Example 11 with Scope
use of com.apifest.oauth20.bean.Scope in project xian by happyyangyuan.
the class ScopeService method registerScope.
/**
* Register an oauth scope. If the scope already exists, returns an error.
*
* @param req http request
* @return String message that will be returned in the response
*/
public String registerScope(FullHttpRequest req) throws OAuthException {
String contentType = (req.headers() != null) ? req.headers().get(HttpHeaderNames.CONTENT_TYPE) : null;
// check Content-Type
if (contentType != null && contentType.contains(ResponseBuilder.APPLICATION_JSON)) {
try {
Scope scope = InputValidator.validate(req.content().toString(CharsetUtil.UTF_8), Scope.class);
if (scope.valid()) {
if (!Scope.validScopeName(scope.getScope())) {
LOG.error("scope name is not valid");
throw new OAuthException(SCOPE_NAME_INVALID_ERROR, HttpResponseStatus.BAD_REQUEST);
}
LOG.info(">>>>>>>>>>>>>>> scope = " + scope);
Scope foundScope = DBManagerFactory.getInstance().findScope(scope.getScope());
if (foundScope != null) {
LOG.error("scope already exists");
throw new OAuthException(SCOPE_ALREADY_EXISTS, HttpResponseStatus.BAD_REQUEST);
} else {
// store in the DB, if already exists such a scope, overwrites it
DBManagerFactory.getInstance().storeScope(scope);
}
} else {
LOG.error("scope is not valid");
throw new OAuthException(MANDATORY_FIELDS_ERROR, HttpResponseStatus.BAD_REQUEST);
}
} catch (IOException e) {
LOG.error("cannot handle scope request", e);
throw new OAuthException(e, null, HttpResponseStatus.BAD_REQUEST);
}
} else {
throw new OAuthException(ResponseBuilder.UNSUPPORTED_MEDIA_TYPE, HttpResponseStatus.BAD_REQUEST);
}
return SCOPE_STORED_OK_MESSAGE;
}
Also used :
Scope(com.apifest.oauth20.bean.Scope)
OAuthException(com.apifest.oauth20.bean.OAuthException)
IOException(java.io.IOException)
Example 12 with Scope
use of com.apifest.oauth20.bean.Scope in project xian by happyyangyuan.
the class ScopeService method loadScopes.
protected List<Scope> loadScopes(String scope) {
String[] scopes = scope.split(SPACE);
List<Scope> loadedScopes = new ArrayList<Scope>();
DBManager db = DBManagerFactory.getInstance();
for (String name : scopes) {
loadedScopes.add(db.findScope(name));
}
return loadedScopes;
}Example 13 with Scope
use of com.apifest.oauth20.bean.Scope in project xian by happyyangyuan.
the class ScopeService method updateScope.
/**
* Updates a scope. If the scope does not exists, returns an error.
*
* @param req http request
* @return String message that will be returned in the response
*/
public String updateScope(FullHttpRequest req, String scopeName) throws OAuthException {
String contentType = (req.headers() != null) ? req.headers().get(HttpHeaderNames.CONTENT_TYPE) : null;
// check Content-Type
if (contentType != null && contentType.contains(ResponseBuilder.APPLICATION_JSON)) {
try {
Scope scope = InputValidator.validate(req.content().toString(CharsetUtil.UTF_8), Scope.class);
if (scope.validForUpdate()) {
Scope foundScope = DBManagerFactory.getInstance().findScope(scopeName);
if (foundScope == null) {
LOG.error("scope does not exist");
throw new OAuthException(SCOPE_NOT_EXIST, HttpResponseStatus.BAD_REQUEST);
} else {
setScopeEmptyValues(scope, foundScope);
DBManagerFactory.getInstance().storeScope(scope);
}
} else {
LOG.error("scope is not valid");
throw new OAuthException(MANDATORY_SCOPE_ERROR, HttpResponseStatus.BAD_REQUEST);
}
} catch (Exception e) {
LOG.error("cannot handle scope request", e);
throw new OAuthException(e, null, HttpResponseStatus.BAD_REQUEST);
}
} else {
throw new OAuthException(ResponseBuilder.UNSUPPORTED_MEDIA_TYPE, HttpResponseStatus.BAD_REQUEST);
}
return SCOPE_UPDATED_OK_MESSAGE;
}
Also used :
Scope(com.apifest.oauth20.bean.Scope)
OAuthException(com.apifest.oauth20.bean.OAuthException)
OAuthException(com.apifest.oauth20.bean.OAuthException)
IOException(java.io.IOException)
Example 14 with Scope
use of com.apifest.oauth20.bean.Scope in project xian by happyyangyuan.
the class ScopeService method getScopes.
