Package org.surfnet.oaaas.auth.OAuth2Validator

Examples of org.surfnet.oaaas.auth.OAuth2Validator.ValidationResponse


  @Test
  public void testClientCredentialsTokenRequest() {
    AccessTokenRequest accessTokenRequest = new AccessTokenRequest();
    accessTokenRequest.setGrantType(OAuth2Validator.GRANT_TYPE_CLIENT_CREDENTIALS);
    accessTokenRequest.setClientId(client.getClientId());
    ValidationResponse response = validator.validate(accessTokenRequest,
        BasicAuthCredentials.createCredentialsFromHeader(null));
    assertEquals(ValidationResponse.CLIENT_CREDENTIALS_NOT_PERMITTED, response);
    assertNull(accessTokenRequest.getClient());

    client.setAllowedClientCredentials(true);
View Full Code Here


    client.setScopes(Arrays.asList("read","update"));
    return client;
  }

  private void validate(ValidationResponse expected) {
    ValidationResponse response = validator.validate(request);
    assertEquals(expected, response);
  }
View Full Code Here

    try {
      client = validateClient(credentials);
      List<String> params = formParameters.get("token");
      accessToken = CollectionUtils.isEmpty(params) ? null : params.get(0);
    } catch (ValidationResponseException e) {
      ValidationResponse validationResponse = e.v;
      return Response.status(Status.BAD_REQUEST).entity(new ErrorResponse(validationResponse.getValue(), validationResponse.getDescription())).build();
    }
    AccessToken token = accessTokenRepository.findByTokenAndClient(accessToken, client);
    if (token == null) {
      LOG.info("Access token {} not found for client '{}'. Will return OK however.", accessToken, client.getClientId());
      return Response.ok().build();
View Full Code Here

    /*
     * Create an authorizationRequest from the request parameters.
     * This can be either a valid or an invalid request, which will be determined by the oAuth2Validator.
     */
    AuthorizationRequest authorizationRequest = extractAuthorizationRequest(request);
    final ValidationResponse validationResponse = oAuth2Validator.validate(authorizationRequest);

    if (authenticator.canCommence(request)) {
      /*
      * Ok, the authenticator wants to have control again (because he stepped
      * out)
      */
      authenticator.doFilter(request, response, chain);
    } else if (validationResponse.valid()) {
      // Request contains correct parameters to be a real OAuth2 request.
      handleInitialRequest(authorizationRequest, request);
      authenticator.doFilter(request, response, chain);
    } else {
      // not an initial request but authentication module cannot handle it either
View Full Code Here

TOP

Related Classes of org.surfnet.oaaas.auth.OAuth2Validator.ValidationResponse

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.