Examples of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant

Package org.apache.cxf.rs.security.oauth2.grants.code

Examples of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant

org.apache.cxf.rs.security.oauth2.common.OAuthError
The Authorization Code Grant representation visible to the server

     * @param mc the {@link MessageContext}
     * @return the client registration id
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static String resolveClient(MessageContext mc) {
        OAuthContext oauth = getContext(mc);
        return oauth.getClientId();
    }

View Full Code Here

     * @param mc the {@link MessageContext}
     * @return the {@link OAuthContext} of the given {@link MessageContext}
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static OAuthContext getContext(final MessageContext mc) {
        final OAuthContext oauth = mc.getContent(OAuthContext.class);
        if ((oauth == null) || (oauth.getSubject() == null) || (oauth.getSubject().getLogin() == null)) {
            throw ExceptionUtils.toNotAuthorizedException(null, null);
        }
        return oauth;
    }

View Full Code Here

        // Create the security context and make it available on the message
        SecurityContext sc = createSecurityContext(req, accessTokenV);
        m.put(SecurityContext.class, sc);
        
        // Also set the OAuthContext
        OAuthContext oauthContext = new OAuthContext(accessTokenV.getTokenSubject(),
                                                     accessTokenV.getClientSubject(),
                                                     matchingPermissions,
                                                     accessTokenV.getTokenGrantType());
        
        oauthContext.setClientId(accessTokenV.getClientId());
        oauthContext.setTokenKey(accessTokenV.getTokenKey());
        oauthContext.setTokenAudience(accessTokenV.getAudience());
        
        m.setContent(OAuthContext.class, oauthContext);
    }

View Full Code Here

        // Create the security context and make it available on the message
        SecurityContext sc = createSecurityContext(req, accessToken);
        m.put(SecurityContext.class, sc);
        
        // Also set the OAuthContext
        m.setContent(OAuthContext.class, new OAuthContext(accessToken.getSubject(),
                                                          matchingPermissions,
                                                          accessToken.getGrantType()));
        
        return null;
    }

View Full Code Here

        // Create the access token
        ServerAccessToken serverToken = null;
        try {
            serverToken = handler.createAccessToken(client, params);
        } catch (OAuthServiceException ex) {
            OAuthError customError = ex.getError();
            if (writeCustomErrors && customError != null) {
                return createErrorResponseFromBean(customError);
            }


        }

View Full Code Here

            return;
        }
        
        String audienceParam = params.getFirst(OAuthConstants.CLIENT_AUDIENCE);
        if (audienceParam == null) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_REQUEST));
        }
        // must be URL
        try {
            new URL(audienceParam);
        } catch (MalformedURLException ex) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_REQUEST));
        }
        
        if (!audiences.contains(audienceParam)) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.ACCESS_DENIED));
        }
        
    }

View Full Code Here

        return null;
    }
    
    protected Response createErrorResponse(MultivaluedMap<String, String> params,
                                           String error) {
        return createErrorResponseFromBean(new OAuthError(error));
    }

View Full Code Here

        return client;
        
    }


    protected void reportInvalidClient() {
        reportInvalidClient(new OAuthError(OAuthConstants.INVALID_CLIENT));
    }

View Full Code Here

                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
            } else {
                return token;
            }
        } else if (400 == response.getStatus() && map.containsKey(OAuthConstants.ERROR_KEY)) {
            OAuthError error = new OAuthError(map.get(OAuthConstants.ERROR_KEY),
                                              map.get(OAuthConstants.ERROR_DESCRIPTION_KEY));
            error.setErrorUri(map.get(OAuthConstants.ERROR_URI_KEY));
            throw new OAuthServiceException(error);
        } 
        throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
    }

View Full Code Here

    protected void reportInvalidRequestError(String errorDescription) {
        reportInvalidRequestError(errorDescription, MediaType.APPLICATION_JSON_TYPE);
    }
    
    protected void reportInvalidRequestError(String errorDescription, MediaType mt) {
        OAuthError error = 
            new OAuthError(OAuthConstants.INVALID_REQUEST, errorDescription);
        reportInvalidRequestError(error, mt);
    }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant

net.sf.ehcache.Element

oauth2.manager.OAuthManager

org.apache.cxf.Bus

org.apache.cxf.common.i18n.Message

org.apache.cxf.common.security.SimplePrincipal

org.apache.cxf.jaxrs.client.WebClient

org.apache.cxf.jaxrs.ext.form.Form

org.apache.cxf.jaxrs.model.URITemplate

org.apache.cxf.message.Message

org.apache.cxf.rs.security.common.CryptoLoader

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.