Package org.apache.oltu.oauth2.as.request

Examples of org.apache.oltu.oauth2.as.request.OAuthTokenRequest


    @POST
    @Consumes("application/x-www-form-urlencoded")
    @Produces("application/json")
    public Response authorize(@Context HttpServletRequest request) throws OAuthSystemException {

        OAuthTokenRequest oauthRequest = null;

        OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());

        try {
            oauthRequest = new OAuthTokenRequest(request);
           
            //check if clientid is valid
            if (!Common.CLIENT_ID.equals(oauthRequest.getParam(OAuth.OAUTH_CLIENT_ID))) {
                OAuthResponse response =
                    OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                        .setError(OAuthError.TokenResponse.INVALID_CLIENT).setErrorDescription("client_id not found")
                        .buildJSONMessage();
                return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
            }

            //do checking for different grant types
            if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE)
                .equals(GrantType.AUTHORIZATION_CODE.toString())) {
                if (!Common.AUTHORIZATION_CODE.equals(oauthRequest.getParam(OAuth.OAUTH_CODE))) {
                    OAuthResponse response = OAuthASResponse
                        .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                        .setError(OAuthError.TokenResponse.INVALID_GRANT)
                        .setErrorDescription("invalid authorization code")
                        .buildJSONMessage();
                    return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
                }
            } else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE)
                .equals(GrantType.PASSWORD.toString())) {
                if (!Common.PASSWORD.equals(oauthRequest.getPassword())
                    || !Common.USERNAME.equals(oauthRequest.getUsername())) {
                    OAuthResponse response = OAuthASResponse
                        .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                        .setError(OAuthError.TokenResponse.INVALID_GRANT)
                        .setErrorDescription("invalid username or password")
                        .buildJSONMessage();
                    return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
                }
            } else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE)
                .equals(GrantType.REFRESH_TOKEN.toString())) {
                OAuthResponse response = OAuthASResponse
                    .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                    .setError(OAuthError.TokenResponse.INVALID_GRANT)
                    .setErrorDescription("invalid username or password")
View Full Code Here


        expect(request.getParameter("param")).andStubReturn("someparam");
        replay(request);

        OAuthRequest req = null;
        try {
            req = new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }

        verify(request);
        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE)).andStubReturn(null);
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://www.example.com/red");
        expect(request.getParameter("param")).andStubReturn("someparam");
        replay(request);

        try {
            req = new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }
View Full Code Here

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("test_client");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }

        verify(request);

        reset(request);
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("test_client");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback");
        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE)).andStubReturn("authorization_code");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }
        verify(request);

        reset(request);
        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(GrantType.PASSWORD.toString());
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("test_client");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }

        verify(request);

        reset(request);
        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(GrantType.REFRESH_TOKEN.toString());
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("test_client");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }
        verify(request);
        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(null);
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("test_client");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }
View Full Code Here

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("test_client");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }
        verify(request);
        reset(request);

        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.JSON);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("test_client");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback");
        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE)).andStubReturn("authorization_code");

        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }

        verify(request);

        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(GrantType.PASSWORD.toString());
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.JSON);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("test_client");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }

        verify(request);

        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(GrantType.REFRESH_TOKEN.toString());
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.JSON);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("test_client");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }

        verify(request);

        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(null);
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.JSON);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("test_client");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }
View Full Code Here

        expect(request.getParameter(OAuth.OAUTH_CODE)).andStubReturn("test_code");
        expect(request.getParameter(OAuth.OAUTH_CLIENT_SECRET)).andStubReturn("secret");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }

        verify(request);

        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(GrantType.AUTHORIZATION_CODE.toString());
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("client_id");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn(null);
        expect(request.getParameter(OAuth.OAUTH_CODE)).andStubReturn("test_code");
        expect(request.getParameter(OAuth.OAUTH_CLIENT_SECRET)).andStubReturn("secret");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }
        verify(request);

        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(GrantType.AUTHORIZATION_CODE.toString());
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("client_id");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback");
        expect(request.getParameter(OAuth.OAUTH_CODE)).andStubReturn(null);
        expect(request.getParameter(OAuth.OAUTH_CLIENT_SECRET)).andStubReturn("secret");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }
View Full Code Here

        expect(request.getParameter(OAuth.OAUTH_USERNAME)).andStubReturn(null);
        expect(request.getParameter(OAuth.OAUTH_PASSWORD)).andStubReturn("test_password");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }
        verify(request);

        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(GrantType.PASSWORD.toString());
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("client_id");
        expect(request.getParameter(OAuth.OAUTH_USERNAME)).andStubReturn("test_username");
        expect(request.getParameter(OAuth.OAUTH_PASSWORD)).andStubReturn("");
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://www.example.com/red");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }

        verify(request);

