Package org.openmhealth.reference.domain

Examples of org.openmhealth.reference.domain.AuthorizationCode

613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
    // reason, an exception will be thrown and the page will echo back the
    // reason.
    User user = AuthenticationRequest.getUser(username, password);
   
    // Get the authorization code.
    AuthorizationCode authCode =
      AuthorizationCodeBin.getInstance().getCode(code);
    // If the code is unknown, we cannot redirect back to the third-party
    // because we don't know who they are.
    if(authCode == null) {
      throw new OmhException("The authorization code is unknown.");
    }
   
    // Verify that the code has not yet expired.
    if(System.currentTimeMillis() > authCode.getExpirationTime()) {
      response
        .sendRedirect(
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(CodeResponse.ACCESS_DENIED)
            .setErrorDescription("The code has expired.")
            .location(
              authCode
                .getThirdParty().getRedirectUri().toString())
            .setState(authCode.getState())
            .buildQueryMessage()
            .getLocationUri());
      return;
    }
   
    // Get the response if it already exists.
    AuthorizationCodeResponse codeResponse =
      AuthorizationCodeResponseBin.getInstance().getResponse(code);
   
    // If the response does not exist, attempt to create a new one and
    // save it.
    if(codeResponse == null) {
      // Create the new code.
      codeResponse =
        new AuthorizationCodeResponse(authCode, user, granted);
     
      // Store it.
      AuthorizationCodeResponseBin
        .getInstance().storeVerification(codeResponse);
    }
    // Make sure it is being verified by the same user.
    else if(
      ! user
        .getUsername().equals(codeResponse.getOwner().getUsername())) {
     
      response
        .sendRedirect(
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_UNAUTHORIZED)
            .setError(CodeResponse.ACCESS_DENIED)
            .setErrorDescription(
              "The code has already been verified by another " +
                "user.")
            .location(
              authCode
                .getThirdParty().getRedirectUri().toString())
            .setState(authCode.getState())
            .buildQueryMessage()
            .getLocationUri());
    }
    // Make sure the same grant response is being made.
    else if(granted == codeResponse.getGranted()) {
      response
        .sendRedirect(
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_UNAUTHORIZED)
            .setError(CodeResponse.ACCESS_DENIED)
            .setErrorDescription(
              "The user has re-submitted the same " +
                "authorization code twice with competing " +
                "grant values.")
            .location(
              authCode
                .getThirdParty().getRedirectUri().toString())
            .setState(authCode.getState())
            .buildQueryMessage()
            .getLocationUri());
    }
    // Otherwise, this is simply a repeat of the same request as before,
    // and we can simply ignore it.
   
    // Redirect the user back to the third-party with the authorization
    // code and state.
    response
      .sendRedirect(
        OAuthASResponse
          .authorizationResponse(
            request,
            HttpServletResponse.SC_OK)
          .location(
            authCode.getThirdParty().getRedirectUri().toString())
          .setCode(authCode.getCode())
          .setParam("state", authCode.getState())
          .buildQueryMessage()
          .getLocationUri());
  }
View Full Code Here
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }
     
      // Attempt to lookup the actual AuthorizationCode object.
      AuthorizationCode code =
        AuthorizationCodeBin.getInstance().getCode(codeString);
      // If the code doesn't exist, reject the request.
      if(code == null) {
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(TokenResponse.INVALID_REQUEST)
            .setErrorDescription(
              "The given authorization code is unknown: " +
                codeString)
            .buildJSONMessage();
       
        // Set the status and return the error message.
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }
     
      // Verify that the client asking for a token is the same as the one
      // that requested the code.
      if(! code.getThirdParty().getId().equals(thirdParty.getId())) {
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(TokenResponse.INVALID_REQUEST)
            .setErrorDescription(
              "This client is not allowed to reference this " +
                "code: " +
                codeString)
            .buildJSONMessage();
       
        // Set the status and return the error message.
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }

      // If the code has expired, reject the request.
      if(System.currentTimeMillis() > code.getExpirationTime()) {
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(TokenResponse.INVALID_REQUEST)
            .setErrorDescription(
              "The given authorization code has expired: " +
                codeString)
            .buildJSONMessage();
       
        // Set the status and return the error message.
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }
     
      // Use the code to lookup the response information and error out if
      // a user has not yet verified it.
      AuthorizationCodeResponse codeResponse =
        AuthorizationCodeResponseBin
          .getInstance().getResponse(code.getCode());
      if(codeResponse == null) {
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
View Full Code Here
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
        return oauthResponse.getBody();
      }
    }
   
    // Create the temporary code to be granted or rejected by the user.
    AuthorizationCode code =
      new AuthorizationCode(
        thirdParty,
        oauthRequest.getScopes(),
        oauthRequest.getState());
   
    // Store the authorization code.
    AuthorizationCodeBin.getInstance().storeCode(code);
   
    // Build the scope as specified by the OAuth specification.
    StringBuilder scopeBuilder = new StringBuilder();
    for(String scope : code.getScopes()) {
      // Add a space unless it's the first entity.
      if(scopeBuilder.length() != 0) {
        scopeBuilder.append(' ');
      }
      // Add the scope.
      scopeBuilder.append(scope);
    }
   
    // Set the redirect.
    response
      .sendRedirect(
        OAuthASResponse
          .authorizationResponse(
            request,
            HttpServletResponse.SC_FOUND)
          .setCode(code.getCode())
          .location("Authorize.html")
          .setScope(scopeBuilder.toString())
          .setParam(ThirdParty.JSON_KEY_NAME, thirdParty.getName())
          .setParam(
            ThirdParty.JSON_KEY_DESCRIPTION,
View Full Code Here
208
209
210
211
212
213
214
215
216
217
218
                      "The Set class is unknown.",
                      e);
                }
               
                return
                  new AuthorizationCode(
                    resultSet
                      .getString(ThirdParty.JSON_KEY_ID),
                    resultSet
                      .getString(
                        AuthorizationCode
View Full Code Here
TOP

Related Classes of org.openmhealth.reference.domain.AuthorizationCode

  • org.joda.time.DateTime
  • org.openmhealth.reference.data.sql.SqlAuthorizationCodeBin
  • org.openmhealth.reference.servlet.Version1
  • org.openmhealth.reference.exception.OmhException
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.