Search in sources :

Example 11 with OAuthException

use of com.apifest.oauth20.bean.OAuthException in project xian by happyyangyuan.

the class ScopeService method registerScope.

/**
 * Register an oauth scope. If the scope already exists, returns an error.
 *
 * @param req http request
 * @return String message that will be returned in the response
 */
public String registerScope(FullHttpRequest req) throws OAuthException {
    String contentType = (req.headers() != null) ? req.headers().get(HttpHeaderNames.CONTENT_TYPE) : null;
    // check Content-Type
    if (contentType != null && contentType.contains(ResponseBuilder.APPLICATION_JSON)) {
        try {
            Scope scope = InputValidator.validate(req.content().toString(CharsetUtil.UTF_8), Scope.class);
            if (scope.valid()) {
                if (!Scope.validScopeName(scope.getScope())) {
                    LOG.error("scope name is not valid");
                    throw new OAuthException(SCOPE_NAME_INVALID_ERROR, HttpResponseStatus.BAD_REQUEST);
                }
                LOG.info(">>>>>>>>>>>>>>> scope = " + scope);
                Scope foundScope = DBManagerFactory.getInstance().findScope(scope.getScope());
                if (foundScope != null) {
                    LOG.error("scope already exists");
                    throw new OAuthException(SCOPE_ALREADY_EXISTS, HttpResponseStatus.BAD_REQUEST);
                } else {
                    // store in the DB, if already exists such a scope, overwrites it
                    DBManagerFactory.getInstance().storeScope(scope);
                }
            } else {
                LOG.error("scope is not valid");
                throw new OAuthException(MANDATORY_FIELDS_ERROR, HttpResponseStatus.BAD_REQUEST);
            }
        } catch (IOException e) {
            LOG.error("cannot handle scope request", e);
            throw new OAuthException(e, null, HttpResponseStatus.BAD_REQUEST);
        }
    } else {
        throw new OAuthException(ResponseBuilder.UNSUPPORTED_MEDIA_TYPE, HttpResponseStatus.BAD_REQUEST);
    }
    return SCOPE_STORED_OK_MESSAGE;
}
Also used : Scope(com.apifest.oauth20.bean.Scope) OAuthException(com.apifest.oauth20.bean.OAuthException) IOException(java.io.IOException)

Example 12 with OAuthException

use of com.apifest.oauth20.bean.OAuthException in project xian by happyyangyuan.

the class ScopeService method updateScope.

/**
 * Updates a scope. If the scope does not exists, returns an error.
 *
 * @param req http request
 * @return String message that will be returned in the response
 */
public String updateScope(FullHttpRequest req, String scopeName) throws OAuthException {
    String contentType = (req.headers() != null) ? req.headers().get(HttpHeaderNames.CONTENT_TYPE) : null;
    // check Content-Type
    if (contentType != null && contentType.contains(ResponseBuilder.APPLICATION_JSON)) {
        try {
            Scope scope = InputValidator.validate(req.content().toString(CharsetUtil.UTF_8), Scope.class);
            if (scope.validForUpdate()) {
                Scope foundScope = DBManagerFactory.getInstance().findScope(scopeName);
                if (foundScope == null) {
                    LOG.error("scope does not exist");
                    throw new OAuthException(SCOPE_NOT_EXIST, HttpResponseStatus.BAD_REQUEST);
                } else {
                    setScopeEmptyValues(scope, foundScope);
                    DBManagerFactory.getInstance().storeScope(scope);
                }
            } else {
                LOG.error("scope is not valid");
                throw new OAuthException(MANDATORY_SCOPE_ERROR, HttpResponseStatus.BAD_REQUEST);
            }
        } catch (Exception e) {
            LOG.error("cannot handle scope request", e);
            throw new OAuthException(e, null, HttpResponseStatus.BAD_REQUEST);
        }
    } else {
        throw new OAuthException(ResponseBuilder.UNSUPPORTED_MEDIA_TYPE, HttpResponseStatus.BAD_REQUEST);
    }
    return SCOPE_UPDATED_OK_MESSAGE;
}
Also used : Scope(com.apifest.oauth20.bean.Scope) OAuthException(com.apifest.oauth20.bean.OAuthException) OAuthException(com.apifest.oauth20.bean.OAuthException) IOException(java.io.IOException)

Example 13 with OAuthException

use of com.apifest.oauth20.bean.OAuthException in project xian by happyyangyuan.

the class ScopeService method getScopes.

