Package org.apache.cxf.rs.security.oauth2.jwt

Examples of org.apache.cxf.rs.security.oauth2.jwt.JwtToken


        if (serverToken == null) {
            return createErrorResponse(params, OAuthConstants.INVALID_GRANT);
        }
       
        // Extract the information to be of use for the client
        ClientAccessToken clientToken = new ClientAccessToken(serverToken.getTokenType(),
                                                              serverToken.getTokenKey());
        clientToken.setRefreshToken(serverToken.getRefreshToken());
        if (isWriteOptionalParameters()) {
            clientToken.setExpiresIn(serverToken.getExpiresIn());
            List<OAuthPermission> perms = serverToken.getScopes();
            if (!perms.isEmpty()) {
                clientToken.setApprovedScope(OAuthUtils.convertPermissionsToScope(perms));   
            }
            clientToken.setParameters(serverToken.getParameters());
        }
       
        // Return it to the client
        return Response.ok(clientToken)
                       .header(HttpHeaders.CACHE_CONTROL, "no-store")
View Full Code Here


            map = new OAuthJSONProvider().readJSONResponse((InputStream)response.getEntity());
        } catch (IOException ex) {
            throw new ClientException(ex);
        }
        if (200 == response.getStatus()) {
            ClientAccessToken token = fromMapToClientToken(map, defaultTokenType);
            if (token == null) {
                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
            } else {
                return token;
            }
View Full Code Here

            String tokenType = map.remove(OAuthConstants.ACCESS_TOKEN_TYPE);
            if (tokenType == null) {
                tokenType = defaultTokenType;
            }
            if (tokenType != null) {
                ClientAccessToken token = new ClientAccessToken(
                                              tokenType,
                                              map.remove(OAuthConstants.ACCESS_TOKEN));
               
                String refreshToken = map.remove(OAuthConstants.REFRESH_TOKEN);
                if (refreshToken != null) {
                    token.setRefreshToken(refreshToken);
                }
                String expiresInStr = map.remove(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN);
                if (expiresInStr != null) {
                    token.setExpiresIn(Long.valueOf(expiresInStr));
                }
                String issuedAtStr = map.remove(OAuthConstants.ACCESS_TOKEN_ISSUED_AT);
                token.setIssuedAt(issuedAtStr != null ? Long.valueOf(issuedAtStr)
                                                      : System.currentTimeMillis() / 1000);
                String scope = map.remove(OAuthConstants.SCOPE);
                if (scope != null) {
                    token.setApprovedScope(scope);
                }
               
                token.setParameters(map);
                return token;
            }
        }
       
        return null;
View Full Code Here

        if (200 == response.getStatus()) {
            if (map.containsKey(OAuthConstants.ACCESS_TOKEN)
                && map.containsKey(OAuthConstants.ACCESS_TOKEN_TYPE)) {
                String tokenType = map.get(OAuthConstants.ACCESS_TOKEN_TYPE);
               
                ClientAccessToken token = new ClientAccessToken(
                                              tokenType,
                                              map.get(OAuthConstants.ACCESS_TOKEN));
                return token;
            } else {
                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
View Full Code Here

            map = new OAuthJSONProvider().readJSONResponse((InputStream)response.getEntity());
        } catch (IOException ex) {
            throw new ClientException(ex);
        }
        if (200 == response.getStatus()) {
            ClientAccessToken token = fromMapToClientToken(map);
            if (token == null) {
                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
            } else {
                return token;
            }
View Full Code Here

    }
   
    public static ClientAccessToken fromMapToClientToken(Map<String, String> map) {
        if (map.containsKey(OAuthConstants.ACCESS_TOKEN)
            && map.containsKey(OAuthConstants.ACCESS_TOKEN_TYPE)) {
            ClientAccessToken token = new ClientAccessToken(
                                          map.remove(OAuthConstants.ACCESS_TOKEN_TYPE),
                                          map.remove(OAuthConstants.ACCESS_TOKEN));
           
            String refreshToken = map.remove(OAuthConstants.REFRESH_TOKEN);
            if (refreshToken != null) {
                token.setRefreshToken(refreshToken);
            }
            String expiresInStr = map.remove(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN);
            if (expiresInStr != null) {
                token.setExpiresIn(Long.valueOf(expiresInStr));
            }
            String issuedAtStr = map.remove(OAuthConstants.ACCESS_TOKEN_ISSUED_AT);
            token.setIssuedAt(issuedAtStr != null ? Long.valueOf(issuedAtStr)
                                                  : System.currentTimeMillis() / 1000);
            String scope = map.remove(OAuthConstants.SCOPE);
            if (scope != null) {
                token.setApprovedScope(scope);
            }
           
            token.setParameters(map);
            return token;
        } else {
            return null;
        }
    }
View Full Code Here

        if (serverToken == null) {
            return createErrorResponse(params, OAuthConstants.INVALID_GRANT);
        }
       
        // Extract the information to be of use for the client
        ClientAccessToken clientToken = new ClientAccessToken(serverToken.getTokenType(),
                                                              serverToken.getTokenKey());
        clientToken.setParameters(serverToken.getParameters());
       
       
        // Return it to the client
        return Response.ok(clientToken)
                       .header(HttpHeaders.CACHE_CONTROL, "no-store")
View Full Code Here

        } catch (OAuthServiceException ex) {
            return createErrorResponse(params, redirectUri, OAuthConstants.INVALID_SCOPE);
        }
   
        // Return the authorization challenge data to the end user
        OAuthAuthorizationData data =
            createAuthorizationData(client, params, redirectUri, permissions);
        personalizeData(data, userSubject);
        return Response.ok(data).build();
       
    }
View Full Code Here

     * Create the authorization challenge data
     */
    protected OAuthAuthorizationData createAuthorizationData(
        Client client, MultivaluedMap<String, String> params, String redirectUri, List<OAuthPermission> perms) {
       
        OAuthAuthorizationData secData = new OAuthAuthorizationData();
       
        addAuthenticityTokenToSession(secData);
               
        secData.setPermissions(perms);
        secData.setProposedScope(OAuthUtils.convertPermissionsToScope(perms));
        secData.setClientId(client.getClientId());
        if (redirectUri != null) {
            secData.setRedirectUri(redirectUri);
        }
        secData.setState(params.getFirst(OAuthConstants.STATE));
       
        secData.setApplicationName(client.getApplicationName());
        secData.setApplicationWebUri(client.getApplicationWebUri());
        secData.setApplicationDescription(client.getApplicationDescription());
        secData.setApplicationLogoUri(client.getApplicationLogoUri());
        secData.setAudience(params.getFirst(OAuthConstants.CLIENT_AUDIENCE));
        List<Property> extraProperties = client.getProperties();
        secData.setExtraApplicationProperties(extraProperties == null ? Collections.<Property>emptyList()
            : Collections.unmodifiableList(extraProperties));
        String replyTo = getMessageContext().getUriInfo()
            .getAbsolutePathBuilder().path("decision").build().toString();
        secData.setReplyTo(replyTo);
       
        return secData;
    }
View Full Code Here

     * @param mc the {@link MessageContext}
     * @return the id of the UserSubject of the logged in user or resource owner
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static String resolveUserId(final MessageContext mc) {
        final OAuthContext oauth = getContext(mc);
        return oauth.getSubject().getId();
    }
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.jwt.JwtToken

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.