Search in sources :

Example 1 with OAuth2Client

use of de.ids_mannheim.korap.oauth2.entity.OAuth2Client in project Kustvakt by KorAP.

the class OAuth2ClientService method listUserRegisteredClients.

public List<OAuth2UserClientDto> listUserRegisteredClients(String username, String clientId, String clientSecret) throws KustvaktException {
    OAuth2Client client = authenticateClient(clientId, clientSecret);
    if (!client.isSuper()) {
        throw new KustvaktException(StatusCodes.CLIENT_AUTHORIZATION_FAILED, "Only super client is allowed to list user registered clients.", OAuth2Error.UNAUTHORIZED_CLIENT);
    }
    List<OAuth2Client> userClients = clientDao.retrieveUserRegisteredClients(username);
    Collections.sort(userClients);
    return createClientDtos(userClients);
}
Also used : KustvaktException(de.ids_mannheim.korap.exceptions.KustvaktException) OAuth2Client(de.ids_mannheim.korap.oauth2.entity.OAuth2Client)

Example 2 with OAuth2Client

use of de.ids_mannheim.korap.oauth2.entity.OAuth2Client in project Kustvakt by KorAP.

the class OAuth2ClientService method createClientDtos.

private List<OAuth2UserClientDto> createClientDtos(List<OAuth2Client> userClients) {
    List<OAuth2UserClientDto> dtoList = new ArrayList<>(userClients.size());
    for (OAuth2Client uc : userClients) {
        if (uc.isSuper())
            continue;
        OAuth2UserClientDto dto = new OAuth2UserClientDto();
        dto.setClientId(uc.getId());
        dto.setClientName(uc.getName());
        dto.setDescription(uc.getDescription());
        dto.setUrl(uc.getUrl());
        dto.setClientType(uc.getType());
        dtoList.add(dto);
    }
    return dtoList;
}
Also used : OAuth2UserClientDto(de.ids_mannheim.korap.oauth2.dto.OAuth2UserClientDto) OAuth2Client(de.ids_mannheim.korap.oauth2.entity.OAuth2Client) ArrayList(java.util.ArrayList)

Example 3 with OAuth2Client

use of de.ids_mannheim.korap.oauth2.entity.OAuth2Client in project Kustvakt by KorAP.

the class OAuth2ClientService method listUserAuthorizedClients.

public List<OAuth2UserClientDto> listUserAuthorizedClients(String username, String superClientId, String superClientSecret) throws KustvaktException {
    OAuth2Client superClient = authenticateClient(superClientId, superClientSecret);
    if (!superClient.isSuper()) {
        throw new KustvaktException(StatusCodes.CLIENT_AUTHORIZATION_FAILED, "Only super client is allowed to list user authorized clients.", OAuth2Error.UNAUTHORIZED_CLIENT);
    }
    List<OAuth2Client> userClients = clientDao.retrieveUserAuthorizedClients(username);
    userClients.addAll(clientDao.retrieveClientsByAccessTokens(username));
    List<String> clientIds = new ArrayList<>();
    List<OAuth2Client> uniqueClients = new ArrayList<>();
    for (OAuth2Client c : userClients) {
        String id = c.getId();
        if (!clientIds.contains(id)) {
            clientIds.add(id);
            uniqueClients.add(c);
        }
    }
    Collections.sort(uniqueClients);
    return createClientDtos(uniqueClients);
}
Also used : KustvaktException(de.ids_mannheim.korap.exceptions.KustvaktException) OAuth2Client(de.ids_mannheim.korap.oauth2.entity.OAuth2Client) ArrayList(java.util.ArrayList)

Example 4 with OAuth2Client

use of de.ids_mannheim.korap.oauth2.entity.OAuth2Client in project Kustvakt by KorAP.

the class AccessTokenDao method storeAccessToken.

