Examples of org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken

• org.apache.cxf.rs.security.oauth2.utils.MessageDigestGenerator
  Simple Bearer Access Token implementations

        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair.getPrivate();

        AccessTokenRegistration atr = prepareTokenRegistration();

        BearerAccessToken token = p.createAccessTokenInternal(atr);
        JSONProvider<BearerAccessToken> jsonp = new JSONProvider<BearerAccessToken>();
        jsonp.setMarshallAsJaxbElement(true);
        jsonp.setUnmarshallAsJaxbElement(true);
        ByteArrayOutputStream bos = new ByteArrayOutputStream();
        jsonp.writeTo(token, BearerAccessToken.class, new Annotation[]{}, MediaType.APPLICATION_JSON_TYPE,

        // a user with yet another form asking for the authorization is redundant
        return null;
    }

    BearerAccessToken createAccessTokenInternal(AccessTokenRegistration accessTokenReg) {
        BearerAccessToken token = new BearerAccessToken(accessTokenReg.getClient(), 3600L);
        token.setSubject(accessTokenReg.getSubject());

        createRefreshToken(token);

        token.setGrantType(accessTokenReg.getGrantType());
        token.setAudience(accessTokenReg.getAudience());
        token.setParameters(Collections.singletonMap("param", "value"));
        token.setScopes(Collections.singletonList(
            new OAuthPermission("read", "read permission")));
        return token;
    }

    }

    @Override
    public ServerAccessToken createAccessToken(AccessTokenRegistration accessToken)
        throws OAuthServiceException {
        return new BearerAccessToken(accessToken.getClient(), 3600);
    }

        // a user with yet another form asking for the authorization is redundant
        return null;
    }

    BearerAccessToken createAccessTokenInternal(AccessTokenRegistration accessTokenReg) {
        BearerAccessToken token = new BearerAccessToken(accessTokenReg.getClient(), 3600L);
        token.setSubject(accessTokenReg.getSubject());

        createRefreshToken(token);

        token.setGrantType(accessTokenReg.getGrantType());
        token.setAudience(accessTokenReg.getAudience());
        token.setParameters(Collections.singletonMap("param", "value"));
        token.setScopes(Collections.singletonList(
            new OAuthPermission("read", "read permission")));
        return token;
    }

    }

    @Test
    public void testBearerTokenCertAndSecretKey() throws Exception {
        AccessTokenRegistration atr = prepareTokenRegistration();
        BearerAccessToken token = p.createAccessTokenInternal(atr);

        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
        KeyPair keyPair = kpg.generateKeyPair();
        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair.getPrivate();

        SecretKey secretKey = EncryptionUtils.getSecretKey();
        String encryptedSecretKey = EncryptionUtils.encryptSecretKey(secretKey, publicKey);

        String encryptedToken = ModelEncryptionSupport.encryptAccessToken(token, secretKey);
        token.setTokenKey(encryptedToken);
        SecretKey decryptedSecretKey = EncryptionUtils.decryptSecretKey(encryptedSecretKey, privateKey);
        ServerAccessToken token2 = ModelEncryptionSupport.decryptAccessToken(p, encryptedToken, decryptedSecretKey);
        // compare tokens
        compareAccessTokens(token, token2);
    }

    @Test
    public void testBearerTokenJSON() throws Exception {
        AccessTokenRegistration atr = prepareTokenRegistration();

        BearerAccessToken token = p.createAccessTokenInternal(atr);
        JSONProvider<BearerAccessToken> jsonp = new JSONProvider<BearerAccessToken>();
        jsonp.setMarshallAsJaxbElement(true);
        jsonp.setUnmarshallAsJaxbElement(true);
        ByteArrayOutputStream bos = new ByteArrayOutputStream();
        jsonp.writeTo(token, BearerAccessToken.class, new Annotation[]{}, MediaType.APPLICATION_JSON_TYPE,

        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair.getPrivate();

        AccessTokenRegistration atr = prepareTokenRegistration();

        BearerAccessToken token = p.createAccessTokenInternal(atr);
        JSONProvider<BearerAccessToken> jsonp = new JSONProvider<BearerAccessToken>();
        jsonp.setMarshallAsJaxbElement(true);
        jsonp.setUnmarshallAsJaxbElement(true);
        ByteArrayOutputStream bos = new ByteArrayOutputStream();
        jsonp.writeTo(token, BearerAccessToken.class, new Annotation[]{}, MediaType.APPLICATION_JSON_TYPE,

            sb.append(token.getTokenKey());
        } else if (OAuthConstants.MAC_TOKEN_TYPE.equals(token.getTokenType())) {
            if (httpProps == null) {
                throw new IllegalArgumentException("MAC scheme requires HTTP Request properties");
            }
            MacAuthorizationScheme macAuthData = new MacAuthorizationScheme(httpProps, token);
            String macAlgo = token.getParameters().get(OAuthConstants.MAC_TOKEN_ALGORITHM);
            String macKey = token.getParameters().get(OAuthConstants.MAC_TOKEN_KEY);
            sb.append(macAuthData.toAuthorizationHeader(macAlgo, macKey));
        } else {
            throw new ClientException(new OAuthServiceException("Unsupported token type"));
        }

    }

            sb.append(token.getTokenKey());
        } else if (OAuthConstants.MAC_TOKEN_TYPE.equals(token.getTokenType())) {
            if (httpProps == null) {
                throw new IllegalArgumentException("MAC scheme requires HTTP Request properties");
            }
            MacAuthorizationScheme macAuthData = new MacAuthorizationScheme(httpProps, token);
            String macAlgo = token.getParameters().get(OAuthConstants.MAC_TOKEN_ALGORITHM);
            String macKey = token.getParameters().get(OAuthConstants.MAC_TOKEN_KEY);
            sb.append(macAuthData.toAuthorizationHeader(macAlgo, macKey));
        } else {
            throw new ClientException(new OAuthServiceException("Unsupported token type"));
        }

    }

    private boolean compareTcshWithTch(String tempClientSecretHash, String tempClientSecret) {
        if (tempClientSecret == null) {
            return false;
        }
        MessageDigestGenerator mdg = new MessageDigestGenerator();
        byte[] digest = mdg.createDigest(tempClientSecret, "SHA-256");
        int length = digest.length > 128 / 8 ? 128 / 8 : digest.length;

        String expectedHash = Base64UrlUtility.encodeChunk(digest, 0, length);
        return tempClientSecretHash.equals(expectedHash);