Package org.jboss.resteasy.skeleton.key.representations

Examples of org.jboss.resteasy.skeleton.key.representations.SkeletonKeyToken

270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
      }
      else
      {
         if (!oauth.resolveCode(code)) return;

         SkeletonKeyToken token = oauth.getToken();
         Set<String> roles = null;
         if (resourceMetadata.getResourceName() != null)
         {
            SkeletonKeyToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName());
            if (access != null) roles = access.getRoles();
         }
         else
         {
            SkeletonKeyToken.Access access = token.getRealmAccess();
            if (access != null) roles = access.getRoles();
         }
         SkeletonKeyPrincipal skp = new SkeletonKeyPrincipal(token.getPrincipal(), null);
         GenericPrincipal principal = new CatalinaSecurityContextHelper().createPrincipal(context.getRealm(), skp, roles);
         Session session = request.getSessionInternal(true);
         session.setPrincipal(principal);
         session.setAuthType("OAUTH");
         if (!remoteSkeletonKeyConfig.isCancelPropagation())
         {
            SkeletonKeySession skSession = new SkeletonKeySession(oauth.getTokenString(), realmConfiguration.getMetadata());
            session.setNote(SkeletonKeySession.class.getName(), skSession);
         }

         String username = token.getPrincipal();
         log.debug("userSessionManage.login: " + username);
         userSessionManagement.login(session, username);
      }
   }
View Full Code Here
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
      {

      }
      if (!verified) throw new VerificationException("Token signature not validated");

      SkeletonKeyToken token = null;
      try
      {
         token = JsonSerialization.fromBytes(SkeletonKeyToken.class, input.getContent());
      }
      catch (IOException e)
      {
         throw new VerificationException(e);
      }
      if (!token.isActive())
      {
         throw new VerificationException("Token is not active.");
      }
      String user = token.getPrincipal();
      if (user == null)
      {
         throw new VerificationException("Token user was null");
      }
      if (!realm.equals(token.getAudience()))
      {
         throw new VerificationException("Token audience doesn't match domain");

      }
      return token;
View Full Code Here
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
   }

   @Test
   public void testToken() throws Exception
   {
      SkeletonKeyToken token = new SkeletonKeyToken();
      token.id("111");
      token.addAccess("foo").addRole("admin");
      token.addAccess("bar").addRole("user");

      String json = JsonSerialization.toString(token, true);
      System.out.println(json);

      token = JsonSerialization.fromString(SkeletonKeyToken.class, json);
      Assert.assertEquals("111", token.getId());
      SkeletonKeyToken.Access foo = token.getResourceAccess("foo");
      Assert.assertNotNull(foo);
      Assert.assertTrue(foo.isUserInRole("admin"));

   }
View Full Code Here
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
   }

   @Test
   public void testRSA() throws Exception
   {
      SkeletonKeyToken token = new SkeletonKeyToken();
      token.id("111");
      token.addAccess("foo").addRole("admin");
      token.addAccess("bar").addRole("user");

      KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
      byte[] tokenBytes = JsonSerialization.toByteArray(token, true);

      String encoded = new JWSBuilder()
              .content(tokenBytes)
              .rsa256(keyPair.getPrivate());

      System.out.println(encoded);

      JWSInput input = new JWSInput(encoded);
      byte[] content = input.getContent();

      token = JsonSerialization.fromBytes(SkeletonKeyToken.class, content);
      Assert.assertEquals("111", token.getId());
      Assert.assertTrue(RSAProvider.verify(input, keyPair.getPublic()));
   }
View Full Code Here
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
      String tokenString = split[1];


      try
      {
         SkeletonKeyToken token = RSATokenVerifier.verifyToken(tokenString, resourceMetadata);
         SkeletonKeySession skSession = new SkeletonKeySession(tokenString, resourceMetadata);
         ResteasyProviderFactory.pushContext(SkeletonKeySession.class, skSession);
         String callerPrincipal = securityContext.getUserPrincipal() != null ? securityContext.getUserPrincipal().getName() : null;

         final SkeletonKeyPrincipal principal = new SkeletonKeyPrincipal(token.getPrincipal(), callerPrincipal);
         final boolean isSecure = securityContext.isSecure();
         final SkeletonKeyToken.Access access;
         if (resourceMetadata.getResourceName() != null)
         {
            access = token.getResourceAccess(resourceMetadata.getResourceName());
         }
         else
         {
            access = token.getRealmAccess();
         }
         SecurityContext ctx = new SecurityContext()
         {
            @Override
            public Principal getUserPrincipal()
View Full Code Here
81
82
83
84
85
86
87
88
89
90
      metadata = new ResourceMetadata();
      metadata.setResourceName("service");
      metadata.setRealm("domain");
      metadata.setRealmKey(idpPair.getPublic());

      token = new SkeletonKeyToken();
      token.principal("CN=Client")
              .audience("domain")
              .addAccess("service").addRole("admin");
   }
View Full Code Here
115
116
117
118
119
120
121
122
123
      byte[] tokenBytes = JsonSerialization.toByteArray(token, false);

      String encoded = new JWSBuilder()
              .content(tokenBytes)
              .rsa256(idpPair.getPrivate());
      SkeletonKeyToken token =  RSATokenVerifier.verifyToken(encoded, metadata);
      Assert.assertTrue(token.getResourceAccess("service").getRoles().contains("admin"));
      Assert.assertEquals("CN=Client", token.getPrincipal());
   }
View Full Code Here
154
155
156
157
158
159
160
161
162
163
164
      String encoded = new JWSBuilder()
              .content(tokenBytes)
              .rsa256(badPair.getPrivate());

      SkeletonKeyToken v = null;
      try
      {
         v = RSATokenVerifier.verifyToken(encoded, metadata);
         Assert.fail();
      }
View Full Code Here
175
176
177
178
179
180
181
182
183
184
185
      String encoded = new JWSBuilder()
              .content(tokenBytes)
              .rsa256(idpPair.getPrivate());

      SkeletonKeyToken v = null;
      try
      {
         v = RSATokenVerifier.verifyToken(encoded, metadata);
      }
      catch (VerificationException ignored)
View Full Code Here
196
197
198
199
200
201
202
203
204
205
206
      String encoded = new JWSBuilder()
              .content(tokenBytes)
              .rsa256(idpPair.getPrivate());

      SkeletonKeyToken v = null;
      try
      {
         v = RSATokenVerifier.verifyToken(encoded, metadata);
         Assert.fail();
      }
View Full Code Here
TOP

Related Classes of org.jboss.resteasy.skeleton.key.representations.SkeletonKeyToken

  • org.jboss.resteasy.skeleton.key.as7.OAuthAuthenticationServerValve
  • org.jboss.resteasy.skeleton.key.as7.OAuthManagedResourceValve
  • org.jboss.resteasy.skeleton.key.idm.service.TokenManagement
  • org.jboss.resteasy.skeleton.key.jaxrs.JaxrsBearerTokenFilter
  • org.jboss.resteasy.skeleton.key.RSATokenVerifier
  • org.jboss.resteasy.test.skeleton.key.GrantTest
  • org.jboss.resteasy.test.skeleton.key.LoginTest
  • org.jboss.resteasy.test.skeleton.key.RSAVerifierTest
  • org.jboss.resteasy.test.skeleton.key.SkeletonKeyTokenTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.