Examples with Gw2AuthUser com.gw2auth.oauth2.server.service.user.Gw2AuthUser used on opensource projects

Search in sources :

Example 6 with Gw2AuthUser

use of com.gw2auth.oauth2.server.service.user.Gw2AuthUser in project oauth2-server by gw2auth.

the class OAuth2ConsentController method oauth2ConsentInformation.

@GetMapping(value = "/api/oauth2/consent", produces = MediaType.APPLICATION_JSON_VALUE)
public OAuth2ConsentInfoResponse oauth2ConsentInformation(@AuthenticationPrincipal Gw2AuthUser user, @RequestParam(OAuth2ParameterNames.CLIENT_ID) UUID clientId, @RequestParam(OAuth2ParameterNames.STATE) String state, @RequestParam(OAuth2ParameterNames.SCOPE) String scopes) {
    final ClientRegistration clientRegistration = this.clientRegistrationService.getClientRegistration(clientId).orElseThrow();
    final Set<String> requestedScopes = Utils.split(scopes, " ").collect(Collectors.toSet());
    final Set<Gw2ApiPermission> requestedGw2ApiPermissions = requestedScopes.stream().flatMap((scope) -> Gw2ApiPermission.fromOAuth2(scope).stream()).collect(Collectors.toSet());
    final boolean requestedVerifiedInformation = requestedScopes.contains(ClientConsentService.GW2AUTH_VERIFIED_SCOPE);
    final List<ApiToken> apiTokens = this.apiTokenService.getApiTokens(user.getAccountId());
    final List<OAuth2ConsentInfoResponse.MinimalApiToken> apiTokensWithSufficientPermissionResponses = new ArrayList<>();
    final List<OAuth2ConsentInfoResponse.MinimalApiToken> apiTokensWithInsufficientPermissionResponses = new ArrayList<>();
    final Set<UUID> verifiedGw2AccountIds;
    if (apiTokens.isEmpty() || !requestedVerifiedInformation) {
        verifiedGw2AccountIds = Set.of();
    } else {
        verifiedGw2AccountIds = this.verificationService.getVerifiedGw2AccountIds(user.getAccountId());
    }
    for (ApiToken apiToken : apiTokens) {
        final OAuth2ConsentInfoResponse.MinimalApiToken resultApiToken = OAuth2ConsentInfoResponse.MinimalApiToken.create(apiToken, verifiedGw2AccountIds.contains(apiToken.gw2AccountId()));
        if (apiToken.gw2ApiPermissions().containsAll(requestedGw2ApiPermissions)) {
            apiTokensWithSufficientPermissionResponses.add(resultApiToken);
        } else {
            apiTokensWithInsufficientPermissionResponses.add(resultApiToken);
        }
    }
    final Set<UUID> previouslyConsentedGw2AccountIds = this.clientAuthorizationService.getLatestClientAuthorization(user.getAccountId(), clientRegistration.id(), requestedScopes).map(ClientAuthorization::gw2AccountIds).orElseGet(Set::of);
    final MultiValueMap<String, String> submitFormParameters = new LinkedMultiValueMap<>();
    submitFormParameters.set(OAuth2ParameterNames.CLIENT_ID, clientId.toString());
    submitFormParameters.set(OAuth2ParameterNames.STATE, state);
    requestedScopes.forEach((scope) -> submitFormParameters.add(OAuth2ParameterNames.SCOPE, scope));
    final String cancelUri = UriComponentsBuilder.fromPath("/api/oauth2/consent-deny").replaceQueryParam(OAuth2ParameterNames.CLIENT_ID, clientId).replaceQueryParam(OAuth2ParameterNames.STATE, state).toUriString();
    return new OAuth2ConsentInfoResponse(ClientRegistrationPublicResponse.create(clientRegistration), requestedGw2ApiPermissions, requestedVerifiedInformation, "/oauth2/authorize", submitFormParameters, cancelUri, apiTokensWithSufficientPermissionResponses, apiTokensWithInsufficientPermissionResponses, previouslyConsentedGw2AccountIds);
}
Also used : OAuth2ParameterNames(org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames) UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder) RequestParam(org.springframework.web.bind.annotation.RequestParam) Autowired(org.springframework.beans.factory.annotation.Autowired) ClientRegistrationService(com.gw2auth.oauth2.server.service.client.registration.ClientRegistrationService) ArrayList(java.util.ArrayList) Utils(com.gw2auth.oauth2.server.util.Utils) GetMapping(org.springframework.web.bind.annotation.GetMapping) URI(java.net.URI) OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization) Gw2AuthUser(com.gw2auth.oauth2.server.service.user.Gw2AuthUser) AbstractRestController(com.gw2auth.oauth2.server.web.AbstractRestController) ApiTokenService(com.gw2auth.oauth2.server.service.apitoken.ApiTokenService) ClientAuthorizationService(com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorizationService) MediaType(org.springframework.http.MediaType) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) MultiValueMap(org.springframework.util.MultiValueMap) Set(java.util.Set) UUID(java.util.UUID) OAuth2ErrorCodes(org.springframework.security.oauth2.core.OAuth2ErrorCodes) RestController(org.springframework.web.bind.annotation.RestController) Collectors(java.util.stream.Collectors) VerificationService(com.gw2auth.oauth2.server.service.verification.VerificationService) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) HttpStatus(org.springframework.http.HttpStatus) ClientConsentService(com.gw2auth.oauth2.server.service.client.consent.ClientConsentService) List(java.util.List) ApiToken(com.gw2auth.oauth2.server.service.apitoken.ApiToken) OAuth2TokenType(org.springframework.security.oauth2.core.OAuth2TokenType) Gw2ApiPermission(com.gw2auth.oauth2.server.service.Gw2ApiPermission) AuthenticationPrincipal(org.springframework.security.core.annotation.AuthenticationPrincipal) ClientRegistration(com.gw2auth.oauth2.server.service.client.registration.ClientRegistration) ResponseEntity(org.springframework.http.ResponseEntity) ClientAuthorization(com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorization) ClientRegistrationPublicResponse(com.gw2auth.oauth2.server.web.client.consent.ClientRegistrationPublicResponse) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) Gw2ApiPermission(com.gw2auth.oauth2.server.service.Gw2ApiPermission) Set(java.util.Set) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) ArrayList(java.util.ArrayList) ClientRegistration(com.gw2auth.oauth2.server.service.client.registration.ClientRegistration) ApiToken(com.gw2auth.oauth2.server.service.apitoken.ApiToken) UUID(java.util.UUID) GetMapping(org.springframework.web.bind.annotation.GetMapping)

