Package org.apache.cxf.rs.security.oauth2.jwt.jwk

Examples of org.apache.cxf.rs.security.oauth2.jwt.jwk.JsonWebKey

137
138
139
140
141
142
143
144
145
146
147
            return createErrorResponse(params, redirectUri, OAuthConstants.INVALID_SCOPE);
        }
       
       
        // Create a UserSubject representing the end user
        UserSubject userSubject = createUserSubject(sc);
       
        // Request a new grant only if no pre-authorized token is available
        ServerAccessToken preauthorizedToken = getDataProvider().getPreauthorizedToken(
            client, requestedScope, userSubject, supportedGrantType);
        if (preauthorizedToken != null) {
View Full Code Here
247
248
249
250
251
252
253
254
255
256
257
        if (!requestedScope.containsAll(approvedScope)
            || !OAuthUtils.validateScopes(requestedScope, client.getRegisteredScopes(),
                                         partialMatchScopeValidation)) {
            return createErrorResponse(params, redirectUri, OAuthConstants.INVALID_SCOPE);
        }
        UserSubject userSubject = createUserSubject(securityContext);
       
        // Request a new grant
        return createGrant(params,
                           client,
                           redirectUri,
View Full Code Here
269
270
271
272
273
274
275
276
277
278
279
    public void setSubjectCreator(SubjectCreator creator) {
        this.subjectCreator = creator;
    }
   
    protected UserSubject createUserSubject(SecurityContext securityContext) {
        UserSubject subject = null;
        if (subjectCreator != null) {
            subject = subjectCreator.createUserSubject(getMessageContext());
            if (subject != null) {
                return subject;
            }
View Full Code Here
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
        return accessToken;
    }
   
    protected SecurityContext createSecurityContext(HttpServletRequest request,
                                                    ServerAccessToken token) {
        UserSubject endUserSubject = token.getSubject();
        UserSubject clientSubject = token.getClient().getSubject();

        final UserSubject theSubject =
            OAuthRequestFilter.this.useUserSubject ? endUserSubject : clientSubject;
                   
        return new SecurityContext() {

            public Principal getUserPrincipal() {
                return theSubject != null ? new SimplePrincipal(theSubject.getLogin()) : null;
            }

            public boolean isUserInRole(String role) {
                if (theSubject == null) {
                    return false;
                }
                return theSubject.getRoles().contains(role);
            }
        };
    }
View Full Code Here
245
246
247
248
249
250
251
252
253
254
255
256
257
                    return handler;
                }
            }
            // Lets try the default grant handler
            if (grantHandlers.size() == 0) {
                AuthorizationCodeGrantHandler handler = new AuthorizationCodeGrantHandler();
                if (handler.getSupportedGrantTypes().contains(grantType)) {
                    handler.setDataProvider(
                            (AuthorizationCodeDataProvider)super.getDataProvider());
                    return handler;
                }
            }
        }
View Full Code Here
170
171
172
173
174
175
176
177
178
179
180
181
182
                    return handler;
                }
            }
            // Lets try the default grant handler
            if (grantHandlers.size() == 0) {
                AuthorizationCodeGrantHandler handler = new AuthorizationCodeGrantHandler();
                if (handler.getSupportedGrantTypes().contains(grantType)) {
                    handler.setDataProvider(
                            (AuthorizationCodeDataProvider)super.getDataProvider());
                    return handler;
                }
            }
        }
View Full Code Here
67
68
69
70
71
72
73
74
75
76
77
        Crypto crypto = new CryptoLoader().loadCrypto(CRYPTO_RESOURCE_PROPERTIES);
        SelfSignInfo signInfo = new SelfSignInfo(crypto, "alice", "password");
       
        String assertion =  SAMLUtils.createAssertion(new SamlCallbackHandler(),
                                                      signInfo).assertionToString();
        Saml2BearerGrant grant = new Saml2BearerGrant(assertion);
        ClientAccessToken at = OAuthClientUtils.getAccessToken(wc,
                                        new OAuthClientUtils.Consumer("alice", "alice"),
                                        grant,
                                        false);
        assertNotNull(at.getTokenKey());
View Full Code Here
128
129
130
131
132
133
134
        Object jsonWebKey = getValue(JwtConstants.HEADER_JSON_WEB_KEY);
        if (jsonWebKey == null || jsonWebKey instanceof JsonWebKey) {
            return (JsonWebKey)jsonWebKey;
       
        Map<String, Object> map = CastUtils.cast((Map<?, ?>)jsonWebKey);
        return new JsonWebKey(map);
    }
View Full Code Here
125
126
127
128
129
130
131
132
133
134
135
        validateSpecClaim(token.getClaims());
    }
   
    @Test
    public void testWriteJwsWithJwkSignedByMac() throws Exception {
        JsonWebKey key = new JsonWebKey();
        key.setKeyType(JsonWebKey.KEY_TYPE_OCTET);
        key.setKeyOperation(Arrays.asList(
            new String[]{JsonWebKey.KEY_OPER_SIGN, JsonWebKey.KEY_OPER_VERIFY}));
        doTestWriteJwsWithJwkSignedByMac(key);
    }
View Full Code Here
167
168
169
170
171
172
173
174
175
176
177
178
179
        JwtToken token = jws.getJwtToken();
        JwtHeaders headers = token.getHeaders();
        assertEquals(JwtConstants.TYPE_JWT, headers.getType());
        assertEquals(Algorithm.HmacSHA256.getJwtName(), headers.getAlgorithm());
       
        JsonWebKey key = headers.getJsonWebKey();
        assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
        List<String> keyOps = key.getKeyOperation();
        assertEquals(2, keyOps.size());
        assertEquals(JsonWebKey.KEY_OPER_SIGN, keyOps.get(0));
        assertEquals(JsonWebKey.KEY_OPER_VERIFY, keyOps.get(1));
       
        validateSpecClaim(token.getClaims());
View Full Code Here
TOP

Related Classes of org.apache.cxf.rs.security.oauth2.jwt.jwk.JsonWebKey

  • net.sf.ehcache.Element
  • org.apache.cxf.Bus
  • org.apache.cxf.common.i18n.Message
  • org.apache.cxf.common.security.SimplePrincipal
  • org.apache.cxf.jaxrs.client.WebClient
  • org.apache.cxf.jaxrs.ext.form.Form
  • org.apache.cxf.jaxrs.model.URITemplate
  • org.apache.cxf.message.Message
  • org.apache.cxf.rs.security.common.CryptoLoader
  • org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.