Search in sources :

Example 1 with AccessToken

use of com.sun.identity.oauth.service.models.AccessToken in project OpenAM by OpenRock.

the class AccessTokenResource method getAccessToken.

/**
     * GET method for retrieving a specific Service Consumer instance
     * and obtaining corresponding metadata (consumer name, URI, secret).
     *
     * @param sub (@link int) to retrieve the principal's id. Expected
     * value is either 1 (yes) or 0 (no) (e.g <PRE>&subject=1</PRE>).
     * @param shsec (@link int) to retrieve the shared secret (same
     * value as subject parameter).
     *
     * @return an HTTP response with URL encoded value of the service metadata.
     */
@GET
public //@Consumes(MediaType.TEXT_PLAIN)
Response getAccessToken(@QueryParam(OAUTH_SUBJECT) int sub, @QueryParam(OAUTH_SHARED_SECRET) int shsec) {
    OAuthResourceManager oauthResMgr = OAuthResourceManager.getInstance();
    try {
        String resp = "";
        String secret = null;
        String principalId = null;
        String tokenUri = context.getAbsolutePath().toString();
        Map<String, String> searchMap = new HashMap<String, String>();
        searchMap.put(ACCESS_TOKEN_URI, tokenUri);
        List<AccessToken> accTokens = oauthResMgr.searchAccessTokens(searchMap);
        AccessToken token = null;
        if ((accTokens != null) && (!accTokens.isEmpty())) {
            token = accTokens.get(0);
        }
        if (token == null) {
            throw new WebApplicationException(new Throwable("Token invalid."));
        }
        if ((sub == 1) && (token.getAcctPpalid() != null)) {
            principalId = URLEncoder.encode(token.getAcctPpalid());
            resp = OAUTH_SUBJECT + "=" + principalId;
        }
        if ((shsec == 1) && (token.getAcctSecret() != null)) {
            secret = URLEncoder.encode(token.getAcctSecret());
            if (principalId != null) {
                resp += "&";
            }
            resp += OAUTH_SHARED_SECRET + "=" + secret;
        }
        return Response.ok(resp, MediaType.TEXT_PLAIN).build();
    } catch (OAuthServiceException e) {
        Logger.getLogger(AccessTokenResource.class.getName()).log(Level.SEVERE, null, e);
        throw new WebApplicationException(e);
    }
}
Also used : WebApplicationException(javax.ws.rs.WebApplicationException) HashMap(java.util.HashMap) AccessToken(com.sun.identity.oauth.service.models.AccessToken) GET(javax.ws.rs.GET)

Example 2 with AccessToken

use of com.sun.identity.oauth.service.models.AccessToken in project OpenAM by OpenRock.

the class AccessTokenRequest method postAccessTokenRequest.

