use of com.sun.identity.oauth.service.models.AccessToken in project OpenAM by OpenRock.
the class AccessTokenResource method getAccessToken.
/**
* GET method for retrieving a specific Service Consumer instance
* and obtaining corresponding metadata (consumer name, URI, secret).
*
* @param sub (@link int) to retrieve the principal's id. Expected
* value is either 1 (yes) or 0 (no) (e.g <PRE>&subject=1</PRE>).
* @param shsec (@link int) to retrieve the shared secret (same
* value as subject parameter).
*
* @return an HTTP response with URL encoded value of the service metadata.
*/
@GET
public //@Consumes(MediaType.TEXT_PLAIN)
Response getAccessToken(@QueryParam(OAUTH_SUBJECT) int sub, @QueryParam(OAUTH_SHARED_SECRET) int shsec) {
OAuthResourceManager oauthResMgr = OAuthResourceManager.getInstance();
try {
String resp = "";
String secret = null;
String principalId = null;
String tokenUri = context.getAbsolutePath().toString();
Map<String, String> searchMap = new HashMap<String, String>();
searchMap.put(ACCESS_TOKEN_URI, tokenUri);
List<AccessToken> accTokens = oauthResMgr.searchAccessTokens(searchMap);
AccessToken token = null;
if ((accTokens != null) && (!accTokens.isEmpty())) {
token = accTokens.get(0);
}
if (token == null) {
throw new WebApplicationException(new Throwable("Token invalid."));
}
if ((sub == 1) && (token.getAcctPpalid() != null)) {
principalId = URLEncoder.encode(token.getAcctPpalid());
resp = OAUTH_SUBJECT + "=" + principalId;
}
if ((shsec == 1) && (token.getAcctSecret() != null)) {
secret = URLEncoder.encode(token.getAcctSecret());
if (principalId != null) {
resp += "&";
}
resp += OAUTH_SHARED_SECRET + "=" + secret;
}
return Response.ok(resp, MediaType.TEXT_PLAIN).build();
} catch (OAuthServiceException e) {
Logger.getLogger(AccessTokenResource.class.getName()).log(Level.SEVERE, null, e);
throw new WebApplicationException(e);
}
}
use of com.sun.identity.oauth.service.models.AccessToken in project OpenAM by OpenRock.
the class AccessTokenRequest method postAccessTokenRequest.
/**
* POST method for creating a request for Rquest Token
* @param content representation for the resource
* @return an HTTP response with content of the updated or created resource.
*/
@POST
@Consumes("application/x-www-form-urlencoded")
public Response postAccessTokenRequest(@Context HttpContext hc, @Context Request req, String content) {
boolean sigIsOk = false;
OAuthResourceManager oauthResMgr = OAuthResourceManager.getInstance();
try {
Consumer cons = null;
OAuthServerRequest request = new OAuthServerRequest(hc.getRequest());
OAuthParameters params = new OAuthParameters();
params.readRequest(request);
if (params.getToken() == null)
throw new WebApplicationException(new Throwable(OAUTH_TOKEN + " MUST be present."), BAD_REQUEST);
// Check the existence of oauth verifier
String requestVerifier = params.get(OAUTH_VERIFIER);
if ((requestVerifier == null) || (requestVerifier.isEmpty())) {
throw new WebApplicationException(new Throwable(OAUTH_VERIFIER + " MUST be present."), BAD_REQUEST);
}
Map<String, String> searchMap = new HashMap<String, String>();
searchMap.put(REQUEST_TOKEN_URI, params.getToken());
List<RequestToken> reqTokens = oauthResMgr.searchRequestTokens(searchMap);
RequestToken rt = null;
if ((reqTokens != null) && (!reqTokens.isEmpty())) {
rt = reqTokens.get(0);
}
if (rt == null) {
throw new WebApplicationException(new Throwable("Token invalid."), BAD_REQUEST);
}
String conskey = params.getConsumerKey();
if (conskey == null) {
throw new WebApplicationException(new Throwable("Consumer key is missing."), BAD_REQUEST);
}
String signatureMethod = params.getSignatureMethod();
if (signatureMethod == null) {
throw new WebApplicationException(new Throwable("Signature Method is missing."), BAD_REQUEST);
}
// Check that the verifiers match
String reqTokenVerifier = rt.getVerifier();
if (!requestVerifier.equals(reqTokenVerifier)) {
throw new WebApplicationException(new Throwable("The oauth_verifier parameter is not valid."), BAD_REQUEST);
}
cons = rt.getConsumerId();
if (cons == null) {
throw new WebApplicationException(new Throwable("Consumer key invalid or service not registered"), BAD_REQUEST);
}
String secret = null;
if (signatureMethod.equalsIgnoreCase(RSA_SHA1.NAME)) {
secret = cons.getConsRsakey();
} else {
secret = cons.getConsSecret();
}
OAuthSecrets secrets = new OAuthSecrets().consumerSecret(secret).tokenSecret(rt.getReqtSecret());
try {
sigIsOk = OAuthSignature.verify(request, params, secrets);
} catch (OAuthSignatureException ex) {
Logger.getLogger(AccessTokenRequest.class.getName()).log(Level.SEVERE, null, ex);
}
if (!sigIsOk) {
throw new WebApplicationException(new Throwable("Signature invalid."), BAD_REQUEST);
}
// We're good to go.
