Package org.apache.oltu.oauth2.common.message

Examples of org.apache.oltu.oauth2.common.message.OAuthMessage

51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
        params.put("empty_param", "");
        params.put("null_param", null);
        params.put("", "some_value");
        params.put(null, "some_value");

        OAuthMessage message = new DummyOAuthMessage("http://www.example.com/rd", 200);

        app.applyOAuthParameters(message, params);

        String body = message.getBody();
        Assert.assertTrue(body.contains("3600"));
        Assert.assertTrue(body.contains("token_authz"));
        Assert.assertTrue(body.contains("code_"));
        Assert.assertTrue(body.contains("read"));
        Assert.assertTrue(body.contains("state"));
View Full Code Here
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
        params.put(OAuth.OAUTH_SCOPE, "read");
        params.put(OAuth.OAUTH_STATE, "state");
        params.put("empty_param", "");
        params.put("null_param", null);

        OAuthMessage message = new DummyOAuthMessage("http://www.example.com/rd", 200);

        app.applyOAuthParameters(message, params);

        String locationURI = message.getLocationUri();
        Assert.assertTrue(locationURI.contains("3600"));
        Assert.assertTrue(locationURI.contains("token_authz"));
        Assert.assertTrue(locationURI.contains("code_"));
        Assert.assertTrue(locationURI.contains("read"));
        Assert.assertTrue(locationURI.contains("state"));
View Full Code Here
52
53
54
55
56
57
58
59
60
61
62
63
64
65
        params.put("empty_param", "");
        params.put("null_param", null);
        params.put("", "some_value");
        params.put(null, "some_value");

        OAuthMessage message = new DummyOAuthMessage("http://www.example.com/rd", 200);
        app.applyOAuthParameters(message, params);

        String msgBody = message.getBody();
        Map<String, Object> map = JSONUtils.parseJSON(msgBody);
        Assert.assertEquals(3600, map.get(OAuth.OAUTH_EXPIRES_IN));
        Assert.assertEquals("token_authz", map.get(OAuth.OAUTH_ACCESS_TOKEN));
        Assert.assertEquals("code_", map.get(OAuth.OAUTH_CODE));
        Assert.assertEquals("read", map.get(OAuth.OAUTH_SCOPE));
View Full Code Here
80
81
82
83
84
85
86
87
88
89
90
            //生成授权码
            String authorizationCode = null;
            //responseType目前仅支持CODE,另外还有TOKEN
            String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE);
            if (responseType.equals(ResponseType.CODE.toString())) {
                OAuthIssuerImpl oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
                authorizationCode = oauthIssuerImpl.authorizationCode();
                oAuthService.addAuthCode(authorizationCode, username);
            }

            //进行OAuth响应构建
View Full Code Here
80
81
82
83
84
85
86
87
88
89
90
                    return new ResponseEntity(response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));
                }
            }

            //生成Access Token
            OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
            final String accessToken = oauthIssuerImpl.accessToken();
            oAuthService.addAccessToken(accessToken, oAuthService.getUsernameByAuthCode(authCode));


            //生成OAuth响应
View Full Code Here
80
81
82
83
84
85
86
87
88
89
90
91
                    return new ResponseEntity(response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));
                }
            }

            //生成Access Token
            OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
            final String accessToken = oauthIssuerImpl.accessToken();
            oAuthService.addAccessToken(accessToken, oAuthService.getUsernameByAuthCode(authCode));


            //生成OAuth响应
            OAuthResponse response = OAuthASResponse
View Full Code Here
80
81
82
83
84
85
86
87
88
89
90
91
            //生成授权码
            String authorizationCode = null;
            //responseType目前仅支持CODE,另外还有TOKEN
            String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE);
            if (responseType.equals(ResponseType.CODE.toString())) {
                OAuthIssuerImpl oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
                authorizationCode = oauthIssuerImpl.authorizationCode();
                oAuthService.addAuthCode(authorizationCode, username);
            }

            //进行OAuth响应构建
            OAuthASResponse.OAuthAuthorizationResponseBuilder builder =
View Full Code Here
80
81
82
83
84
85
86
87
88
89
90
91
                    return new ResponseEntity(response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));
                }
            }

            //生成Access Token
            OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
            final String accessToken = oauthIssuerImpl.accessToken();
            oAuthService.addAccessToken(accessToken, oAuthService.getUsernameByAuthCode(authCode));


            //生成OAuth响应
            OAuthResponse response = OAuthASResponse
View Full Code Here
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
            HttpServletRequest request)
            throws URISyntaxException, OAuthSystemException {

        try {
            //构建OAuth 授权请求
            OAuthAuthzRequest oauthRequest = new OAuthAuthzRequest(request);

            //检查传入的客户端id是否正确
            if (!oAuthService.checkClientId(oauthRequest.getClientId())) {
                OAuthResponse response =
                        OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                                .setError(OAuthError.TokenResponse.INVALID_CLIENT)
                                .setErrorDescription(Constants.INVALID_CLIENT_DESCRIPTION)
                                .buildJSONMessage();
                return new ResponseEntity(response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));
            }


            Subject subject = SecurityUtils.getSubject();
            //如果用户没有登录,跳转到登陆页面
            if(!subject.isAuthenticated()) {
                if(!login(subject, request)) {//登录失败时跳转到登陆页面
                    model.addAttribute("client", clientService.findByClientId(oauthRequest.getClientId()));
                    return "oauth2login";
                }
            }

            String username = (String)subject.getPrincipal();
            //生成授权码
            String authorizationCode = null;
            //responseType目前仅支持CODE,另外还有TOKEN
            String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE);
            if (responseType.equals(ResponseType.CODE.toString())) {
                OAuthIssuerImpl oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
                authorizationCode = oauthIssuerImpl.authorizationCode();
                oAuthService.addAuthCode(authorizationCode, username);
            }