/**
     * POST method for creating a request for Rquest Token
     * @param content representation for the resource
     * @return an HTTP response with content of the updated or created resource.
     */
@POST
@Consumes("application/x-www-form-urlencoded")
public Response postAccessTokenRequest(@Context HttpContext hc, @Context Request req, String content) {
    boolean sigIsOk = false;
    OAuthResourceManager oauthResMgr = OAuthResourceManager.getInstance();
    try {
        Consumer cons = null;
        OAuthServerRequest request = new OAuthServerRequest(hc.getRequest());
        OAuthParameters params = new OAuthParameters();
        params.readRequest(request);
        if (params.getToken() == null)
            throw new WebApplicationException(new Throwable(OAUTH_TOKEN + " MUST be present."), BAD_REQUEST);
        // Check the existence of oauth verifier
        String requestVerifier = params.get(OAUTH_VERIFIER);
        if ((requestVerifier == null) || (requestVerifier.isEmpty())) {
            throw new WebApplicationException(new Throwable(OAUTH_VERIFIER + " MUST be present."), BAD_REQUEST);
        }
        Map<String, String> searchMap = new HashMap<String, String>();
        searchMap.put(REQUEST_TOKEN_URI, params.getToken());
        List<RequestToken> reqTokens = oauthResMgr.searchRequestTokens(searchMap);
        RequestToken rt = null;
        if ((reqTokens != null) && (!reqTokens.isEmpty())) {
            rt = reqTokens.get(0);
        }
        if (rt == null) {
            throw new WebApplicationException(new Throwable("Token invalid."), BAD_REQUEST);
        }
        String conskey = params.getConsumerKey();
        if (conskey == null) {
            throw new WebApplicationException(new Throwable("Consumer key is missing."), BAD_REQUEST);
        }
        String signatureMethod = params.getSignatureMethod();
        if (signatureMethod == null) {
            throw new WebApplicationException(new Throwable("Signature Method is missing."), BAD_REQUEST);
        }
        // Check that the verifiers match
        String reqTokenVerifier = rt.getVerifier();
        if (!requestVerifier.equals(reqTokenVerifier)) {
            throw new WebApplicationException(new Throwable("The oauth_verifier parameter is not valid."), BAD_REQUEST);
        }
        cons = rt.getConsumerId();
        if (cons == null) {
            throw new WebApplicationException(new Throwable("Consumer key invalid or service not registered"), BAD_REQUEST);
        }
        String secret = null;
        if (signatureMethod.equalsIgnoreCase(RSA_SHA1.NAME)) {
            secret = cons.getConsRsakey();
        } else {
            secret = cons.getConsSecret();
        }
        OAuthSecrets secrets = new OAuthSecrets().consumerSecret(secret).tokenSecret(rt.getReqtSecret());
        try {
            sigIsOk = OAuthSignature.verify(request, params, secrets);
        } catch (OAuthSignatureException ex) {
            Logger.getLogger(AccessTokenRequest.class.getName()).log(Level.SEVERE, null, ex);
        }
        if (!sigIsOk) {
            throw new WebApplicationException(new Throwable("Signature invalid."), BAD_REQUEST);
        }
        // We're good to go.
        AccessToken newtok = new AccessToken();
        newtok.setAcctOnetime((short) 1);
        newtok.setAcctPpalid(rt.getReqtPpalid());
        String baseUri = context.getBaseUri().toString();
        if (baseUri.endsWith("/")) {
            baseUri = baseUri.substring(0, baseUri.length() - 1);
        }
        URI loc = URI.create(baseUri + PathDefs.ACCESS_TOKENS_PATH + "/" + new UniqueRandomString().getString());
        newtok.setAcctUri(loc.toString());
        newtok.setAcctSecret(new UniqueRandomString().getString());
        newtok.setConsumerId(rt.getConsumerId());
        // for now val = uri
        newtok.setAcctVal(newtok.getAcctUri());
        oauthResMgr.createAccessToken(null, newtok);
        oauthResMgr.deleteRequestToken(rt);
        // Preparing the response.
        String resp = OAUTH_TOKEN + "=" + newtok.getAcctVal() + "&" + OAUTH_TOKEN_SECRET + "=" + newtok.getAcctSecret();
        return Response.created(loc).entity(resp).type(MediaType.APPLICATION_FORM_URLENCODED).build();
    } catch (OAuthServiceException e) {
        Logger.getLogger(AccessTokenRequest.class.getName()).log(Level.SEVERE, null, e);
        // 500 error
        throw new WebApplicationException(e);
    }
}
Also used : UniqueRandomString(com.sun.identity.oauth.service.util.UniqueRandomString) WebApplicationException(javax.ws.rs.WebApplicationException) HashMap(java.util.HashMap) UniqueRandomString(com.sun.identity.oauth.service.util.UniqueRandomString) URI(java.net.URI) OAuthServerRequest(com.sun.jersey.oauth.server.OAuthServerRequest) Consumer(com.sun.identity.oauth.service.models.Consumer) RequestToken(com.sun.identity.oauth.service.models.RequestToken) AccessToken(com.sun.identity.oauth.service.models.AccessToken) OAuthParameters(com.sun.jersey.oauth.signature.OAuthParameters) OAuthSignatureException(com.sun.jersey.oauth.signature.OAuthSignatureException) OAuthSecrets(com.sun.jersey.oauth.signature.OAuthSecrets) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes)

Example 3 with AccessToken

use of com.sun.identity.oauth.service.models.AccessToken in project OpenAM by OpenRock.

the class AccessTokenResource method deleteAcctoken.

@DELETE
@Consumes(MediaType.TEXT_PLAIN)
public Response deleteAcctoken() {
    OAuthResourceManager oauthResMgr = OAuthResourceManager.getInstance();
    try {
        String tokenUri = context.getAbsolutePath().toString();
        Map<String, String> searchMap = new HashMap<String, String>();
        searchMap.put(ACCESS_TOKEN_URI, tokenUri);
        List<AccessToken> accTokens = oauthResMgr.searchAccessTokens(searchMap);
        AccessToken token = null;
        if ((accTokens != null) && (!accTokens.isEmpty())) {
            token = accTokens.get(0);
        }
        if (token == null) {
            return Response.status(UNAUTHORIZED).build();
        }
        oauthResMgr.deleteAccessToken(token);
        return Response.ok().build();
    } catch (OAuthServiceException e) {
        Logger.getLogger(AccessTokenResource.class.getName()).log(Level.SEVERE, null, e);
        throw new WebApplicationException(e);
    }
}
Also used : WebApplicationException(javax.ws.rs.WebApplicationException) HashMap(java.util.HashMap) AccessToken(com.sun.identity.oauth.service.models.AccessToken) DELETE(javax.ws.rs.DELETE) Consumes(javax.ws.rs.Consumes)

Example 4 with AccessToken

use of com.sun.identity.oauth.service.models.AccessToken in project OpenAM by OpenRock.

the class OAuthResourceManager method searchAccessTokens.

