Examples of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant

Package org.apache.cxf.rs.security.oauth2.grants.code

Examples of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant

org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant
The Authorization Code Grant representation visible to the server

            return createErrorResponse(params, redirectUri, OAuthConstants.INVALID_SCOPE);
        }
        
        
        // Create a UserSubject representing the end user 
        UserSubject userSubject = createUserSubject(sc);
        
        // Request a new grant only if no pre-authorized token is available
        ServerAccessToken preauthorizedToken = getDataProvider().getPreauthorizedToken(
            client, requestedScope, userSubject, supportedGrantType);
        if (preauthorizedToken != null) {

View Full Code Here

        if (!requestedScope.containsAll(approvedScope)
            || !OAuthUtils.validateScopes(requestedScope, client.getRegisteredScopes(), 
                                         partialMatchScopeValidation)) {
            return createErrorResponse(params, redirectUri, OAuthConstants.INVALID_SCOPE);
        }
        UserSubject userSubject = createUserSubject(securityContext);
        
        // Request a new grant
        return createGrant(params,
                           client, 
                           redirectUri,

View Full Code Here

    public void setSubjectCreator(SubjectCreator creator) {
        this.subjectCreator = creator;
    }
    
    protected UserSubject createUserSubject(SecurityContext securityContext) {
        UserSubject subject = null;
        if (subjectCreator != null) {
            subject = subjectCreator.createUserSubject(getMessageContext());
            if (subject != null) {
                return subject; 
            }

View Full Code Here

        return accessToken;
    }
    
    protected SecurityContext createSecurityContext(HttpServletRequest request, 
                                                    ServerAccessToken token) {
        UserSubject endUserSubject = token.getSubject();
        UserSubject clientSubject = token.getClient().getSubject();


        final UserSubject theSubject = 
            OAuthRequestFilter.this.useUserSubject ? endUserSubject : clientSubject;
                    
        return new SecurityContext() {


            public Principal getUserPrincipal() {
                return theSubject != null ? new SimplePrincipal(theSubject.getLogin()) : null;
            }


            public boolean isUserInRole(String role) {
                if (theSubject == null) {
                    return false;
                }
                return theSubject.getRoles().contains(role);
            }
        };
    }

View Full Code Here

                    return handler;
                }
            }
            // Lets try the default grant handler
            if (grantHandlers.size() == 0) {
                AuthorizationCodeGrantHandler handler = new AuthorizationCodeGrantHandler();
                if (handler.getSupportedGrantTypes().contains(grantType)) {
                    handler.setDataProvider(
                            (AuthorizationCodeDataProvider)super.getDataProvider());
                    return handler;
                }
            }
        }

View Full Code Here

        codeReg.setRedirectUri(redirectUri);
        codeReg.setRequestedScope(requestedScope);
        codeReg.setApprovedScope(approvedScope);
        codeReg.setSubject(userSubject);
        
        ServerAuthorizationCodeGrant grant = null;
        try {
            grant = ((AuthorizationCodeDataProvider)getDataProvider()).createCodeGrant(codeReg);
        } catch (OAuthServiceException ex) {
            return createErrorResponse(params, redirectUri, OAuthConstants.ACCESS_DENIED);
        }
        
        if (redirectUri == null) {
            OOBAuthorizationResponse oobResponse = new OOBAuthorizationResponse();
            oobResponse.setClientId(client.getClientId());
            oobResponse.setAuthorizationCode(grant.getCode());
            oobResponse.setUserId(userSubject.getLogin());
            oobResponse.setLifetime(grant.getLifetime());
            return deliverOOBResponse(oobResponse);
        } else {
            // return the code by appending it as a query parameter to the redirect URI
            UriBuilder ub = getRedirectUriBuilder(params.getFirst(OAuthConstants.STATE), redirectUri);
            ub.queryParam(OAuthConstants.AUTHORIZATION_CODE_VALUE, grant.getCode());
            return Response.seeOther(ub.build()).build();
        }
    }

View Full Code Here

        codeReg.setApprovedScope(approvedScope);
        codeReg.setSubject(userSubject);
        codeReg.setAudience(params.getFirst(OAuthConstants.CLIENT_AUDIENCE));
        codeReg.setTempClientSecretHash(params.getFirst(OAuthConstants.TEMP_CLIENT_SECRET_HASH));
        
