherwise; lets always report it for now if it is non-empty
            List<OAuthPermission> perms = token.getScopes();
            if (!perms.isEmpty()) {
                sb.append("&").append(OAuthConstants.SCOPE)
                    .append("=").append(OAuthUtils.convertPermissionsToScope(perms));
            }
            //TODO: also report other token parameters if any if needed 
View Full Code Here

        if (handler == null) {
            return createErrorResponse(params, OAuthConstants.UNSUPPORTED_GRANT_TYPE);
        }
       
        // Create the access token
        ServerAccessToken serverToken = null;
        try {
            serverToken = handler.createAccessToken(client, params);
        } catch (OAuthServiceException ex) {
            OAuthError customError = ex.getError();
            if (writeCustomErrors && customError != null) {
                return createErrorResponseFromBean(customError);
            }

        }
        if (serverToken == null) {
            return createErrorResponse(params, OAuthConstants.INVALID_GRANT);
        }
       
        // Extract the information to be of use for the client
        ClientAccessToken clientToken = new ClientAccessToken(serverToken.getTokenType(),
                                                              serverToken.getTokenKey());
        clientToken.setRefreshToken(serverToken.getRefreshToken());
        if (isWriteOptionalParameters()) {
            clientToken.setExpiresIn(serverToken.getExpiresIn());
            List<OAuthPermission> perms = serverToken.getScopes();
            if (!perms.isEmpty()) {
                clientToken.setApprovedScope(OAuthUtils.convertPermissionsToScope(perms));   
            }
            clientToken.setParameters(serverToken.getParameters());
        }
       
        // Return it to the client
        return Response.ok(clientToken)
                       .header(HttpHeaders.CACHE_CONTROL, "no-store")
View Full Code Here

   
    protected ServerAccessToken doCreateAccessToken(Client client,
                                                    UserSubject subject,
                                                    List<String> requestedScope) {
        // Check if a pre-authorized  token available
        ServerAccessToken token = dataProvider.getPreauthorizedToken(
                                     client, requestedScope, subject, supportedGrant);
        if (token != null) {
            return token;
        }
       
View Full Code Here

   
    public static RefreshToken recreateRefreshToken(OAuthDataProvider provider,
                                                    String newTokenKey,
                                                    String decryptedSequence) throws SecurityException {
        String[] parts = getParts(decryptedSequence);
        ServerAccessToken token = recreateAccessToken(provider, newTokenKey, parts);
        return new RefreshToken(token,
                                newTokenKey,
                                parseSimpleList(parts[parts.length - 1]));
    }
View Full Code Here

    private static ServerAccessToken recreateAccessToken(OAuthDataProvider provider,
                                                  String newTokenKey,
                                                  String[] parts) {
       
       
        @SuppressWarnings("serial")
        final ServerAccessToken newToken = new ServerAccessToken(provider.getClient(parts[4]),
                                                                 parts[1],
                                                                 newTokenKey == null ? parts[0] : newTokenKey,
                                                                 Long.valueOf(parts[2]),
                                                                 Long.valueOf(parts[3])) {
        }
       
        newToken.setRefreshToken(getStringPart(parts[5]));
        newToken.setGrantType(getStringPart(parts[6]));
        newToken.setAudience(getStringPart(parts[7]));
        newToken.setParameters(parseSimpleMap(parts[8]));
       
        // Permissions
        if (!parts[9].trim().isEmpty()) {
            List<OAuthPermission> perms = new LinkedList<OAuthPermission>();
            String[] allPermParts = parts[9].split("\\.");
            for (int i = 0; i + 4 < allPermParts.length; i = i + 5) {
                OAuthPermission perm = new OAuthPermission(allPermParts[i], allPermParts[i + 1]);
                perm.setDefault(Boolean.valueOf(allPermParts[i + 2]));
                perm.setHttpVerbs(parseSimpleList(allPermParts[i + 3]));
                perm.setUris(parseSimpleList(allPermParts[i + 4]));
                perms.add(perm);
            }
            newToken.setScopes(perms);
        }
        //UserSubject:
        newToken.setSubject(recreateUserSubject(parts[10]));
               
        return newToken;
    }
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.