Package org.apache.cxf.rs.security.oauth2.provider

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException


            MacAuthorizationScheme macAuthData = new MacAuthorizationScheme(httpProps, token);
            String macAlgo = token.getParameters().get(OAuthConstants.MAC_TOKEN_ALGORITHM);
            String macKey = token.getParameters().get(OAuthConstants.MAC_TOKEN_KEY);
            sb.append(macAuthData.toAuthorizationHeader(macAlgo, macKey));
        } else {
            throw new ClientWebApplicationException(new OAuthServiceException("Unsupported token type"));
        }
       
    }
View Full Code Here


    public void verifyNonce(String tokenKey, String clientNonceString, String clientTimestampString)
        throws OAuthServiceException {
       
        if (StringUtils.isEmpty(clientNonceString)
            || StringUtils.isEmpty(clientTimestampString)) {
            throw new OAuthServiceException("Nonce or timestamp is not available");
        }
       
        long serverClock = System.currentTimeMillis();
        NonceHistory nonceHistory = nonceStore.getNonceHistory(tokenKey);
        boolean firstTimeRequest = false;
View Full Code Here

    }

    private static void checkNonceHistory(NonceHistory nonceHistory, final String clientNonceString,
                                          final long ts) throws OAuthServiceException {
        if (!nonceHistory.findMatchingNonces(clientNonceString, ts).isEmpty()) {
            throw new OAuthServiceException("Duplicate nonce");
        }
    }
View Full Code Here

    private void checkAdjustedRequestTime(long serverClock, long clientTimestamp, NonceHistory nonceHistory) {
        long adjustedRequestTime = clientTimestamp + nonceHistory.getRequestTimeDelta();
        long requestDelta = Math.abs(serverClock - adjustedRequestTime);
        if (requestDelta > allowedWindow) {
            throw new OAuthServiceException("Timestamp is invalid");
        }
    }
View Full Code Here

                                              String clientMacString) {
        String macKey = macAuthInfo.getMacKey();
       
        ServerAccessToken accessToken = dataProvider.getAccessToken(macKey);
        if (!(accessToken instanceof MacAccessToken)) {
            throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
        }
        MacAccessToken macAccessToken = (MacAccessToken)accessToken;
       
        String normalizedString = macAuthInfo.getNormalizedRequestString();
        try {
            HmacAlgorithm hmacAlgo = HmacAlgorithm.toHmacAlgorithm(macAccessToken.getMacAlgorithm());
            byte[] serverMacData = HmacUtils.computeHmac(
                macAccessToken.getMacKey(), hmacAlgo, normalizedString);
                                                        
            byte[] clientMacData = Base64Utility.decode(clientMacString);
            boolean validMac = Arrays.equals(serverMacData, clientMacData);
            if (!validMac) {
                AuthorizationUtils.throwAuthorizationFailure(Collections
                    .singleton(OAuthConstants.MAC_AUTHORIZATION_SCHEME));
            }
        } catch (Base64Exception e) {
            throw new OAuthServiceException(OAuthConstants.SERVER_ERROR, e);
        }
        return macAccessToken;
    }
View Full Code Here

public class MessageDigestGenerator {
    private String algorithm = "MD5";
       
    public String generate(byte[] input) throws OAuthServiceException {
        if (input == null) {
            throw new OAuthServiceException("You have to pass input to Token Generator");
        }

        try {
            MessageDigest md = MessageDigest.getInstance(algorithm);
            md.reset();
            md.update(input);
            byte[] messageDigest = md.digest();
            StringBuffer hexString = new StringBuffer();
            for (int i = 0; i < messageDigest.length; i++) {
                hexString.append(Integer.toHexString(0xFF & messageDigest[i]));
            }

            return hexString.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new OAuthServiceException("server_error", e);
        }
    }
View Full Code Here

            if (digestAlgo != null) {
                gen.setAlgorithm(digestAlgo);
            }
            return gen.generate(bytes);
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.SERVER_ERROR, ex);
        }
    }
View Full Code Here

        if (requestScopes.isEmpty()) {
            requestScopes.addAll(registeredScopes);
            return requestScopes;
        }
        if (!validateScopes(requestScopes, registeredScopes, partialMatchScopeValidation)) {
            throw new OAuthServiceException("Unexpected scope");
        }
        return requestScopes;
    }
View Full Code Here

        throws OAuthServiceException {
       
        String ownerName = params.getFirst(OAuthConstants.RESOURCE_OWNER_NAME);
        String ownerPassword = params.getFirst(OAuthConstants.RESOURCE_OWNER_PASSWORD);
        if (ownerName == null || ownerPassword == null) {
            throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST);
        }
       
        UserSubject subject = null;
        try {
            subject = loginHandler.createSubject(ownerName, ownerPassword);
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST);
        }
       
        return doCreateAccessToken(client,
                                   subject,
                                   OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)));
View Full Code Here

            throw new ClientWebApplicationException(ex);
        }
        if (200 == response.getStatus()) {
            ClientAccessToken token = fromMapToClientToken(map);
            if (token == null) {
                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
            } else {
                return token;
            }
        } else if (400 == response.getStatus() && map.containsKey(OAuthConstants.ERROR_KEY)) {
            OAuthError error = new OAuthError(map.get(OAuthConstants.ERROR_KEY),
                                              map.get(OAuthConstants.ERROR_DESCRIPTION_KEY));
            error.setErrorUri(map.get(OAuthConstants.ERROR_URI_KEY));
            throw new OAuthServiceException(error);
        }
        throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
    }
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.