Examples of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant

Package org.apache.cxf.rs.security.oauth2.grants.code

Examples of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant

org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException
The Authorization Code Grant representation visible to the server

            // the authenticated credentials and the client registration id
        }
        Response response = accessTokenService.form(form);
        Map<String, String> map = null;
        try {
            map = new OAuthJSONProvider().readJSONResponse((InputStream)response.getEntity());
        } catch (IOException ex) {
            throw new ClientException(ex);
        }
        if (200 == response.getStatus()) {
            ClientAccessToken token = fromMapToClientToken(map);

View Full Code Here

    
    private String algorithm = ALGO_MD5;
        
    public String generate(byte[] input) throws OAuthServiceException {
        if (input == null) {
            throw new OAuthServiceException("You have to pass input to Token Generator");
        }


        try {
            byte[] messageDigest = createDigest(input, algorithm);
            StringBuffer hexString = new StringBuffer();
            for (int i = 0; i < messageDigest.length; i++) {
                hexString.append(Integer.toHexString(0xFF & messageDigest[i]));
            }


            return hexString.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new OAuthServiceException("server_error", e);
        }
    }

View Full Code Here


    public byte[] createDigest(String input, String algo) {
        try {
            return createDigest(input.getBytes("UTF-8"), algo);
        } catch (UnsupportedEncodingException e) {
            throw new OAuthServiceException("server_error", e);
        } catch (NoSuchAlgorithmException e) {
            throw new OAuthServiceException("server_error", e);
        }   
    }

View Full Code Here

            return;
        }
        
        String audienceParam = params.getFirst(OAuthConstants.CLIENT_AUDIENCE);
        if (audienceParam == null) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_REQUEST));
        }
        // must be URL
        try {
            new URL(audienceParam);
        } catch (MalformedURLException ex) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_REQUEST));
        }
        
        if (!audiences.contains(audienceParam)) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.ACCESS_DENIED));
        }
        
    }

View Full Code Here

    public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
        throws OAuthServiceException {
        
        String assertion = params.getFirst(Constants.CLIENT_GRANT_ASSERTION_PARAM);
        if (assertion == null) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }
        try {   
            InputStream tokenStream = decodeAssertion(assertion);
            Element token = readToken(tokenStream);
            AssertionWrapper assertionWrapper = new AssertionWrapper(token);
            
            Message message = PhaseInterceptorChain.getCurrentMessage();
    
            validateToken(message, assertionWrapper);
            UserSubject grantSubject = getGrantSubject(message, assertionWrapper);
            
            return doCreateAccessToken(client, 
                                       grantSubject,
                                       Constants.SAML2_BEARER_GRANT,
                                       OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)));
        } catch (OAuthServiceException ex) {
            throw ex;
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
        }
    }

View Full Code Here

    private InputStream decodeAssertion(String assertion) {
        try {
            byte[] deflatedToken = Base64UrlUtility.decode(assertion);
            return new ByteArrayInputStream(deflatedToken); 
        } catch (Base64Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }   
    }

View Full Code Here

        
        try {
            Document doc = StaxUtils.read(new InputStreamReader(tokenStream, "UTF-8"));
            return doc.getDocumentElement();
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }
    }

View Full Code Here

                try {
                    data.setSigCrypto(new CryptoLoader().getCrypto(message,
                                                SecurityConstants.SIGNATURE_CRYPTO,
                                                SecurityConstants.SIGNATURE_PROPERTIES));
                } catch (IOException ex) {
                    throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
                }
                data.setEnableRevocation(MessageUtils.isTrue(
                    message.getContextualProperty(WSHandlerConstants.ENABLE_REVOCATION)));
                assertion.verifySignature(data, null);
            } else if (getTLSCertificates(message) == null) {
                throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
            }
            
            if (samlValidator != null) {
                Credential credential = new Credential();
                credential.setAssertion(assertion);
                samlValidator.validate(credential, data);
            }
            samlOAuthValidator.validate(message, assertion);
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
        }
    }

View Full Code Here

            throw new ClientException(ex);
        }
        if (200 == response.getStatus()) {
            ClientAccessToken token = fromMapToClientToken(map, defaultTokenType);
            if (token == null) {
                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
            } else {
                return token;
            }
        } else if (400 == response.getStatus() && map.containsKey(OAuthConstants.ERROR_KEY)) {
            OAuthError error = new OAuthError(map.get(OAuthConstants.ERROR_KEY),
                                              map.get(OAuthConstants.ERROR_DESCRIPTION_KEY));
            error.setErrorUri(map.get(OAuthConstants.ERROR_URI_KEY));
            throw new OAuthServiceException(error);
        } 
        throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
    }

View Full Code Here

            MacAuthorizationScheme macAuthData = new MacAuthorizationScheme(httpProps, token);
            String macAlgo = token.getParameters().get(OAuthConstants.MAC_TOKEN_ALGORITHM);
            String macKey = token.getParameters().get(OAuthConstants.MAC_TOKEN_KEY);
            sb.append(macAuthData.toAuthorizationHeader(macAlgo, macKey));
        } else {
            throw new ClientException(new OAuthServiceException("Unsupported token type"));
        }
        
    }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant

net.sf.ehcache.Element

oauth2.manager.OAuthManager

org.apache.cxf.Bus

org.apache.cxf.common.i18n.Message

org.apache.cxf.common.security.SimplePrincipal

org.apache.cxf.jaxrs.client.WebClient

org.apache.cxf.jaxrs.ext.form.Form

org.apache.cxf.jaxrs.model.URITemplate

org.apache.cxf.message.Message

org.apache.cxf.rs.security.common.CryptoLoader

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.