Examples with NoResponse com.predic8.membrane.core.interceptor.oauth2.request.NoResponse used on opensource projects

Example 1 with NoResponse

use of com.predic8.membrane.core.interceptor.oauth2.request.NoResponse in project service-proxy by membrane.

the class PasswordFlow method processWithParameters.

@Override
protected Response processWithParameters() throws Exception {
    if (!verifyClientThroughParams())
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "unauthorized_client");
    Map<String, String> userParams = verifyUserThroughParams();
    if (userParams == null)
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "access_denied");
    scope = getScope();
    token = createTokenForVerifiedUserAndClient();
    refreshToken = authServer.getRefreshTokenGenerator().getToken(getUsername(), getClientId(), getClientSecret());
    SessionManager.Session session = createSessionForAuthorizedUserWithParams();
    synchronized (session) {
        session.getUserAttributes().put(ACCESS_TOKEN, token);
        session.getUserAttributes().putAll(userParams);
    }
    authServer.getSessionFinder().addSessionForToken(token, session);
    Client client;
    try {
        synchronized (authServer.getClientList()) {
            client = authServer.getClientList().getClient(getClientId());
        }
    } catch (Exception e) {
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "invalid_client");
    }
    String grantTypes = client.getGrantTypes();
    if (!grantTypes.contains(getGrantType())) {
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "invalid_grant_type");
    }
    refreshToken = authServer.getRefreshTokenGenerator().getToken(client.getClientId(), client.getClientId(), client.getClientSecret());
    if (authServer.isIssueNonSpecIdTokens() && OAuth2Util.isOpenIdScope(scope)) {
        idToken = createSignedIdToken(session, client.getClientId(), client);
    }
    exc.setResponse(getEarlyResponse());
    return new NoResponse();
}

Example 2 with NoResponse

use of com.predic8.membrane.core.interceptor.oauth2.request.NoResponse in project service-proxy by membrane.

the class AuthWithoutSessionRequest method processWithParameters.

@Override
protected Response processWithParameters() throws Exception {
    Client client;
    try {
        client = authServer.getClientList().getClient(getClientId());
    } catch (Exception e) {
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "unauthorized_client");
    }
    if (!OAuth2Util.isAbsoluteUri(getRedirectUri()) || !getRedirectUri().equals(client.getCallbackUrl()))
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "invalid_request");
    if (promptEqualsNone())
        return createParameterizedFormUrlencodedRedirect(exc, getState(), client.getCallbackUrl() + "?error=login_required");
    if (!authServer.getSupportedAuthorizationGrants().contains(getResponseType()))
        return createParameterizedFormUrlencodedRedirect(exc, getState(), client.getCallbackUrl() + "?error=unsupported_response_type");
    String validScopes = verifyScopes(getScope());
    if (validScopes.isEmpty())
        return createParameterizedFormUrlencodedRedirect(exc, getState(), client.getCallbackUrl() + "?error=invalid_scope");
    if (OAuth2Util.isOpenIdScope(validScopes)) {
        if (!isCodeRequest())
            return createParameterizedFormUrlencodedRedirect(exc, getState(), client.getCallbackUrl() + "?error=invalid_request");
        // Parses the claims parameter into a json object. Claim values are always ignored and set to "null" as it is optional to react to those values
        addValidClaimsToParams();
    } else
        removeClaimsWhenNotOpenidScope();
    setScope(validScopes);
    String invalidScopes = hasGivenInvalidScopes(getScope(), validScopes);
    if (!invalidScopes.isEmpty())
        setScopeInvalid(invalidScopes);
    SessionManager.Session session = authServer.getSessionManager().getOrCreateSession(exc);
    addParams(session, params);
    return new NoResponse();
}

Example 3 with NoResponse

use of com.predic8.membrane.core.interceptor.oauth2.request.NoResponse in project service-proxy by membrane.

the class RefreshTokenFlow method processWithParameters.

@Override
protected Response processWithParameters() throws Exception {
    if (!verifyClientThroughParams())
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "unauthorized_client");
    String username;
    try {
        username = authServer.getRefreshTokenGenerator().getUsername(getRefreshToken());
    } catch (NoSuchElementException ex) {
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "invalid_request");
    }
    params.put(ParamNames.USERNAME, username);
    try {
        authServer.getRefreshTokenGenerator().invalidateToken(getRefreshToken(), getClientId(), getClientSecret());
    } catch (NoSuchElementException ex) {
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "invalid_grant");
    }
    // TODO check if scope is "narrower" than before
    Client client;
    try {
        synchronized (authServer.getClientList()) {
            client = authServer.getClientList().getClient(getClientId());
        }
    } catch (Exception e) {
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "invalid_client");
    }
    String grantTypes = client.getGrantTypes();
    if (!grantTypes.contains(getGrantType())) {
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "invalid_grant_type");
    }
    scope = getScope();
    token = authServer.getTokenGenerator().getToken(getUsername(), getClientId(), getClientSecret());
    refreshToken = authServer.getRefreshTokenGenerator().getToken(getUsername(), getClientId(), getClientSecret());
    SessionManager.Session session = getSessionForAuthorizedUserWithParams();
    synchronized (session) {
        session.getUserAttributes().put(ACCESS_TOKEN, token);
    }
    authServer.getSessionFinder().addSessionForToken(token, session);
    if (OAuth2Util.isOpenIdScope(scope)) {
        idToken = createSignedIdToken(session, username, client);
    }
    return new NoResponse();
}

Example 4 with NoResponse

use of com.predic8.membrane.core.interceptor.oauth2.request.NoResponse in project service-proxy by membrane.

the class CredentialsFlow method processWithParameters.

@Override
protected Response processWithParameters() throws Exception {
    if (!verifyClientThroughParams())
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "unauthorized_client");
    scope = getScope();
    token = createTokenForVerifiedClient();
    SessionManager.Session session = createSessionForAuthorizedClientWithParams();
    synchronized (session) {
        session.getUserAttributes().put(ACCESS_TOKEN, token);
    }
    Client client;
    try {
        synchronized (authServer.getClientList()) {
            client = authServer.getClientList().getClient(getClientId());
        }
    } catch (Exception e) {
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "invalid_client");
    }
    String grantTypes = client.getGrantTypes();
    if (!grantTypes.contains(getGrantType())) {
        return OAuth2Util.createParameterizedJsonErrorResponse(exc, jsonGen, "error", "invalid_grant_type");
    }
    authServer.getSessionFinder().addSessionForToken(token, session);
    if (authServer.isIssueNonSpecRefreshTokens())
        refreshToken = authServer.getRefreshTokenGenerator().getToken(client.getClientId(), client.getClientId(), client.getClientSecret());
    if (authServer.isIssueNonSpecIdTokens() && OAuth2Util.isOpenIdScope(scope))
        idToken = createSignedIdToken(session, client.getClientId(), client);
    exc.setResponse(getEarlyResponse());
    return new NoResponse();
}