        ServerAuthorizationCodeGrant grant = null;
        try {
            grant = ((AuthorizationCodeDataProvider)getDataProvider()).createCodeGrant(codeReg);
        } catch (OAuthServiceException ex) {
            return createErrorResponse(params, redirectUri, OAuthConstants.ACCESS_DENIED);
        }
        
        if (redirectUri == null) {
            OOBAuthorizationResponse oobResponse = new OOBAuthorizationResponse();
            oobResponse.setClientId(client.getClientId());
            oobResponse.setAuthorizationCode(grant.getCode());
            oobResponse.setUserId(userSubject.getLogin());
            oobResponse.setLifetime(grant.getLifetime());
            return deliverOOBResponse(oobResponse);
        } else {
            // return the code by appending it as a query parameter to the redirect URI
            UriBuilder ub = getRedirectUriBuilder(params.getFirst(OAuthConstants.STATE), redirectUri);
            ub.queryParam(OAuthConstants.AUTHORIZATION_CODE_VALUE, grant.getCode());
            return Response.seeOther(ub.build()).build();
        }
    }

View Full Code Here

        codeReg.setRedirectUri(redirectUri);
        codeReg.setRequestedScope(requestedScope);
        codeReg.setApprovedScope(approvedScope);
        codeReg.setSubject(userSubject);
        
        ServerAuthorizationCodeGrant grant = null;
        try {
            grant = ((AuthorizationCodeDataProvider)getDataProvider()).createCodeGrant(codeReg);
        } catch (OAuthServiceException ex) {
            return createErrorResponse(params, redirectUri, OAuthConstants.ACCESS_DENIED);
        }
        
        if (redirectUri == null) {
            OOBAuthorizationResponse oobResponse = new OOBAuthorizationResponse();
            oobResponse.setClientId(client.getClientId());
            oobResponse.setAuthorizationCode(grant.getCode());
            oobResponse.setUserId(userSubject.getLogin());
            oobResponse.setLifetime(grant.getLifetime());
            return deliverOOBResponse(oobResponse);
        } else {
            // return the code by appending it as a query parameter to the redirect URI
            UriBuilder ub = getRedirectUriBuilder(params.getFirst(OAuthConstants.STATE), redirectUri);
            ub.queryParam(OAuthConstants.AUTHORIZATION_CODE_VALUE, grant.getCode());
            return Response.seeOther(ub.build()).build();
        }
    }

View Full Code Here

        codeReg.setApprovedScope(approvedScope);
        codeReg.setSubject(userSubject);
        codeReg.setAudience(params.getFirst(OAuthConstants.CLIENT_AUDIENCE));
        codeReg.setClientCodeVerifier(params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER));
        
        ServerAuthorizationCodeGrant grant = null;
        try {
            grant = ((AuthorizationCodeDataProvider)getDataProvider()).createCodeGrant(codeReg);
        } catch (OAuthServiceException ex) {
            return createErrorResponse(params, redirectUri, OAuthConstants.ACCESS_DENIED);
        }
        
        if (redirectUri == null) {
            OOBAuthorizationResponse oobResponse = new OOBAuthorizationResponse();
            oobResponse.setClientId(client.getClientId());
            oobResponse.setAuthorizationCode(grant.getCode());
            oobResponse.setUserId(userSubject.getLogin());
            oobResponse.setExpiresIn(grant.getExpiresIn());
            return deliverOOBResponse(oobResponse);
        } else {
            // return the code by appending it as a query parameter to the redirect URI
            UriBuilder ub = getRedirectUriBuilder(params.getFirst(OAuthConstants.STATE), redirectUri);
            ub.queryParam(OAuthConstants.AUTHORIZATION_CODE_VALUE, grant.getCode());
            return Response.seeOther(ub.build()).build();
        }
    }

View Full Code Here

  }


  // grant management
  public ServerAuthorizationCodeGrant createCodeGrant(
      AuthorizationCodeRegistration reg) throws OAuthServiceException {
    grant = new ServerAuthorizationCodeGrant(client, 3600L);
    grant.setRedirectUri(reg.getRedirectUri());
    grant.setSubject(reg.getSubject());
    List<String> scope = reg.getApprovedScope().isEmpty() ? reg.getRequestedScope() 
                : reg.getApprovedScope();
    grant.setApprovedScopes(scope);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant

net.sf.ehcache.Element

oauth2.manager.OAuthManager

org.apache.cxf.Bus

org.apache.cxf.common.i18n.Message

org.apache.cxf.common.security.SimplePrincipal

org.apache.cxf.jaxrs.client.WebClient

org.apache.cxf.jaxrs.ext.form.Form

org.apache.cxf.jaxrs.model.URITemplate

org.apache.cxf.message.Message

org.apache.cxf.rs.security.common.CryptoLoader

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.