use of edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2SE in project OA4MP by ncsa.
the class OA2ConfigurationLoader method createInstance.
@Override
public T createInstance() {
try {
initialize();
T se = (T) new OA2SE(loggerProvider.get(), getTransactionStoreProvider(), getClientStoreProvider(), getMaxAllowedNewClientRequests(), getRTLifetime(), getClientApprovalStoreProvider(), getMyProxyFacadeProvider(), getMailUtilProvider(), getMP(), getAGIProvider(), getATIProvider(), getPAIProvider(), getTokenForgeProvider(), getConstants(), getAuthorizationServletConfig(), getUsernameTransformer(), getPingable(), getMpp(), getMacp(), getClientSecretLength(), getScopes(), getClaimSource(), getLdapConfiguration(), isRefreshTokenEnabled(), isTwoFactorSupportEnabled(), getMaxClientRefreshTokenLifetime(), getJSONWebKeys(), getIssuer(), getMLDAP(), isUtilServerEnabled());
if (getClaimSource() instanceof BasicClaimsSourceImpl) {
((BasicClaimsSourceImpl) getClaimSource()).setOa2SE((OA2SE) se);
}
return se;
} catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
throw new GeneralException("Error: Could not create the runtime environment", e);
}
}
use of edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2SE in project OA4MP by ncsa.
the class COInitializer method init.
@Override
public void init() throws ServletException {
if (isInitRun)
return;
super.init();
OA2SE cose = (OA2SE) getEnvironment();
try {
SATFactory.setAdminClientConverter(AdminClientStoreProviders.getAdminClientConverter());
SATFactory.setClientConverter((ClientConverter<? extends Client>) cose.getClientStore().getACConverter());
} catch (Exception e) {
e.printStackTrace();
}
}
use of edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2SE in project OA4MP by ncsa.
the class OA2ATServlet method doAT.
protected IssuerTransactionState doAT(HttpServletRequest request, HttpServletResponse response, OA2Client client) throws Throwable {
verifyClientSecret(client, getClientSecret(request));
IssuerTransactionState state = doDelegation(client, request, response);
ATIResponse2 atResponse = (ATIResponse2) state.getIssuerResponse();
atResponse.setSignToken(client.isSignTokens());
DebugUtil.dbg(this, "set token signing flag =" + atResponse.isSignToken());
OA2ServiceTransaction st2 = (OA2ServiceTransaction) state.getTransaction();
if (!client.isRTLifetimeEnabled() && ((OA2SE) getServiceEnvironment()).isRefreshTokenEnabled()) {
// Since this bit of information could be extremely useful if a service decides
// eto start issuing refresh tokens after
// clients have been registered, it should be logged.
info("Refresh tokens are disabled for client " + client.getIdentifierString() + ", but enabled on the server. No refresh token will be madeg.");
}
if (client.isRTLifetimeEnabled() && ((OA2SE) getServiceEnvironment()).isRefreshTokenEnabled()) {
RefreshToken rt = atResponse.getRefreshToken();
st2.setRefreshToken(rt);
// First pass through the system should have the system default as the refresh token lifetime.
st2.setRefreshTokenLifetime(((OA2SE) getServiceEnvironment()).getRefreshTokenLifetime());
rt.setExpiresIn(computeRefreshLifetime(st2));
st2.setRefreshTokenValid(true);
} else {
// Do not return a refresh token.
atResponse.setRefreshToken(null);
}
getTransactionStore().save(st2);
return state;
}
use of edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2SE in project OA4MP by ncsa.
the class OA2AuthorizationServer method setupMPConnection.
@Override
protected void setupMPConnection(ServiceTransaction trans, String username, String password) throws GeneralSecurityException {
if (((OA2SE) getServiceEnvironment()).isTwoFactorSupportEnabled()) {
// Stash username and password in an bogus MyProxy logon instance.
MyMyProxyLogon myProxyLogon = new MyMyProxyLogon();
myProxyLogon.setUsername(username);
myProxyLogon.setPassphrase(password);
MyProxyConnectable mpc = new MPSingleConnectionProvider.MyProxyLogonConnection(myProxyLogon);
mpc.setIdentifier(trans.getIdentifier());
getMyproxyConnectionCache().add(mpc);
} else {
createMPConnection(trans.getIdentifier(), username, password, trans.getLifetime());
if (hasMPConnection(trans.getIdentifier())) {
getMPConnection(trans.getIdentifier()).close();
}
}
}
use of edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2SE in project OA4MP by ncsa.
the class OA2DiscoveryServlet method setValues.
@Override
protected JSONObject setValues(HttpServletRequest request, JSONObject jsonObject) {
OA2SE oa2SE = (OA2SE) getServiceEnvironment();
String requestURI = getRequestURI(request);
if (requestURI.endsWith("/")) {
// shave off trailing slash
requestURI = requestURI.substring(0, requestURI.length() - 1);
}
JSONObject json = super.setValues(request, jsonObject);
json.put("jwks_uri", requestURI + "/certs");
json.put(ISSUER, getIssuer(request));
json.put(TOKEN_ENDPOINT, requestURI + "/token");
json.put(USERINFO_ENDPOINT, requestURI + "/userinfo");
json.put("token_endpoint_auth_methods_supported", null);
JSONArray tokenEndpointAuthSupported = new JSONArray();
tokenEndpointAuthSupported.add("client_secret_post");
json.put("token_endpoint_auth_methods_supported", tokenEndpointAuthSupported);
JSONArray subjectTypes = new JSONArray();
subjectTypes.add("public");
json.put("subject_types_supported", subjectTypes);
JSONArray scopes = new JSONArray();
Collection<String> serverScopes = oa2SE.getScopes();
for (String s : serverScopes) {
scopes.add(s);
}
json.put("scopes_supported", scopes);
JSONArray responseTypes = new JSONArray();
responseTypes.add("code");
responseTypes.add("token");
responseTypes.add("id_token");
json.put("response_types_supported", responseTypes);
JSONArray claimsSupported = new JSONArray();
if (oa2SE.getClaimSource() != null) {
claimsSupported.addAll(oa2SE.getClaimSource().getClaims());
json.put("claims_supported", claimsSupported);
}
JSONArray signingAlgs = new JSONArray();
signingAlgs.add("RS256");
signingAlgs.add("RS384");
signingAlgs.add("RS512");
json.put("id_token_signing_alg_values_supported", signingAlgs);
return json;
}
Aggregations