/**
     * Searches for access token entities from the data store.
     *
     * @param attributes the attribute-value pairs used for the search
     *
     * @return a list of access tokens that satisfy the search criteria
     * @throws OAuthServiceException if an error condition occurs
     */
public List<AccessToken> searchAccessTokens(Map<String, String> attributes) throws OAuthServiceException {
    if ((attributes == null) || (attributes.isEmpty())) {
        return null;
    }
    List<String> ids = em.searchEntity(ACCESS_TOKEN_TYPE, attributes);
    if ((ids == null) || (ids.isEmpty())) {
        return null;
    }
    List<AccessToken> accessTokens = new ArrayList<AccessToken>();
    Iterator<String> iter = ids.iterator();
    while (iter.hasNext()) {
        String id = iter.next();
        AccessToken accessToken = readAccessToken(id);
        if (accessToken != null) {
            accessTokens.add(accessToken);
        }
    }
    return accessTokens;
}
Also used : AccessToken(com.sun.identity.oauth.service.models.AccessToken) ArrayList(java.util.ArrayList)

Example 5 with AccessToken

use of com.sun.identity.oauth.service.models.AccessToken in project OpenAM by OpenRock.

the class OAuthResourceManager method readAccessToken.

/**
     * Reads an access token entity from the data store.
     *
     * @param accTokenId the identifier of the access token
     *
     * @return the access token entity to read
     * @throws OAuthServiceException if an error condition occurs
     */
public AccessToken readAccessToken(String accTokenId) throws OAuthServiceException {
    if (accTokenId == null) {
        throw new OAuthServiceException("The access token id is null");
    }
    Map<String, String> attributes = em.readEntity(accTokenId);
    if ((attributes == null) || (attributes.isEmpty())) {
        throw new OAuthServiceException("Could not read the access token entity");
    }
    AccessToken accToken = new AccessToken();
    String accTokenURI = attributes.get(ACCESS_TOKEN_URI);
    if ((accTokenURI == null) || (accTokenURI.trim().length() == 0)) {
        throw new OAuthServiceException("Invalid access token URI");
    }
    accToken.setAcctUri(accTokenURI);
    String accTokenVal = attributes.get(ACCESS_TOKEN_VAL);
    if ((accTokenVal == null) || (accTokenVal.trim().length() == 0)) {
        throw new OAuthServiceException("Invalid access token value");
    }
    accToken.setAcctVal(accTokenVal);
    String accTokenSecret = attributes.get(ACCESS_TOKEN_SECRET);
    if ((accTokenSecret == null) || (accTokenSecret.trim().length() == 0)) {
        throw new OAuthServiceException("Invalid access token secret");
    }
    accToken.setAcctSecret(accTokenSecret);
    String accTokenPPalId = attributes.get(ACCESS_TOKEN_PPAL_ID);
    accToken.setAcctPpalid(accTokenPPalId);
    String accTokenExpiry = attributes.get(ACCESS_TOKEN_LIFETIME);
    if (accTokenExpiry != null) {
        try {
            Date expiry = DateUtils.stringToDate(accTokenExpiry);
            accToken.setAcctLifetime(expiry);
        } catch (ParseException pe) {
            throw new OAuthServiceException("invalid access token expiry", pe);
        }
    }
    String consumerId = attributes.get(CONSUMER_ID);
    if ((consumerId == null) || (consumerId.trim().length() == 0)) {
        throw new OAuthServiceException("Invalid access token consumer id");
    }
    Consumer consumer = readConsumer(consumerId);
    accToken.setConsumerId(consumer);
    String etag = attributes.get(ETAG);
    /*
        if ((etag == null) || (etag.trim().length()== 0)) {
            throw new OAuthServiceException("Invalid etag");
        } */
    accToken.setEtag(etag);
    accToken.setId(accTokenId);
    return accToken;
}
Also used : Consumer(com.sun.identity.oauth.service.models.Consumer) AccessToken(com.sun.identity.oauth.service.models.AccessToken) ParseException(java.text.ParseException) Date(java.util.Date)

Aggregations

AccessToken (com.sun.identity.oauth.service.models.AccessToken)5 HashMap (java.util.HashMap)3 WebApplicationException (javax.ws.rs.WebApplicationException)3 Consumer (com.sun.identity.oauth.service.models.Consumer)2 Consumes (javax.ws.rs.Consumes)2 RequestToken (com.sun.identity.oauth.service.models.RequestToken)1 UniqueRandomString (com.sun.identity.oauth.service.util.UniqueRandomString)1 OAuthServerRequest (com.sun.jersey.oauth.server.OAuthServerRequest)1 OAuthParameters (com.sun.jersey.oauth.signature.OAuthParameters)1 OAuthSecrets (com.sun.jersey.oauth.signature.OAuthSecrets)1 OAuthSignatureException (com.sun.jersey.oauth.signature.OAuthSignatureException)1 URI (java.net.URI)1 ParseException (java.text.ParseException)1 ArrayList (java.util.ArrayList)1 Date (java.util.Date)1 DELETE (javax.ws.rs.DELETE)1 GET (javax.ws.rs.GET)1 POST (javax.ws.rs.POST)1