Example 7 with Gw2AuthUser

use of com.gw2auth.oauth2.server.service.user.Gw2AuthUser in project oauth2-server by gw2auth.

the class ApiTokenController method updateApiToken.

@PatchMapping(value = "/api/token/{gw2AccountId}", produces = MediaType.APPLICATION_JSON_VALUE)
public ApiTokenResponse updateApiToken(@AuthenticationPrincipal Gw2AuthUser user, @PathVariable("gw2AccountId") UUID gw2AccountId, @RequestParam(value = "displayName", required = false) String displayName, @RequestParam(value = "gw2ApiToken", required = false) String gw2ApiToken) {
    final ApiToken apiToken = this.apiTokenService.updateApiToken(user.getAccountId(), gw2AccountId, gw2ApiToken, displayName);
    final List<ClientAuthorization> clientAuthorizations = this.clientAuthorizationService.getClientAuthorizations(user.getAccountId(), Set.of(apiToken.gw2AccountId()));
    final List<ApiTokenResponse.Authorization> authorizations;
    if (!clientAuthorizations.isEmpty()) {
        final Set<Long> clientRegistrationIds = clientAuthorizations.stream().map(ClientAuthorization::clientRegistrationId).collect(Collectors.toSet());
        authorizations = this.clientRegistrationService.getClientRegistrations(clientRegistrationIds).stream().map(ApiTokenResponse.Authorization::create).collect(Collectors.toList());
    } else {
        authorizations = List.of();
    }
    final boolean isVerified = this.verificationService.getVerifiedAccountId(apiToken.gw2AccountId()).orElse(-1L) == user.getAccountId();
    return ApiTokenResponse.create(apiToken, isVerified, authorizations);
}
Also used : ClientAuthorization(com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorization) ClientAuthorization(com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorization) ApiToken(com.gw2auth.oauth2.server.service.apitoken.ApiToken)

Example 8 with Gw2AuthUser

use of com.gw2auth.oauth2.server.service.user.Gw2AuthUser in project oauth2-server by gw2auth.

the class ApiTokenController method getApiTokens.