        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(GrantType.PASSWORD.toString());
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://www.example.com/red");

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn(null);
        expect(request.getParameter(OAuth.OAUTH_USERNAME)).andStubReturn("test_username");
        expect(request.getParameter(OAuth.OAUTH_PASSWORD)).andStubReturn("test_password");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }
View Full Code Here

        expect(request.getParameter(OAuth.OAUTH_REFRESH_TOKEN)).andStubReturn(null);
        expect(request.getParameter(OAuth.OAUTH_CLIENT_SECRET)).andStubReturn("secret");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }

        verify(request);

        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(GrantType.REFRESH_TOKEN.toString());
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://www.example.com/red");

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("");
        expect(request.getParameter(OAuth.OAUTH_REFRESH_TOKEN)).andStubReturn("refresh_token");
        expect(request.getParameter(OAuth.OAUTH_CLIENT_SECRET)).andStubReturn("secret");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }

        verify(request);

        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(GrantType.REFRESH_TOKEN.toString());
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://www.example.com/red");

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn(null);
        expect(request.getParameter(OAuth.OAUTH_REFRESH_TOKEN)).andStubReturn(null);
        expect(request.getParameter(OAuth.OAUTH_CLIENT_SECRET)).andStubReturn("secret");
        replay(request);

        try {
            new OAuthTokenRequest(request);
            fail("Exception expected");
        } catch (OAuthProblemException e) {
            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
        }
View Full Code Here

        expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback");
        expect(request.getParameter(OAuth.OAUTH_CODE)).andStubReturn("test_code");
        expect(request.getParameter(OAuth.OAUTH_CLIENT_SECRET)).andStubReturn("test_secret");
        replay(request);

        OAuthTokenRequest req = null;
        try {
            req = new OAuthTokenRequest(request);

        } catch (OAuthProblemException e) {
            fail("Exception not expected");
        }
        Assert.assertEquals(GrantType.AUTHORIZATION_CODE.toString(), req.getGrantType());
        Assert.assertEquals("test_client", req.getClientId());
        Assert.assertEquals("http://example.com/callback", req.getRedirectURI());
        Assert.assertEquals("test_code", req.getCode());

        verify(request);
        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(GrantType.PASSWORD.toString());
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("client_id");
        expect(request.getParameter(OAuth.OAUTH_USERNAME)).andStubReturn("username_test");
        expect(request.getParameter(OAuth.OAUTH_PASSWORD)).andStubReturn("test_password");
        replay(request);

        try {
            req = new OAuthTokenRequest(request);

        } catch (OAuthProblemException e) {
            fail("Exception not expected");
        }
        Assert.assertEquals("client_id", req.getClientId());
        Assert.assertEquals("username_test", req.getUsername());
        Assert.assertEquals("test_password", req.getPassword());

        verify(request);
        reset(request);

        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE)).andStubReturn(GrantType.CLIENT_CREDENTIALS.toString());
        replay(request);

        try {
            req = new OAuthTokenRequest(request);

        } catch (OAuthProblemException e) {
            fail("Exception not expected");
        }
//        Assert.assertEquals("test_assertion", req.getAssertion());
//        Assert.assertEquals("test_type", req.getAssertionType());

        verify(request);
        reset(request);

        expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE))
            .andStubReturn(GrantType.REFRESH_TOKEN.toString());
        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);

        expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("client_id");
        expect(request.getParameter(OAuth.OAUTH_REFRESH_TOKEN)).andStubReturn("refresh_token");
        expect(request.getParameter(OAuth.OAUTH_CLIENT_SECRET)).andStubReturn("secret");
        replay(request);

        try {
            req = new OAuthTokenRequest(request);

        } catch (OAuthProblemException e) {
            fail("Exception not expected");
        }
        Assert.assertEquals("client_id", req.getClientId());
        Assert.assertEquals("refresh_token", req.getRefreshToken());
        Assert.assertEquals("secret", req.getClientSecret());

        verify(request);


    }
View Full Code Here

            //生成授权码
            String authorizationCode = null;
            //responseType目前仅支持CODE,另外还有TOKEN
            String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE);
            if (responseType.equals(ResponseType.CODE.toString())) {
                OAuthIssuerImpl oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
                authorizationCode = oauthIssuerImpl.authorizationCode();
                oAuthService.addAuthCode(authorizationCode, username);
            }

            //进行OAuth响应构建
View Full Code Here

                    return new ResponseEntity(response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));
                }
            }

            //生成Access Token
            OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
            final String accessToken = oauthIssuerImpl.accessToken();
            oAuthService.addAccessToken(accessToken, oAuthService.getUsernameByAuthCode(authCode));


            //生成OAuth响应
View Full Code Here

TOP

Related Classes of org.apache.oltu.oauth2.as.request.OAuthTokenRequest

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.