AccessToken newtok = new AccessToken();
newtok.setAcctOnetime((short) 1);
newtok.setAcctPpalid(rt.getReqtPpalid());
String baseUri = context.getBaseUri().toString();
if (baseUri.endsWith("/")) {
baseUri = baseUri.substring(0, baseUri.length() - 1);
}
URI loc = URI.create(baseUri + PathDefs.ACCESS_TOKENS_PATH + "/" + new UniqueRandomString().getString());
newtok.setAcctUri(loc.toString());
newtok.setAcctSecret(new UniqueRandomString().getString());
newtok.setConsumerId(rt.getConsumerId());
// for now val = uri
newtok.setAcctVal(newtok.getAcctUri());
oauthResMgr.createAccessToken(null, newtok);
oauthResMgr.deleteRequestToken(rt);
// Preparing the response.
String resp = OAUTH_TOKEN + "=" + newtok.getAcctVal() + "&" + OAUTH_TOKEN_SECRET + "=" + newtok.getAcctSecret();
return Response.created(loc).entity(resp).type(MediaType.APPLICATION_FORM_URLENCODED).build();
} catch (OAuthServiceException e) {
Logger.getLogger(AccessTokenRequest.class.getName()).log(Level.SEVERE, null, e);
// 500 error
throw new WebApplicationException(e);
}
}
use of com.sun.identity.oauth.service.models.AccessToken in project OpenAM by OpenRock.
the class AccessTokenResource method deleteAcctoken.
@DELETE
@Consumes(MediaType.TEXT_PLAIN)
public Response deleteAcctoken() {
OAuthResourceManager oauthResMgr = OAuthResourceManager.getInstance();
try {
String tokenUri = context.getAbsolutePath().toString();
Map<String, String> searchMap = new HashMap<String, String>();
searchMap.put(ACCESS_TOKEN_URI, tokenUri);
List<AccessToken> accTokens = oauthResMgr.searchAccessTokens(searchMap);
AccessToken token = null;
if ((accTokens != null) && (!accTokens.isEmpty())) {
token = accTokens.get(0);
}
if (token == null) {
return Response.status(UNAUTHORIZED).build();
}
oauthResMgr.deleteAccessToken(token);
return Response.ok().build();
} catch (OAuthServiceException e) {
Logger.getLogger(AccessTokenResource.class.getName()).log(Level.SEVERE, null, e);
throw new WebApplicationException(e);
}
}
use of com.sun.identity.oauth.service.models.AccessToken in project OpenAM by OpenRock.
the class OAuthResourceManager method searchAccessTokens.
/**
* Searches for access token entities from the data store.
*
* @param attributes the attribute-value pairs used for the search
*
* @return a list of access tokens that satisfy the search criteria
* @throws OAuthServiceException if an error condition occurs
*/
public List<AccessToken> searchAccessTokens(Map<String, String> attributes) throws OAuthServiceException {
if ((attributes == null) || (attributes.isEmpty())) {
return null;
}
List<String> ids = em.searchEntity(ACCESS_TOKEN_TYPE, attributes);
if ((ids == null) || (ids.isEmpty())) {
return null;
}
List<AccessToken> accessTokens = new ArrayList<AccessToken>();
Iterator<String> iter = ids.iterator();
while (iter.hasNext()) {
String id = iter.next();
AccessToken accessToken = readAccessToken(id);
if (accessToken != null) {
accessTokens.add(accessToken);
}
}
return accessTokens;
}
use of com.sun.identity.oauth.service.models.AccessToken in project OpenAM by OpenRock.
the class OAuthResourceManager method readAccessToken.
/**
* Reads an access token entity from the data store.
*
* @param accTokenId the identifier of the access token
*
* @return the access token entity to read
* @throws OAuthServiceException if an error condition occurs
*/
public AccessToken readAccessToken(String accTokenId) throws OAuthServiceException {
if (accTokenId == null) {
throw new OAuthServiceException("The access token id is null");
}
Map<String, String> attributes = em.readEntity(accTokenId);
if ((attributes == null) || (attributes.isEmpty())) {
throw new OAuthServiceException("Could not read the access token entity");
}
AccessToken accToken = new AccessToken();
String accTokenURI = attributes.get(ACCESS_TOKEN_URI);
if ((accTokenURI == null) || (accTokenURI.trim().length() == 0)) {
throw new OAuthServiceException("Invalid access token URI");
}
accToken.setAcctUri(accTokenURI);
String accTokenVal = attributes.get(ACCESS_TOKEN_VAL);
if ((accTokenVal == null) || (accTokenVal.trim().length() == 0)) {
throw new OAuthServiceException("Invalid access token value");
}
accToken.setAcctVal(accTokenVal);
String accTokenSecret = attributes.get(ACCESS_TOKEN_SECRET);
if ((accTokenSecret == null) || (accTokenSecret.trim().length() == 0)) {
throw new OAuthServiceException("Invalid access token secret");
}
accToken.setAcctSecret(accTokenSecret);
String accTokenPPalId = attributes.get(ACCESS_TOKEN_PPAL_ID);
accToken.setAcctPpalid(accTokenPPalId);
String accTokenExpiry = attributes.get(ACCESS_TOKEN_LIFETIME);
if (accTokenExpiry != null) {
try {
Date expiry = DateUtils.stringToDate(accTokenExpiry);
accToken.setAcctLifetime(expiry);
} catch (ParseException pe) {
throw new OAuthServiceException("invalid access token expiry", pe);
}
}
String consumerId = attributes.get(CONSUMER_ID);
if ((consumerId == null) || (consumerId.trim().length() == 0)) {
throw new OAuthServiceException("Invalid access token consumer id");
}
Consumer consumer = readConsumer(consumerId);
accToken.setConsumerId(consumer);
String etag = attributes.get(ETAG);
/*
if ((etag == null) || (etag.trim().length()== 0)) {
throw new OAuthServiceException("Invalid etag");
} */
accToken.setEtag(etag);
accToken.setId(accTokenId);
return accToken;
}
Aggregations