Examples with InvalidTimestampException edu.uiuc.ncsa.security.core.exceptions.InvalidTimestampException used on opensource projects

Example 1 with InvalidTimestampException

use of edu.uiuc.ncsa.security.core.exceptions.InvalidTimestampException in project OA4MP by ncsa.

the class RefreshTokenRetentionPolicy method retain.

@Override
public boolean retain(Object key, Object value) {
    OA2ServiceTransaction st2 = (OA2ServiceTransaction) value;
    RefreshToken rt = st2.getRefreshToken();
    long timeout = st2.getRefreshTokenLifetime();
    if (rt == null || rt.getToken() == null) {
        // fall back to looking at the access token timestamp. Failing that, fall back to the creation time from
        // the identifier.
        String token;
        token = (st2.getAccessToken() == null ? st2.getIdentifierString() : st2.getAccessToken().getToken());
        try {
            DateUtils.checkTimestamp(token);
        } catch (InvalidTimestampException its) {
            return false;
        }
        return true;
    }
    try {
        if (timeout <= 0) {
            // use default????
            DateUtils.checkTimestamp(rt.getToken());
        } else {
            DateUtils.checkTimestamp(rt.getToken(), timeout);
        }
        return true;
    } catch (InvalidTimestampException its) {
        return false;
    }
}

Example 2 with InvalidTimestampException

use of edu.uiuc.ncsa.security.core.exceptions.InvalidTimestampException in project OA4MP by ncsa.

the class UserInfoServlet method doIt.

@Override
protected void doIt(HttpServletRequest request, HttpServletResponse response) throws Throwable {
    // The access token is sent in the authorization header and should look like
    // Bearer oa4mp:...
    AccessToken at = getAT(request);
    ServiceTransaction transaction = (ServiceTransaction) getTransactionStore().get(at);
    if (((OA2Client) transaction.getClient()).isPublicClient()) {
        throw new OA2GeneralError(OA2Errors.INVALID_REQUEST, "public client not authorized to access user information", HttpStatus.SC_UNAUTHORIZED);
    }
    if (transaction == null) {
        throw new OA2GeneralError(OA2Errors.INVALID_REQUEST, "no transaction for the access token was found.", HttpStatus.SC_BAD_REQUEST);
    }
    if (!transaction.isAccessTokenValid()) {
        throw new OA2GeneralError(OA2Errors.INVALID_REQUEST, "invalid access token.", HttpStatus.SC_BAD_REQUEST);
    }
    try {
        checkTimestamp(at.getToken());
    } catch (InvalidTimestampException itx) {
        throw new OA2GeneralError(OA2Errors.INVALID_REQUEST, "token expired.", HttpStatus.SC_BAD_REQUEST);
    }
    OA2SE oa2SE = (OA2SE) getServiceEnvironment();
    UII2 uis = new UII2(oa2SE.getTokenForge(), getServiceEnvironment().getServiceAddress());
    UIIRequest2 uireq = new UIIRequest2(request, at);
    uireq.setUsername(getUsername(transaction));
    // Now we figure out which scope handler to use.
    UIIResponse2 uiresp = (UIIResponse2) uis.process(uireq);
    LinkedList<ClaimSource> claimSources = OA2ATServlet.setupScopeHandlers((OA2ServiceTransaction) transaction, oa2SE);
    DebugUtil.dbg(this, "Invoking scope handler");
    if (claimSources == null || claimSources.isEmpty()) {
        DebugUtil.dbg(this, " ***** NO SCOPE HANDLERS ");
    }
    for (ClaimSource claimSource : claimSources) {
        DebugUtil.dbg(this, " scope handler=" + claimSource.getClass().getSimpleName());
        claimSource.process(uiresp.getUserInfo(), transaction);
    }
    uiresp.write(response);
}