Examples with ChallengeResponse org.restlet.data.ChallengeResponse used on opensource projects

Search in sources :

Example 11 with ChallengeResponse

use of org.restlet.data.ChallengeResponse in project qi4j-sdk by Qi4j.

the class ContextResourceClient method invokeQuery.

private HandlerCommand invokeQuery(Reference ref, Object queryRequest, ResponseHandler resourceHandler, ResponseHandler processingErrorHandler) {
    Request request = new Request(Method.GET, ref);
    if (queryRequest != null) {
        contextResourceFactory.writeRequest(request, queryRequest);
    }
    contextResourceFactory.updateQueryRequest(request);
    User user = request.getClientInfo().getUser();
    if (user != null)
        request.setChallengeResponse(new ChallengeResponse(ChallengeScheme.HTTP_BASIC, user.getName(), user.getSecret()));
    Response response = new Response(request);
    contextResourceFactory.getClient().handle(request, response);
    if (response.getStatus().isSuccess()) {
        contextResourceFactory.updateCache(response);
        return resourceHandler.handleResponse(response, this);
    } else if (response.getStatus().isRedirection()) {
        Reference redirectedTo = response.getLocationRef();
        return invokeQuery(redirectedTo, queryRequest, resourceHandler, processingErrorHandler);
    } else {
        if (response.getStatus().equals(Status.CLIENT_ERROR_UNPROCESSABLE_ENTITY) && processingErrorHandler != null) {
            return processingErrorHandler.handleResponse(response, this);
        } else {
            // TODO This needs to be expanded to allow custom handling of all the various cases
            return errorHandler.handleResponse(response, this);
        }
    }
}
Also used : ChallengeResponse(org.restlet.data.ChallengeResponse) Response(org.restlet.Response) User(org.restlet.security.User) Reference(org.restlet.data.Reference) Request(org.restlet.Request) ChallengeResponse(org.restlet.data.ChallengeResponse)

Example 12 with ChallengeResponse

use of org.restlet.data.ChallengeResponse in project qi4j-sdk by Qi4j.

the class RootResource method administration.

@SubResource
public void administration() {
    ChallengeResponse challenge = Request.getCurrent().getChallengeResponse();
    if (challenge == null) {
        Response.getCurrent().setChallengeRequests(Collections.singletonList(new ChallengeRequest(ChallengeScheme.HTTP_BASIC, "Forum")));
        throw new ResourceException(Status.CLIENT_ERROR_UNAUTHORIZED);
    }
    User user = module.currentUnitOfWork().newQuery(module.newQueryBuilder(User.class).where(QueryExpressions.eq(QueryExpressions.templateFor(User.class).name(), challenge.getIdentifier()))).find();
    if (user == null || !user.isCorrectPassword(new String(challenge.getSecret()))) {
        throw new ResourceException(Status.CLIENT_ERROR_UNAUTHORIZED);
    }
    current().select(user);
    subResource(AdministrationResource.class);
}
Also used : User(org.qi4j.samples.forum.data.entity.User) ResourceException(org.restlet.resource.ResourceException) ChallengeRequest(org.restlet.data.ChallengeRequest) ChallengeResponse(org.restlet.data.ChallengeResponse) SubResource(org.qi4j.library.rest.server.api.SubResource)

Example 13 with ChallengeResponse

use of org.restlet.data.ChallengeResponse in project OpenAM by OpenRock.

the class AccessTokenProtectionFilterTest method testBeforeHandleWithServerException.

@Test
public void testBeforeHandleWithServerException() throws Exception {
    //Given
    Request req = mock(Request.class);
    Response resp = mock(Response.class);
    OAuth2Request oAuth2Request = mock(OAuth2Request.class);
    when(requestFactory.create(req)).thenReturn(oAuth2Request);
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
    challengeResponse.setRawValue("tokenId");
    when(req.getChallengeResponse()).thenReturn(challengeResponse);
    when(tokenStore.readAccessToken(oAuth2Request, "tokenId")).thenThrow(ServerException.class);
    //When
    int result = filter.beforeHandle(req, resp);
    //Then
    assertThat(result).isEqualTo(Filter.STOP);
    ArgumentCaptor<Status> statusCaptor = ArgumentCaptor.forClass(Status.class);
    verify(resp).setStatus(statusCaptor.capture());
    Status status = statusCaptor.getValue();
    assertThat(status.getThrowable()).isInstanceOf(ServerException.class);
}
Also used : ChallengeResponse(org.restlet.data.ChallengeResponse) Response(org.restlet.Response) Status(org.restlet.data.Status) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) Test(org.testng.annotations.Test)

Example 14 with ChallengeResponse

use of org.restlet.data.ChallengeResponse in project OpenAM by OpenRock.

the class AccessTokenProtectionFilterTest method testBeforeHandle.

