Example 11 with AuthleteApi
use of com.authlete.common.api.AuthleteApi in project java-oauth-server by authlete.
the class ResourcesEndpoint method read.
@GET
public Response read(@Context HttpServletRequest request, @HeaderParam(X_FAPI_INTERACTION_ID) String incomingInteractionId) {
String code = "Resources Read";
// Compute a value for the "x-fapi-interaction-id" HTTP response header.
String outgoingInteractionId = ObbUtils.computeOutgoingInteractionId(code, incomingInteractionId);
// Validate the access token.
AuthleteApi authleteApi = AuthleteApiFactory.getDefaultApi();
IntrospectionResponse info = ObbUtils.validateAccessToken(outgoingInteractionId, code, authleteApi, request, "resources");
// Make sure that the access token has a "consent:{consentId}" scope.
ensureConsentScope(outgoingInteractionId, code, info);
// Build a response body.
ResponseResourceList body = buildResponseBody();
// Build a successful response.
return ObbUtils.ok(outgoingInteractionId, body);
}
Also used :
AuthleteApi(com.authlete.common.api.AuthleteApi)
IntrospectionResponse(com.authlete.common.dto.IntrospectionResponse)
ResponseResourceList(com.authlete.jaxrs.server.obb.model.ResponseResourceList)
GET(javax.ws.rs.GET)
Example 12 with AuthleteApi
use of com.authlete.common.api.AuthleteApi in project java-oauth-server by authlete.
the class TokenEndpoint method post.
/**
* The token endpoint for {@code POST} method.
*
* <p>
* <a href="http://tools.ietf.org/html/rfc6749#section-3.2">RFC 6749,
* 3.2. Token Endpoint</a> says:
* </p>
*
* <blockquote>
* <i>The client MUST use the HTTP "POST" method when making access
* token requests.</i>
* </blockquote>
*
* <p>
* <a href="http://tools.ietf.org/html/rfc6749#section-2.3">RFC 6749,
* 2.3. Client Authentication</a> mentions (1) HTTP Basic Authentication
* and (2) {@code client_id} & {@code client_secret} parameters in
* the request body as the means of client authentication. This
* implementation supports the both means.
* </p>
*
* @see <a href="http://tools.ietf.org/html/rfc6749#section-3.2"
* >RFC 6749, 3.2. Token Endpoint</a>
*/
@POST
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response post(@Context HttpServletRequest request, MultivaluedMap<String, String> parameters) {
// Authlete API
AuthleteApi authleteApi = AuthleteApiFactory.getDefaultApi();
// Process the token request in a standard way.
Response response = processTokenRequest(authleteApi, request, parameters);
// Do additional tasks as necessary.
doTasks(authleteApi, request, parameters, response);
return response;
}
Also used :
Response(javax.ws.rs.core.Response)
AuthleteApi(com.authlete.common.api.AuthleteApi)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Aggregations
AuthleteApi (com.authlete.common.api.AuthleteApi)12
IntrospectionResponse (com.authlete.common.dto.IntrospectionResponse)6
GET (javax.ws.rs.GET)5
Path (javax.ws.rs.Path)5
Consumes (javax.ws.rs.Consumes)4
Consent (com.authlete.jaxrs.server.obb.model.Consent)3
CreateConsent (com.authlete.jaxrs.server.obb.model.CreateConsent)3
ResponseConsent (com.authlete.jaxrs.server.obb.model.ResponseConsent)3
POST (javax.ws.rs.POST)3
ResponseAccountList (com.authlete.jaxrs.server.obb.model.ResponseAccountList)2
DELETE (javax.ws.rs.DELETE)2
AuthleteApiException (com.authlete.common.api.AuthleteApiException)1
ResponseResourceList (com.authlete.jaxrs.server.obb.model.ResponseResourceList)1
PUT (javax.ws.rs.PUT)1
Response (javax.ws.rs.core.Response)1
