Package org.apache.cxf.rs.security.oauth2.provider

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException


            MacAuthorizationScheme macAuthData = new MacAuthorizationScheme(httpProps, token);
            String macAlgo = token.getParameters().get(OAuthConstants.MAC_TOKEN_ALGORITHM);
            String macKey = token.getParameters().get(OAuthConstants.MAC_TOKEN_KEY);
            sb.append(macAuthData.toAuthorizationHeader(macAlgo, macKey));
        } else {
            throw new ClientWebApplicationException(new OAuthServiceException("Unsupported token type"));
        }
       
    }
View Full Code Here


    }

    public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
        throws OAuthServiceException {
        if (!OAuthUtils.isGrantSupportedForClient(client, true, OAuthConstants.REFRESH_TOKEN_GRANT)) {
            throw new OAuthServiceException(OAuthConstants.UNAUTHORIZED_CLIENT);   
        }
        String refreshToken = params.getFirst(OAuthConstants.REFRESH_TOKEN);
       
        ServerAccessToken token = dataProvider.refreshAccessToken(client.getClientId(),
                                                                  refreshToken);
        if (token == null) {
            return null;
        }
        String scope = params.getFirst(OAuthConstants.SCOPE);
        if (scope != null) {
            List<String> tokenScopes = OAuthUtils.convertPermissionsToScopeList(token.getScopes());
            if (!tokenScopes.containsAll(OAuthUtils.parseScope(scope))) {           
                throw new OAuthServiceException(OAuthConstants.INVALID_SCOPE);
            }
        }
       
        return token;
    }
View Full Code Here

        return Collections.singletonList(supportedGrant);
    }
   
    protected void checkIfGrantSupported(Client client) {
        if (!OAuthUtils.isGrantSupportedForClient(client, isClientConfidential, supportedGrant)) {
            throw new OAuthServiceException(OAuthConstants.UNAUTHORIZED_CLIENT);   
        }
    }
View Full Code Here

        throws OAuthServiceException {
        checkIfGrantSupported(client);
       
        String assertion = params.getFirst(Constants.CLIENT_GRANT_ASSERTION_PARAM);
        if (assertion == null) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }
        try {  
            InputStream tokenStream = decodeAssertion(assertion);
            Element token = readToken(tokenStream);
            AssertionWrapper assertionWrapper = new AssertionWrapper(token);
           
            Message message = PhaseInterceptorChain.getCurrentMessage();
   
            validateToken(message, assertionWrapper);
            UserSubject grantSubject = getGrantSubject(message, assertionWrapper);
           
            return doCreateAccessToken(client,
                                       grantSubject,
                                       OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)));
        } catch (OAuthServiceException ex) {
            throw ex;
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
        }
    }
View Full Code Here

    private InputStream decodeAssertion(String assertion) {
        try {
            byte[] deflatedToken = Base64UrlUtility.decode(assertion);
            return new ByteArrayInputStream(deflatedToken);
        } catch (Base64Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }  
    }
View Full Code Here

       
        try {
            Document doc = DOMUtils.readXml(new InputStreamReader(tokenStream, "UTF-8"));
            return doc.getDocumentElement();
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }
    }
View Full Code Here

                try {
                    data.setSigCrypto(new CryptoLoader().getCrypto(message,
                                                SecurityConstants.SIGNATURE_CRYPTO,
                                                SecurityConstants.SIGNATURE_PROPERTIES));
                } catch (IOException ex) {
                    throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
                }
                data.setEnableRevocation(MessageUtils.isTrue(
                    message.getContextualProperty(WSHandlerConstants.ENABLE_REVOCATION)));
                assertion.verifySignature(data, null);
            } else if (getTLSCertificates(message) == null) {
                throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
            }
           
            if (samlValidator != null) {
                Credential credential = new Credential();
                credential.setAssertion(assertion);
                samlValidator.validate(credential, data);
            }
            samlOAuthValidator.validate(message, assertion);
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
        }
    }
View Full Code Here

        }
       
        try {
            return Base64UrlUtility.encode(assertion);
        } catch (Exception ex) {
            throw new OAuthServiceException(ex.getMessage(), ex);
        }
    }
View Full Code Here

        throws OAuthServiceException {
        checkIfGrantSupported(client);
       
        String assertion = params.getFirst(Constants.CLIENT_GRANT_ASSERTION_PARAM);
        if (assertion == null) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }
        try {  
            InputStream tokenStream = decodeAssertion(assertion);
            Element token = readToken(tokenStream);
            AssertionWrapper assertionWrapper = new AssertionWrapper(token);
           
            Message message = PhaseInterceptorChain.getCurrentMessage();
   
            validateToken(message, assertionWrapper);
            UserSubject grantSubject = getGrantSubject(message, assertionWrapper);
           
            return doCreateAccessToken(client,
                                       grantSubject,
                                       OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)));
        } catch (OAuthServiceException ex) {
            throw ex;
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
        }
    }
View Full Code Here

    private InputStream decodeAssertion(String assertion) {
        try {
            byte[] deflatedToken = Base64UrlUtility.decode(assertion);
            return new ByteArrayInputStream(deflatedToken);
        } catch (Base64Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }  
    }
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.