@Test
public void testBeforeHandle() throws Exception {
    //Given
    Request req = mock(Request.class);
    OAuth2Request oAuth2Request = mock(OAuth2Request.class);
    when(requestFactory.create(req)).thenReturn(oAuth2Request);
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
    challengeResponse.setRawValue("tokenId");
    when(req.getChallengeResponse()).thenReturn(challengeResponse);
    AccessToken accessToken = new AccessToken(json(object(field("id", "tokenId"), field("tokenName", "access_token"), field("scope", asSet("a", REQUIRED_SCOPE)), field("expireTime", System.currentTimeMillis() + 5000))));
    when(tokenStore.readAccessToken(oAuth2Request, "tokenId")).thenReturn(accessToken);
    //When
    int result = filter.beforeHandle(req, null);
    //Then
    assertThat(result).isEqualTo(Filter.CONTINUE);
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessToken(org.forgerock.oauth2.core.AccessToken) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) Test(org.testng.annotations.Test)

Example 15 with ChallengeResponse

use of org.restlet.data.ChallengeResponse in project OpenAM by OpenRock.

the class AccessTokenProtectionFilterTest method testBeforeHandleWithoutScope.

@Test
public void testBeforeHandleWithoutScope() throws Exception {
    //Given
    Request req = mock(Request.class);
    Response resp = mock(Response.class);
    OAuth2Request oAuth2Request = mock(OAuth2Request.class);
    when(requestFactory.create(req)).thenReturn(oAuth2Request);
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
    challengeResponse.setRawValue("tokenId");
    when(req.getChallengeResponse()).thenReturn(challengeResponse);
    AccessToken accessToken = new AccessToken(json(object(field("id", "tokenId"), field("tokenName", "access_token"), field("scope", asSet("a")), field("expireTime", System.currentTimeMillis() + 5000))));
    when(tokenStore.readAccessToken(oAuth2Request, "tokenId")).thenReturn(accessToken);
    //When
    int result = filter.beforeHandle(req, resp);
    //Then
    assertThat(result).isEqualTo(Filter.STOP);
    ArgumentCaptor<Status> statusCaptor = ArgumentCaptor.forClass(Status.class);
    verify(resp).setStatus(statusCaptor.capture());
    Status status = statusCaptor.getValue();
    assertThat(status.getThrowable()).isInstanceOf(InsufficientScopeException.class);
}
Also used : ChallengeResponse(org.restlet.data.ChallengeResponse) Response(org.restlet.Response) Status(org.restlet.data.Status) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessToken(org.forgerock.oauth2.core.AccessToken) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) Test(org.testng.annotations.Test)

Aggregations

ChallengeResponse (org.restlet.data.ChallengeResponse)26 OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)17 Request (org.restlet.Request)15 Test (org.testng.annotations.Test)9 AccessToken (org.forgerock.oauth2.core.AccessToken)8 Response (org.restlet.Response)8 Status (org.restlet.data.Status)5 HttpRequest (org.restlet.engine.adapter.HttpRequest)5 InvalidGrantException (org.forgerock.oauth2.core.exceptions.InvalidGrantException)4 NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)4 ServerException (org.forgerock.oauth2.core.exceptions.ServerException)4 AccessTokenVerifier (org.forgerock.oauth2.core.AccessTokenVerifier)3 ApiAccessToken (cbit.vcell.modeldb.ApiAccessToken)2 SQLException (java.sql.SQLException)2 Form (org.restlet.data.Form)2 Representation (org.restlet.representation.Representation)2 ApiClient (cbit.vcell.modeldb.ApiClient)1 ParseException (java.text.ParseException)1 Collection (java.util.Collection)1 HashSet (java.util.HashSet)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial