Package org.apache.cxf.rs.security.oauth2.provider

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException


       
        try {
            Document doc = StaxUtils.read(new InputStreamReader(tokenStream, "UTF-8"));
            return doc.getDocumentElement();
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }
    }
View Full Code Here


                try {
                    data.setSigVerCrypto(new CryptoLoader().getCrypto(message,
                                                SecurityConstants.SIGNATURE_CRYPTO,
                                                SecurityConstants.SIGNATURE_PROPERTIES));
                } catch (IOException ex) {
                    throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
                }
                data.setEnableRevocation(MessageUtils.isTrue(
                    message.getContextualProperty(WSHandlerConstants.ENABLE_REVOCATION)));
               
                Signature sig = assertion.getSignature();
                KeyInfo keyInfo = sig.getKeyInfo();
                SAMLKeyInfo samlKeyInfo =
                    SAMLUtil.getCredentialDirectlyFromKeyInfo(
                        keyInfo.getDOM(), data.getSigVerCrypto()
                    );
                assertion.verifySignature(samlKeyInfo);
               
            } else if (getTLSCertificates(message) == null) {
                throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
            }
           
            if (samlValidator != null) {
                Credential credential = new Credential();
                credential.setSamlAssertion(assertion);
                samlValidator.validate(credential, data);
            }
            samlOAuthValidator.validate(message, assertion);
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
        }
    }
View Full Code Here

            if (digestAlgo != null) {
                gen.setAlgorithm(digestAlgo);
            }
            return gen.generate(bytes);
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.SERVER_ERROR, ex);
        }
    }
View Full Code Here

        if (requestScopes.isEmpty()) {
            requestScopes.addAll(registeredScopes);
            return requestScopes;
        }
        if (!validateScopes(requestScopes, registeredScopes, partialMatchScopeValidation)) {
            throw new OAuthServiceException("Unexpected scope");
        }
        return requestScopes;
    }
View Full Code Here

        }
       
        try {
            return Base64UrlUtility.encode(assertion);
        } catch (Exception ex) {
            throw new OAuthServiceException(ex.getMessage(), ex);
        }
    }
View Full Code Here

   
    private void checkIfGrantSupported(Client client, String requestedGrant) {
        if (!OAuthUtils.isGrantSupportedForClient(client,
                                                  canSupportPublicClients,
                                                  requestedGrant)) {
            throw new OAuthServiceException(OAuthConstants.UNAUTHORIZED_CLIENT);   
        }
    }
View Full Code Here

                                                    String requestedGrant,
                                                    List<String> requestedScope,
                                                    String audience) {
        if (!OAuthUtils.validateScopes(requestedScope, client.getRegisteredScopes(),
                                       partialMatchScopeValidation)) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_SCOPE));    
        }
        if (!OAuthUtils.validateAudience(audience, client.getRegisteredAudiences())) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_GRANT));
        }
       
        // Check if a pre-authorized  token available
        ServerAccessToken token = dataProvider.getPreauthorizedToken(
                                     client, requestedScope, subject, requestedGrant);
View Full Code Here

public class MessageDigestGenerator {
    private String algorithm = "MD5";
       
    public String generate(byte[] input) throws OAuthServiceException {
        if (input == null) {
            throw new OAuthServiceException("You have to pass input to Token Generator");
        }

        try {
            byte[] messageDigest = createDigest(input, algorithm);
            StringBuffer hexString = new StringBuffer();
            for (int i = 0; i < messageDigest.length; i++) {
                hexString.append(Integer.toHexString(0xFF & messageDigest[i]));
            }

            return hexString.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new OAuthServiceException("server_error", e);
        }
    }
View Full Code Here

    public byte[] createDigest(String input, String algo) {
        try {
            return createDigest(input.getBytes("UTF-8"), algo);
        } catch (UnsupportedEncodingException e) {
            throw new OAuthServiceException("server_error", e);
        } catch (NoSuchAlgorithmException e) {
            throw new OAuthServiceException("server_error", e);
        }  
    }
View Full Code Here

            throw new ClientWebApplicationException(ex);
        }
        if (200 == response.getStatus()) {
            ClientAccessToken token = fromMapToClientToken(map);
            if (token == null) {
                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
            } else {
                return token;
            }
        } else if (400 == response.getStatus() && map.containsValue(OAuthConstants.ERROR_KEY)) {
            OAuthError error = new OAuthError(map.get(OAuthConstants.ERROR_KEY),
                                              map.get(OAuthConstants.ERROR_DESCRIPTION_KEY));
            error.setErrorUri(map.get(OAuthConstants.ERROR_URI_KEY));
            throw new OAuthServiceException(error);
        }
        throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
    }
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.