Package org.apache.cxf.rs.security.oauth2.provider

Examples of org.apache.cxf.rs.security.oauth2.provider.AccessTokenGrantHandler


     * @param mc the {@link MessageContext}
     * @return the list of roles of the logged in user or resource owner
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static List<String> resolveUserRoles(final MessageContext mc) {
        final OAuthContext oauth = getContext(mc);
        return oauth.getSubject().getRoles();
    }
View Full Code Here


     * @param mc the {@link MessageContext}
     * @return the list of permissions of the used access token
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static List<OAuthPermission> resolvePermissions(final MessageContext mc) {
        final OAuthContext oauth = getContext(mc);
        return oauth.getPermissions();
    }
View Full Code Here

     * @param mc the {@link MessageContext}
     * @return the token key used to access
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static String resolveTokenKey(MessageContext mc) {
        OAuthContext oauth = getContext(mc);
        return oauth.getTokenKey();
    }
View Full Code Here

     * @param mc the {@link MessageContext}
     * @return the client registration id
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static String resolveClient(MessageContext mc) {
        OAuthContext oauth = getContext(mc);
        return oauth.getClientId();
    }
View Full Code Here

     * @param mc the {@link MessageContext}
     * @return the {@link OAuthContext} of the given {@link MessageContext}
     * @throws WebApplicationException with Status 401 if not authenticated
     */
    public static OAuthContext getContext(final MessageContext mc) {
        final OAuthContext oauth = mc.getContent(OAuthContext.class);
        if ((oauth == null) || (oauth.getSubject() == null) || (oauth.getSubject().getLogin() == null)) {
            throw ExceptionUtils.toNotAuthorizedException(null, null);
        }
        return oauth;
    }
View Full Code Here

        // Create the security context and make it available on the message
        SecurityContext sc = createSecurityContext(req, accessTokenV);
        m.put(SecurityContext.class, sc);
       
        // Also set the OAuthContext
        OAuthContext oauthContext = new OAuthContext(accessTokenV.getTokenSubject(),
                                                     accessTokenV.getClientSubject(),
                                                     matchingPermissions,
                                                     accessTokenV.getTokenGrantType());
       
        oauthContext.setClientId(accessTokenV.getClientId());
        oauthContext.setTokenKey(accessTokenV.getTokenKey());
        oauthContext.setTokenAudience(accessTokenV.getAudience());
       
        m.setContent(OAuthContext.class, oauthContext);
    }
View Full Code Here

        // Create the security context and make it available on the message
        SecurityContext sc = createSecurityContext(req, accessToken);
        m.put(SecurityContext.class, sc);
       
        // Also set the OAuthContext
        m.setContent(OAuthContext.class, new OAuthContext(accessToken.getSubject(),
                                                          matchingPermissions,
                                                          accessToken.getGrantType()));
       
        return null;
    }
View Full Code Here

        // Create the access token
        ServerAccessToken serverToken = null;
        try {
            serverToken = handler.createAccessToken(client, params);
        } catch (OAuthServiceException ex) {
            OAuthError customError = ex.getError();
            if (writeCustomErrors && customError != null) {
                return createErrorResponseFromBean(customError);
            }

        }
View Full Code Here

            return;
        }
       
        String audienceParam = params.getFirst(OAuthConstants.CLIENT_AUDIENCE);
        if (audienceParam == null) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_REQUEST));
        }
        // must be URL
        try {
            new URL(audienceParam);
        } catch (MalformedURLException ex) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_REQUEST));
        }
       
        if (!audiences.contains(audienceParam)) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.ACCESS_DENIED));
        }
       
    }
View Full Code Here

        return null;
    }
   
    protected Response createErrorResponse(MultivaluedMap<String, String> params,
                                           String error) {
        return createErrorResponseFromBean(new OAuthError(error));
    }
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.provider.AccessTokenGrantHandler

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.