/**
* Returns either all scopes or scopes for a specific client_id passed as query parameter.
*
* @param req request
* @return string If query param client_id is passed, then the scopes for that client_id will be returned.
* Otherwise, all available scopes will be returned in JSON format.
*/
public String getScopes(HttpRequest req) throws OAuthException {
QueryStringDecoder dec = new QueryStringDecoder(req.uri());
Map<String, List<String>> queryParams = dec.parameters();
if (queryParams.containsKey("client_id")) {
return getScopes(queryParams.get("client_id").get(0));
}
List<Scope> scopes = DBManagerFactory.getInstance().getAllScopes();
String jsonString;
try {
jsonString = JSON.toJSONString(scopes);
} catch (Exception e) {
LOG.error("cannot load scopes", e);
throw new OAuthException(e, null, HttpResponseStatus.BAD_REQUEST);
}
return jsonString;
}
Also used :
Scope(com.apifest.oauth20.bean.Scope)
OAuthException(com.apifest.oauth20.bean.OAuthException)
ArrayList(java.util.ArrayList)
List(java.util.List)
OAuthException(com.apifest.oauth20.bean.OAuthException)
IOException(java.io.IOException)
Example 15 with Scope
use of com.apifest.oauth20.bean.Scope in project xian by happyyangyuan.
the class ScopeService method getExpiresIn.
/**
* Returns value for expires_in by given scope and token type.
*
* @param scope scope/s for which expires in will be returned
* @param tokenGrantType client_credentials or password type
* @return minimum value of given scope/s expires_in
*/
public int getExpiresIn(String tokenGrantType, String scope) {
int expiresIn = Integer.MAX_VALUE;
List<Scope> scopes = loadScopes(scope);
boolean ccGrantType = TokenRequest.CLIENT_CREDENTIALS.equals(tokenGrantType);
if (TokenRequest.CLIENT_CREDENTIALS.equals(tokenGrantType)) {
for (Scope s : scopes) {
if (s.getCcExpiresIn() < expiresIn) {
expiresIn = s.getCcExpiresIn();
}
}
} else if (TokenRequest.PASSWORD.equals(tokenGrantType)) {
for (Scope s : scopes) {
if (s.getPassExpiresIn() < expiresIn) {
expiresIn = s.getPassExpiresIn();
}
}
} else {
// refresh_token
for (Scope s : scopes) {
if (s.getRefreshExpiresIn() < expiresIn) {
expiresIn = s.getRefreshExpiresIn();
}
}
}
if (scopes.size() == 0 || expiresIn == Integer.MAX_VALUE) {
expiresIn = (ccGrantType) ? OAuthConfig.DEFAULT_CC_EXPIRES_IN : OAuthConfig.DEFAULT_PASSWORD_EXPIRES_IN;
}
return expiresIn;
}
Also used :
Scope(com.apifest.oauth20.bean.Scope)
Aggregations
OAuthException (com.apifest.oauth20.bean.OAuthException)14
Scope (com.apifest.oauth20.bean.Scope)8
DocOAuth20Sub (info.xiancloud.core.apidoc.annotation.DocOAuth20Sub)7
IOException (java.io.IOException)5
Matcher (java.util.regex.Matcher)4
AccessToken (info.xiancloud.core.support.authen.AccessToken)3
ArrayList (java.util.ArrayList)3
JSONObject (com.alibaba.fastjson.JSONObject)2
ClientCredentials (com.apifest.oauth20.bean.ClientCredentials)2
AuthenticationException (com.apifest.oauth20.api.AuthenticationException)1
UserDetails (com.apifest.oauth20.api.UserDetails)1
ApplicationInfo (com.apifest.oauth20.bean.ApplicationInfo)1
TokenRequest (com.apifest.oauth20.bean.token_request.TokenRequest)1
DBManager (com.apifest.oauth20.persistence.DBManager)1
ByteBuf (io.netty.buffer.ByteBuf)1
DefaultFullHttpRequest (io.netty.handler.codec.http.DefaultFullHttpRequest)1
FullHttpRequest (io.netty.handler.codec.http.FullHttpRequest)1
URISyntaxException (java.net.URISyntaxException)1
List (java.util.List)1