@GetMapping(value = "/api/token", produces = MediaType.APPLICATION_JSON_VALUE)
public List<ApiTokenResponse> getApiTokens(@AuthenticationPrincipal Gw2AuthUser user) {
    final List<ApiToken> apiTokens = this.apiTokenService.getApiTokens(user.getAccountId());
    // get all gw2 account ids for authorization batch lookup
    final Set<UUID> gw2AccountIds = apiTokens.stream().map(ApiToken::gw2AccountId).collect(Collectors.toSet());
    // aggregate authorizations for later lookup
    final List<ClientAuthorization> clientAuthorizations = this.clientAuthorizationService.getClientAuthorizations(user.getAccountId(), gw2AccountIds);
    final Set<Long> clientRegistrationIds = new HashSet<>(clientAuthorizations.size());
    final Map<UUID, Set<Long>> clientRegistrationIdsByGw2AccountId = new HashMap<>(clientAuthorizations.size());
    for (ClientAuthorization clientAuthorization : clientAuthorizations) {
        clientRegistrationIds.add(clientAuthorization.clientRegistrationId());
        for (UUID gw2AccountId : clientAuthorization.gw2AccountIds()) {
            clientRegistrationIdsByGw2AccountId.computeIfAbsent(gw2AccountId, (k) -> new HashSet<>()).add(clientAuthorization.clientRegistrationId());
        }
    }
    // find all client registrations for the registration ids and remember them by id
    final Map<Long, ClientRegistration> clientRegistrationById = this.clientRegistrationService.getClientRegistrations(clientRegistrationIds).stream().collect(Collectors.toMap(ClientRegistration::id, Function.identity()));
    // find all verified gw2 account ids for this account (better than querying for every single one)
    final Set<UUID> verifiedGw2AccountIds = this.verificationService.getVerifiedGw2AccountIds(user.getAccountId());
    final List<ApiTokenResponse> response = new ArrayList<>(apiTokens.size());
    for (ApiToken apiToken : apiTokens) {
        final Set<Long> clientRegistrationIdsForThisToken = clientRegistrationIdsByGw2AccountId.get(apiToken.gw2AccountId());
        final List<ApiTokenResponse.Authorization> authorizations;
        if (clientRegistrationIdsForThisToken != null && !clientRegistrationIdsForThisToken.isEmpty()) {
            authorizations = new ArrayList<>(clientRegistrationIdsForThisToken.size());
            for (long clientRegistrationId : clientRegistrationIdsForThisToken) {
                final ClientRegistration clientRegistration = clientRegistrationById.get(clientRegistrationId);
                if (clientRegistration != null) {
                    authorizations.add(ApiTokenResponse.Authorization.create(clientRegistration));
                }
            }
        } else {
            authorizations = List.of();
        }
        response.add(ApiTokenResponse.create(apiToken, verifiedGw2AccountIds.contains(apiToken.gw2AccountId()), authorizations));
    }
    return response;
}
Also used : Gw2AuthUser(com.gw2auth.oauth2.server.service.user.Gw2AuthUser) AbstractRestController(com.gw2auth.oauth2.server.web.AbstractRestController) java.util(java.util) ApiTokenService(com.gw2auth.oauth2.server.service.apitoken.ApiTokenService) ClientAuthorizationService(com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorizationService) MediaType(org.springframework.http.MediaType) Autowired(org.springframework.beans.factory.annotation.Autowired) ClientRegistrationService(com.gw2auth.oauth2.server.service.client.registration.ClientRegistrationService) Function(java.util.function.Function) Collectors(java.util.stream.Collectors) VerificationService(com.gw2auth.oauth2.server.service.verification.VerificationService) ApiToken(com.gw2auth.oauth2.server.service.apitoken.ApiToken) AuthenticationPrincipal(org.springframework.security.core.annotation.AuthenticationPrincipal) org.springframework.web.bind.annotation(org.springframework.web.bind.annotation) ClientRegistration(com.gw2auth.oauth2.server.service.client.registration.ClientRegistration) ClientAuthorization(com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorization) ClientAuthorization(com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorization) ClientAuthorization(com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorization) ClientRegistration(com.gw2auth.oauth2.server.service.client.registration.ClientRegistration) ApiToken(com.gw2auth.oauth2.server.service.apitoken.ApiToken)

Aggregations

ApiToken (com.gw2auth.oauth2.server.service.apitoken.ApiToken)5 ClientAuthorization (com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorization)4 Gw2AuthUser (com.gw2auth.oauth2.server.service.user.Gw2AuthUser)4 ApiTokenService (com.gw2auth.oauth2.server.service.apitoken.ApiTokenService)3 ClientAuthorizationService (com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorizationService)3 ClientRegistration (com.gw2auth.oauth2.server.service.client.registration.ClientRegistration)3 AbstractRestController (com.gw2auth.oauth2.server.web.AbstractRestController)3 Collectors (java.util.stream.Collectors)3 Autowired (org.springframework.beans.factory.annotation.Autowired)3 MediaType (org.springframework.http.MediaType)3 AuthenticationPrincipal (org.springframework.security.core.annotation.AuthenticationPrincipal)3 ClientRegistrationService (com.gw2auth.oauth2.server.service.client.registration.ClientRegistrationService)2 VerificationService (com.gw2auth.oauth2.server.service.verification.VerificationService)2 java.util (java.util)2 Function (java.util.function.Function)2 HttpStatus (org.springframework.http.HttpStatus)2 ResponseEntity (org.springframework.http.ResponseEntity)2 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)2 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)2 OAuth2Authorization (org.springframework.security.oauth2.server.authorization.OAuth2Authorization)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial