use of edu.uiuc.ncsa.security.delegation.server.request.ATRequest in project OA4MP by ncsa.
the class AbstractAccessTokenServlet method doDelegation.
protected IssuerTransactionState doDelegation(Client client, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable, ServletException {
printAllParameters(httpServletRequest);
info("5.a. Starting access token exchange");
Verifier v = getServiceEnvironment().getTokenForge().getVerifier(httpServletRequest);
AuthorizationGrant ag = getServiceEnvironment().getTokenForge().getAuthorizationGrant(httpServletRequest);
ATRequest atRequest = new ATRequest(httpServletRequest, client);
atRequest.setVerifier(v);
atRequest.setAuthorizationGrant(ag);
// FIXME!! make this configurable??
atRequest.setExpiresIn(DateUtils.MAX_TIMEOUT);
ATResponse atResp = (ATResponse) getATI().process(atRequest);
ServiceTransaction transaction = verifyAndGet(atResp);
String cc = "client=" + transaction.getClient();
info("5.a. got access token " + cc);
preprocess(new TransactionState(httpServletRequest, httpServletResponse, atResp.getParameters(), transaction));
debug("5.a. access token = " + atResp.getAccessToken() + " for verifier = " + v);
transaction.setAuthGrantValid(false);
transaction.setAccessToken(atResp.getAccessToken());
transaction.setAccessTokenValid(true);
try {
getTransactionStore().save(transaction);
info("5.a. updated transaction state for " + cc + ", sending response to client");
} catch (GeneralException e) {
throw new ServletException("Error saving transaction", e);
}
// atResp.write(httpServletResponse);
info("5.b. done with access token exchange with " + cc);
IssuerTransactionState transactionState = new IssuerTransactionState(httpServletRequest, httpServletResponse, atResp.getParameters(), transaction, atResp);
postprocess(transactionState);
return transactionState;
}
Aggregations