            //进行OAuth响应构建
            OAuthASResponse.OAuthAuthorizationResponseBuilder builder =
                    OAuthASResponse.authorizationResponse(request, HttpServletResponse.SC_FOUND);
            //设置授权码
            builder.setCode(authorizationCode);
            //得到到客户端重定向地址
            String redirectURI = oauthRequest.getParam(OAuth.OAUTH_REDIRECT_URI);

            //构建响应
            final OAuthResponse response = builder.location(redirectURI).buildQueryMessage();

            //根据OAuthResponse返回ResponseEntity响应
View Full Code Here
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
    public @ResponseBody String receiveAuthorizationCodeRequest(final HttpServletRequest request,
                                                                final HttpServletResponse response)
            throws IOException, OAuthSystemException {

        // Create the OAuth request from the HTTP request.
        OAuthAuthzRequest oauthRequest;
        try {
            oauthRequest = new OAuthAuthzRequest(request);
        }
        // The request does not conform to the RFC, so we return a HTTP 400
        // with a reason.
        catch (OAuthProblemException e) {
            // Create the OAuth response.
            OAuthResponse oauthResponse = OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST).error(e)
                    .buildJSONMessage();

            // Set the status and return the error message.
            response.setStatus(oauthResponse.getResponseStatus());
            return oauthResponse.getBody();
        }

        // Validate that the user is requesting a "code" response type, which
        // is the only response type we accept.
        try {
            if (!ResponseType.CODE.toString().equals(oauthRequest.getResponseType())) {
                // Create the OAuth response.
                OAuthResponse oauthResponse = OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                        .setError(OAuthError.CodeResponse.UNSUPPORTED_RESPONSE_TYPE)
                        .setErrorDescription("The response type must be '" +
                                             ResponseType.CODE.toString() +
                                             "' but was instead: "
                                             + oauthRequest.getResponseType())
                        .setState(oauthRequest.getState())
                        .buildJSONMessage();

                // Set the status and return the error message.
                response.setStatus(oauthResponse.getResponseStatus());
                return oauthResponse.getBody();
            }
        }
        catch (IllegalArgumentException e) {
            // Create the OAuth response.
            OAuthResponse oauthResponse = OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                    .setError(OAuthError.CodeResponse.UNSUPPORTED_RESPONSE_TYPE)
                    .setErrorDescription("The response type is unknown: " + oauthRequest.getResponseType())
                    .setState(oauthRequest.getState())
                    .buildJSONMessage();

            // Set the status and return the error message.
            response.setStatus(oauthResponse.getResponseStatus());
            return oauthResponse.getBody();
        }

        // Make sure a redirect URI was given.
        if (oauthRequest.getRedirectURI() == null) {
            // Create the OAuth response.
            OAuthResponse oauthResponse = OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                    .setError(OAuthError.CodeResponse.INVALID_REQUEST)
                    .setErrorDescription("A redirect URI must be given.")
                    .setState(oauthRequest.getState())
                    .buildJSONMessage();

            // Set the status and return the error message.
            response.setStatus(oauthResponse.getResponseStatus());
            return oauthResponse.getBody();
        }

        // Attempt to get the third-party.
        Application application = oAuth2MgmtService.getApplicationForClientId(oauthRequest.getClientId());
        // If the third-party is unknown, reject the request.
        if (application == null) {
            // Create the OAuth response.
            OAuthResponse oauthResponse = OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST).setError
                    (OAuthError.CodeResponse.INVALID_REQUEST).setErrorDescription(
                        "The client ID is unknown: " + oauthRequest.getClientId()
            ).setState(oauthRequest.getState()).buildJSONMessage();

            // Set the status and return the error message.
            response.setStatus(oauthResponse.getResponseStatus());
            return oauthResponse.getBody();
        }

        // Create the temporary code to be granted or rejected by the user.
        AuthorizationCode code = oAuth2MgmtService.issueAuthorizationCode(application.getId(),
                                                                          oauthRequest.getScopes(),
                                                                          oauthRequest.getState());

        // Set the redirect.
        response.sendRedirect(OAuthASResponse.authorizationResponse(request, HttpServletResponse.SC_FOUND)
                                      .setCode(code.code)
                                      .location("Authorize.html")
                                      //.setScope(scopeBuilder.toString())
                                      .setParam("name", application.name)
                                      .setParam("description", application.description)
                                      .setParam("redirectUri", oauthRequest.getRedirectURI())
                                      .buildQueryMessage().getLocationUri()
        );
        // Since we are redirecting the user, we don't need to return anything.
        return null;
    }
View Full Code Here
TOP

Related Classes of org.apache.oltu.oauth2.common.message.OAuthMessage

  • com.eviware.soapui.impl.rest.actions.oauth.OAuth2TokenExtractor
  • com.eviware.soapui.impl.rest.actions.oauth.OAuth2TokenExtractorTest$SpyingOauthClientStub
  • com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade
  • com.github.zhangkaitao.shiro.chapter17.web.controller.AccessTokenController
  • com.github.zhangkaitao.shiro.chapter17.web.controller.AuthorizeController
  • com.github.zhangkaitao.shiro.chapter17.web.controller.UserInfoController
  • com.github.zhangkaitao.shiro.chapter18.oauth2.OAuth2Realm
  • org.apache.cxf.jaxrs.JAXRSServerFactoryBean
  • org.apache.oltu.oauth2.as.issuer.MD5Generator
  • org.apache.oltu.oauth2.as.issuer.OAuthIssuer
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.