use of edu.uiuc.ncsa.security.delegation.token.AccessToken in project OA4MP by ncsa.
the class AbstractCertServlet method doDelegation.
protected void doDelegation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
info("6.a. Starting to process cert request");
PARequest paRequest = new PARequest(httpServletRequest, getClient(httpServletRequest));
String cc = "client = " + paRequest.getClient().getIdentifier();
paRequest.setAccessToken(getServiceEnvironment().getTokenForge().getAccessToken(httpServletRequest));
PAResponse paResponse = (PAResponse) getPAI().process(paRequest);
AccessToken accessToken = paResponse.getAccessToken();
debug("6.a. " + cc);
ServiceTransaction t = verifyAndGet(paResponse);
info("6.a. Processing request for transaction " + t.getIdentifier());
t.setAccessTokenValid(false);
preprocess(new TransactionState(httpServletRequest, httpServletResponse, paResponse.getParameters(), t));
debug("6.a. protected asset:" + (t.getProtectedAsset() == null ? "(null)" : "ok") + ", " + cc);
HashMap<String, String> username = new HashMap<String, String>();
username.put("username", t.getUsername());
username.putAll(paResponse.getParameters());
paResponse.setAdditionalInformation(username);
paResponse.setProtectedAsset(t.getProtectedAsset());
debug("6.a. Added username \"" + t.getUsername() + "\" & cert for request from " + cc);
getTransactionStore().save(t);
info("6.b. Done with cert request " + cc);
paResponse.write(httpServletResponse);
info("6.b. Completed transaction " + t.getIdentifierString() + ", " + cc);
postprocess(new TransactionState(httpServletRequest, httpServletResponse, paResponse.getParameters(), t));
}
use of edu.uiuc.ncsa.security.delegation.token.AccessToken in project OA4MP by ncsa.
the class Client2AssetStoreTest method storeTest.
@Override
public Asset storeTest(AssetStore store) throws Exception {
OA2Asset asset = (OA2Asset) super.storeTest(store);
AccessToken at = new AccessTokenImpl(URI.create("oa4mp:accessToken:/" + ClientTestStoreUtil.getRandomString()));
RefreshToken rt = new OA2RefreshTokenImpl(URI.create("oa4mp:refreshToken:/" + ClientTestStoreUtil.getRandomString()));
rt.setExpiresIn(1000000L);
asset.setAccessToken(at);
asset.setRefreshToken(rt);
store.save(asset);
OA2Asset OA2Asset = (OA2Asset) store.get(asset.getIdentifier());
assert asset.getAccessToken().equals(OA2Asset.getAccessToken()) : "Failed to match access tokens. " + "Expected \"" + asset.getAccessToken() + "\" and got \"" + OA2Asset.getAccessToken() + "\"";
RefreshToken rt2 = OA2Asset.getRefreshToken();
assert rt.getToken().equals(rt2.getToken()) : "Failed to match refresh tokens. " + "Expected \"" + rt.getToken() + "\" and got \"" + rt2.getToken() + "\"";
assert rt.getExpiresIn() == rt2.getExpiresIn() : "Failed to match refresh lifetime. " + "Expected \"" + rt.getExpiresIn() + "\" and got \"" + rt2.getExpiresIn() + "\"";
return asset;
}
use of edu.uiuc.ncsa.security.delegation.token.AccessToken in project OA4MP by ncsa.
the class ACS2Impl method verifyAndGet.
public ServiceTransaction verifyAndGet(IssuerResponse iResponse) throws IOException {
PAResponse par = (PAResponse) iResponse;
AccessToken accessToken = par.getAccessToken();
ServiceTransaction t = (ServiceTransaction) getTransactionStore().get(accessToken);
if (t == null) {
throw new GeneralException("Error: no transaction found for access token \"" + accessToken + "\"");
}
if (!t.isAccessTokenValid()) {
throw new GeneralException("Error: invalid access token. Request refused");
}
checkClientApproval(t.getClient());
checkTimestamp(accessToken.getToken());
return t;
}
use of edu.uiuc.ncsa.security.delegation.token.AccessToken in project OA4MP by ncsa.
the class OA2CertServlet method getAccessToken.
@Override
protected AccessToken getAccessToken(HttpServletRequest request) {
try {
return getServiceEnvironment().getTokenForge().getAccessToken(request);
} catch (Throwable t) {
// this just means that the access token was not sent as a parameter. It
// might have been sent as a bearer token.
}
List<String> bearerTokens = HeaderUtils.getAuthHeader(request, "Bearer");
if (bearerTokens.isEmpty()) {
throw new GeneralException("Error: no access token");
}
if (1 < bearerTokens.size()) {
throw new GeneralException("Error: too many access tokens");
}
AccessToken at = getServiceEnvironment().getTokenForge().getAccessToken(bearerTokens.get(0));
return at;
}
use of edu.uiuc.ncsa.security.delegation.token.AccessToken in project OA4MP by ncsa.
the class CertServlet method verifyAndGet.
public ServiceTransaction verifyAndGet(IssuerResponse iResponse) throws IOException {
PAResponse par = (PAResponse) iResponse;
AccessToken accessToken = par.getAccessToken();
ServiceTransaction t = (ServiceTransaction) getTransactionStore().get(accessToken);
if (t == null) {
throw new GeneralException("Error: no transaction found for access token \"" + accessToken + "\"");
}
if (!t.isAccessTokenValid()) {
throw new GeneralException("Error: invalid access token. Request refused");
}
checkClientApproval(t.getClient());
checkTimestamp(accessToken.getToken());
return t;
}
Aggregations