/**
 * Returns either all scopes or scopes for a specific client_id passed as query parameter.
 *
 * @param req request
 * @return string If query param client_id is passed, then the scopes for that client_id will be returned.
 * Otherwise, all available scopes will be returned in JSON format.
 */
public String getScopes(HttpRequest req) throws OAuthException {
    QueryStringDecoder dec = new QueryStringDecoder(req.uri());
    Map<String, List<String>> queryParams = dec.parameters();
    if (queryParams.containsKey("client_id")) {
        return getScopes(queryParams.get("client_id").get(0));
    }
    List<Scope> scopes = DBManagerFactory.getInstance().getAllScopes();
    String jsonString;
    try {
        jsonString = JSON.toJSONString(scopes);
    } catch (Exception e) {
        LOG.error("cannot load scopes", e);
        throw new OAuthException(e, null, HttpResponseStatus.BAD_REQUEST);
    }
    return jsonString;
}
Also used : Scope(com.apifest.oauth20.bean.Scope) OAuthException(com.apifest.oauth20.bean.OAuthException) ArrayList(java.util.ArrayList) List(java.util.List) OAuthException(com.apifest.oauth20.bean.OAuthException) IOException(java.io.IOException)

Example 14 with OAuthException

use of com.apifest.oauth20.bean.OAuthException in project xian by happyyangyuan.

the class ScopeService method deleteScope.

/**
 * Deletes a scope. If the scope does not exists, returns an error.
 *
 * @param scopeName scopeName
 * @return String message that will be returned in the response
 */
public String deleteScope(String scopeName) throws OAuthException {
    String responseMsg = "";
    Scope foundScope = DBManagerFactory.getInstance().findScope(scopeName);
    if (foundScope == null) {
        LOG.error("scope does not exist");
        throw new OAuthException(SCOPE_NOT_EXIST, HttpResponseStatus.BAD_REQUEST);
    } else {
        // first, check whether there is a client app registered with that scope
        List<ApplicationInfo> registeredApps = getClientAppsByScope(scopeName);
        if (registeredApps.size() > 0) {
            responseMsg = SCOPE_USED_BY_APP_MESSAGE;
        } else {
            boolean ok = DBManagerFactory.getInstance().deleteScope(scopeName);
            if (ok) {
                responseMsg = SCOPE_DELETED_OK_MESSAGE;
            } else {
                responseMsg = SCOPE_DELETED_NOK_MESSAGE;
            }
        }
    }
    return responseMsg;
}
Also used : Scope(com.apifest.oauth20.bean.Scope) OAuthException(com.apifest.oauth20.bean.OAuthException) ApplicationInfo(com.apifest.oauth20.bean.ApplicationInfo)

Example 15 with OAuthException

use of com.apifest.oauth20.bean.OAuthException in project xian by happyyangyuan.

the class IssueAccessToken method execute.

@Override
public UnitResponse execute(UnitRequest msg) {
    JSONObject json = new JSONObject() {

        {
            put("client_id", msg.getString("appId"));
            put("client_secret", msg.getString("appSecret"));
            put("grant_type", "client_credentials");
        }
    };
    String body = json.toJSONString(), uri = msg.getString("$url");
    ByteBuf byteBuffer = Unpooled.wrappedBuffer(body.getBytes());
    FullHttpRequest request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.POST, uri, byteBuffer);
    try {
        AccessToken token = OAuthService.auth.issueAccessToken(request);
        return UnitResponse.success(new JSONObject() {

            {
                put("appId", msg.getString("appId"));
                put("accessToken", token.getToken());
                put("valid", token.isValid());
                put("expiresIn", token.getExpiresIn());
                put("created", token.getCreated());
                put("scope", token.getScope());
            }
        });
    } catch (OAuthException e) {
        return UnitResponse.exception(e);
    }
}
Also used : DefaultFullHttpRequest(io.netty.handler.codec.http.DefaultFullHttpRequest) FullHttpRequest(io.netty.handler.codec.http.FullHttpRequest) JSONObject(com.alibaba.fastjson.JSONObject) DefaultFullHttpRequest(io.netty.handler.codec.http.DefaultFullHttpRequest) AccessToken(info.xiancloud.core.support.authen.AccessToken) OAuthException(com.apifest.oauth20.bean.OAuthException) ByteBuf(io.netty.buffer.ByteBuf)

Aggregations

OAuthException (com.apifest.oauth20.bean.OAuthException)14 DocOAuth20Sub (info.xiancloud.core.apidoc.annotation.DocOAuth20Sub)7 Scope (com.apifest.oauth20.bean.Scope)6 IOException (java.io.IOException)5 Matcher (java.util.regex.Matcher)4 AccessToken (info.xiancloud.core.support.authen.AccessToken)3 JSONObject (com.alibaba.fastjson.JSONObject)2 ClientCredentials (com.apifest.oauth20.bean.ClientCredentials)2 ArrayList (java.util.ArrayList)2 AuthenticationException (com.apifest.oauth20.api.AuthenticationException)1 UserDetails (com.apifest.oauth20.api.UserDetails)1 ApplicationInfo (com.apifest.oauth20.bean.ApplicationInfo)1 TokenRequest (com.apifest.oauth20.bean.token_request.TokenRequest)1 ByteBuf (io.netty.buffer.ByteBuf)1 DefaultFullHttpRequest (io.netty.handler.codec.http.DefaultFullHttpRequest)1 FullHttpRequest (io.netty.handler.codec.http.FullHttpRequest)1 URISyntaxException (java.net.URISyntaxException)1 List (java.util.List)1