Examples of VerifyTokenResponse

Examples of org.surfnet.oaaas.model.VerifyTokenResponse

68
69
70
71
72
73
74
75
76
77
78
79
80
  public Optional<AuthenticatedPrincipal> authenticate(String accessToken) throws AuthenticationException {
    String json = client
        .resource(String.format(authorizationServerUrl.concat("?access_token=%s"), accessToken))
        .header(HttpHeaders.AUTHORIZATION, authorizationValue).accept("application/json")
        .get(String.class);
    final VerifyTokenResponse response;
    try {
      response = mapper.readValue(json, VerifyTokenResponse.class);
    } catch (IOException e) {
      throw new AuthenticationException("Could not parse JSON: "+ json, e);
    }
    return Optional.fromNullable(response.getPrincipal());
  }
View Full Code Here

Examples of org.surfnet.oaaas.model.VerifyTokenResponse

60
61
62
63
64
65
66
67
  public void happy() throws IOException {
    final ClientResponse response = client.resource(baseUrlWith("/v1/tokeninfo")).queryParam("access_token", "00-11-22-33")
        .header("Authorization", authorizationBasic("it-test-resource-server", "somesecret")).get(ClientResponse.class);
    assertEquals(200, response.getStatus());
    String json = response.getEntity(String.class);
    final VerifyTokenResponse verifyTokenResponse = objectMapper.readValue(json, VerifyTokenResponse.class);
    assertEquals("it-test-enduser", verifyTokenResponse.getPrincipal().getName());
  }
View Full Code Here

Examples of org.surfnet.oaaas.model.VerifyTokenResponse

48
49
50
51
52
53
54
55
56
57
  private ResourceOwnerRepository resourceOwnerRepository;

  @Before
  public void before() throws Exception {
    MockitoAnnotations.initMocks(this);
    VerifyTokenResponse verifyTokenResponse = new VerifyTokenResponse();
    verifyTokenResponse.setPrincipal(new AuthenticatedPrincipal("user"));
    verifyTokenResponse.setScopes(Arrays.asList("read"));
    when(request.getAttribute(AuthorizationServerFilter.VERIFY_TOKEN_RESPONSE)).thenReturn(verifyTokenResponse);
  }
View Full Code Here

Examples of org.surfnet.oaaas.model.VerifyTokenResponse

102
103
104
105
106
107
108
109
110
111
112
  @Test
  public void scopesShouldBeSubsetOfResourceServerScopes() {

    Client client = new Client();
    request.setAttribute(AuthorizationServerFilter.VERIFY_TOKEN_RESPONSE, new VerifyTokenResponse("",
        new ArrayList<String>(), new AuthenticatedPrincipal("user"), 0L));
    client.setScopes(Arrays.asList("Some", "arbitrary", "set"));
    client.setName("clientname");
    ResourceServer resourceServer = new ResourceServer();
    resourceServer.setScopes(Arrays.asList("read", "update", "delete"));
View Full Code Here

Examples of org.surfnet.oaaas.model.VerifyTokenResponse

47
48
49
50
51
52
53
54
55
56
  private AccessTokenRepository accessTokenRepository;

  @Before
  public void before() {
    MockitoAnnotations.initMocks(this);
    VerifyTokenResponse verifyTokenResponse = new VerifyTokenResponse();
    verifyTokenResponse.setPrincipal(new AuthenticatedPrincipal("user"));
    verifyTokenResponse.setScopes(Arrays.asList("read"));
    when(request.getAttribute(AuthorizationServerFilter.VERIFY_TOKEN_RESPONSE)).thenReturn(verifyTokenResponse);
  }
View Full Code Here

Examples of org.surfnet.oaaas.model.VerifyTokenResponse

246
247
248
249
250
251
252
253
254
255
256
     * The Access Token from the Client app as documented in
     * http://tools.ietf.org/html/draft-ietf-oauth-v2#section-7
     */
    final String accessToken = getAccessToken(request);
    if (accessToken != null) {
      VerifyTokenResponse tokenResponse = getVerifyTokenResponse(accessToken);
      if (isValidResponse(tokenResponse)) {
        request.setAttribute(VERIFY_TOKEN_RESPONSE, tokenResponse);
        chain.doFilter(request, response);
        return;
      }
View Full Code Here

Examples of org.surfnet.oaaas.model.VerifyTokenResponse

79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
   */
  @Test
  public void testDoFilterHappyFlow() throws IOException, ServletException {
    Map<String, String> attributes = new HashMap<String, String>();
    attributes.put("key", "value");
    VerifyTokenResponse recorderdResponse = new VerifyTokenResponse("org.surfnet.oaaas.conext.mock-client", Collections.singletonList("read"),
        new AuthenticatedPrincipal("john.doe", Arrays.asList("user", "admin"), attributes), 0L);
    MockFilterChain chain = doCallFilter(recorderdResponse);
    /*
     * Verify that the FilterChain#doFilter is called and the
     * VerifyTokenResponse is set on the Request
     */
    VerifyTokenResponse response = (VerifyTokenResponse) chain.getRequest().getAttribute(
        AuthorizationServerFilter.VERIFY_TOKEN_RESPONSE);
    assertEquals("value",response.getPrincipal().getAttributes().get("key"));
    assertEquals("*", ((MockHttpServletResponse)chain.getResponse()).getHeader("Access-Control-Allow-Origin"));


    /*
     * Also test the cache by repeating the call and setting the expected result
View Full Code Here

Examples of org.surfnet.oaaas.model.VerifyTokenResponse

257
258
259
260
261
262
263
264
265
266
267
    }
    sendError(response, HttpServletResponse.SC_FORBIDDEN, "OAuth2 endpoint");
  }

  protected VerifyTokenResponse getVerifyTokenResponse(String accessToken) {
    VerifyTokenResponse verifyTokenResponse = null;
    if (cacheAccessTokens()) {
      verifyTokenResponse = cache.getVerifyToken(accessToken);
      if (verifyTokenResponse != null) {
        return verifyTokenResponse;
      }
View Full Code Here

Examples of org.surfnet.oaaas.model.VerifyTokenResponse

111
112
113
114
115
116
117
118
119
120
121
   * @throws ServletException
   * @throws IOException
   */
  @Test
  public void testDoFilterWrongAccessToken() throws IOException, ServletException {
    VerifyTokenResponse recorderdResponse = new VerifyTokenResponse("wtf");
    MockHttpServletResponse response = new MockHttpServletResponse();
    MockFilterChain chain = doCallFilter(recorderdResponse, response);
    /*
     * Verify that the response is 403 and that the chain is stopped
     */
 
View Full Code Here

Examples of org.surfnet.oaaas.model.VerifyTokenResponse

87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
    }

    AccessToken token = accessTokenRepository.findByToken(accessToken);
    if (token == null || !resourceServer.containsClient(token.getClient())) {
      LOG.warn("Access token {} not found for resource server '{}'. Responding with 404 in VerifyResource#verifyToken for user {}", accessToken, resourceServer.getName(), credentials);
      return Response.status(Status.NOT_FOUND).entity(new VerifyTokenResponse("not_found")).build();
    }
    if (tokenExpired(token)) {
      LOG.warn("Token {} is expired. Responding with 410 in VerifyResource#verifyToken for user {}", accessToken, credentials);
      return Response.status(Status.GONE).entity(new VerifyTokenResponse("token_expired")).build();
    }

    final VerifyTokenResponse verifyTokenResponse = new VerifyTokenResponse(token.getClient().getName(),
            token.getScopes(), token.getPrincipal(), token.getExpires());

    if (LOG.isDebugEnabled()) {
      LOG.debug("Responding with 200 in VerifyResource#verifyToken for access token {} and user {}", accessToken, credentials);
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.