public void storeAccessToken(String token, RefreshToken refreshToken, Set<AccessScope> scopes, String userId, String clientId, ZonedDateTime authenticationTime) throws KustvaktException {
    ParameterChecker.checkStringValue(token, "access_token");
    // ParameterChecker.checkObjectValue(refreshToken, "refresh
    // token");
    ParameterChecker.checkObjectValue(scopes, "scopes");
    // ParameterChecker.checkStringValue(userId, "username");
    ParameterChecker.checkStringValue(clientId, "client_id");
    ParameterChecker.checkObjectValue(authenticationTime, "authentication time");
    ZonedDateTime now = ZonedDateTime.now(ZoneId.of(Attributes.DEFAULT_TIME_ZONE));
    ZonedDateTime expiry;
    AccessToken accessToken = new AccessToken();
    if (refreshToken != null) {
        accessToken.setRefreshToken(refreshToken);
        expiry = now.plusSeconds(config.getAccessTokenExpiry());
    } else {
        expiry = now.plusSeconds(config.getAccessTokenLongExpiry());
    }
    OAuth2Client client = clientDao.retrieveClientById(clientId);
    accessToken.setCreatedDate(now);
    accessToken.setExpiryDate(expiry);
    accessToken.setToken(token);
    accessToken.setScopes(scopes);
    accessToken.setUserId(userId);
    accessToken.setClient(client);
    accessToken.setUserAuthenticationTime(authenticationTime);
    entityManager.persist(accessToken);
}
Also used : ZonedDateTime(java.time.ZonedDateTime) AccessToken(de.ids_mannheim.korap.oauth2.entity.AccessToken) OAuth2Client(de.ids_mannheim.korap.oauth2.entity.OAuth2Client)

Example 5 with OAuth2Client

use of de.ids_mannheim.korap.oauth2.entity.OAuth2Client in project Kustvakt by KorAP.

the class OltuTokenService method revokeAllClientTokensViaSuperClient.

public void revokeAllClientTokensViaSuperClient(String username, OAuth2RevokeAllTokenSuperRequest revokeTokenRequest) throws KustvaktException {
    String superClientId = revokeTokenRequest.getSuperClientId();
    String superClientSecret = revokeTokenRequest.getSuperClientSecret();
    OAuth2Client superClient = clientService.authenticateClient(superClientId, superClientSecret);
    if (!superClient.isSuper()) {
        throw new KustvaktException(StatusCodes.CLIENT_AUTHENTICATION_FAILED);
    }
    String clientId = revokeTokenRequest.getClientId();
    OAuth2Client client = clientService.retrieveClient(clientId);
    if (clientService.isPublicClient(client)) {
        List<AccessToken> accessTokens = tokenDao.retrieveAccessTokenByClientId(clientId, username);
        for (AccessToken t : accessTokens) {
            revokeAccessToken(t);
        }
    } else {
        List<RefreshToken> refreshTokens = refreshDao.retrieveRefreshTokenByClientId(clientId, username);
        for (RefreshToken r : refreshTokens) {
            revokeRefreshToken(r);
        }
    }
}
Also used : KustvaktException(de.ids_mannheim.korap.exceptions.KustvaktException) RefreshToken(de.ids_mannheim.korap.oauth2.entity.RefreshToken) OAuth2Client(de.ids_mannheim.korap.oauth2.entity.OAuth2Client) AccessToken(de.ids_mannheim.korap.oauth2.entity.AccessToken)

Aggregations

OAuth2Client (de.ids_mannheim.korap.oauth2.entity.OAuth2Client)29 KustvaktException (de.ids_mannheim.korap.exceptions.KustvaktException)17 ZonedDateTime (java.time.ZonedDateTime)9 RefreshToken (de.ids_mannheim.korap.oauth2.entity.RefreshToken)8 CriteriaBuilder (javax.persistence.criteria.CriteriaBuilder)8 AccessToken (de.ids_mannheim.korap.oauth2.entity.AccessToken)7 AccessScope (de.ids_mannheim.korap.oauth2.entity.AccessScope)6 Predicate (javax.persistence.criteria.Predicate)6 ArrayList (java.util.ArrayList)4 HashSet (java.util.HashSet)3 Scope (com.nimbusds.oauth2.sdk.Scope)2 OAuth2TokenDto (de.ids_mannheim.korap.oauth2.dto.OAuth2TokenDto)2 URI (java.net.URI)2 URISyntaxException (java.net.URISyntaxException)2 DateTimeFormatter (java.time.format.DateTimeFormatter)2 NoResultException (javax.persistence.NoResultException)2 ResponseType (com.nimbusds.oauth2.sdk.ResponseType)1 AccessToken (com.nimbusds.oauth2.sdk.token.AccessToken)1 BearerAccessToken (com.nimbusds.oauth2.sdk.token.BearerAccessToken)1 RefreshToken (com.nimbusds.oauth2.sdk.token.RefreshToken)1