Examples with RefreshToken edu.uiuc.ncsa.security.delegation.token.RefreshToken used on opensource projects

Search in sources :

Example 1 with RefreshToken

use of edu.uiuc.ncsa.security.delegation.token.RefreshToken in project OA4MP by ncsa.

the class Client2AssetStoreTest method storeTest.

@Override
public Asset storeTest(AssetStore store) throws Exception {
    OA2Asset asset = (OA2Asset) super.storeTest(store);
    AccessToken at = new AccessTokenImpl(URI.create("oa4mp:accessToken:/" + ClientTestStoreUtil.getRandomString()));
    RefreshToken rt = new OA2RefreshTokenImpl(URI.create("oa4mp:refreshToken:/" + ClientTestStoreUtil.getRandomString()));
    rt.setExpiresIn(1000000L);
    asset.setAccessToken(at);
    asset.setRefreshToken(rt);
    store.save(asset);
    OA2Asset OA2Asset = (OA2Asset) store.get(asset.getIdentifier());
    assert asset.getAccessToken().equals(OA2Asset.getAccessToken()) : "Failed to match access tokens. " + "Expected \"" + asset.getAccessToken() + "\" and got \"" + OA2Asset.getAccessToken() + "\"";
    RefreshToken rt2 = OA2Asset.getRefreshToken();
    assert rt.getToken().equals(rt2.getToken()) : "Failed to match refresh tokens. " + "Expected \"" + rt.getToken() + "\" and got \"" + rt2.getToken() + "\"";
    assert rt.getExpiresIn() == rt2.getExpiresIn() : "Failed to match refresh lifetime. " + "Expected \"" + rt.getExpiresIn() + "\" and got \"" + rt2.getExpiresIn() + "\"";
    return asset;
}
Also used : RefreshToken(edu.uiuc.ncsa.security.delegation.token.RefreshToken) AccessToken(edu.uiuc.ncsa.security.delegation.token.AccessToken) AccessTokenImpl(edu.uiuc.ncsa.security.delegation.token.impl.AccessTokenImpl) OA2RefreshTokenImpl(edu.uiuc.ncsa.security.oauth_2_0.OA2RefreshTokenImpl)

Example 2 with RefreshToken

use of edu.uiuc.ncsa.security.delegation.token.RefreshToken in project OA4MP by ncsa.

the class AssetRetentionPolicy method retain.

@Override
public boolean retain(Object key, Object value) {
    Identifier identifier = (Identifier) key;
    OA2Asset oa2Asset = (OA2Asset) value;
    RefreshToken rt = oa2Asset.getRefreshToken();
    if (rt == null || rt.getToken() == null) {
        return true;
    }
    // Now we have to check against the timestamp on the original and the expires in flag.
    Date creationTS = DateUtils.getDate(oa2Asset.getRefreshToken().getToken());
    if (creationTS.getTime() + oa2Asset.getRefreshToken().getExpiresIn() <= System.currentTimeMillis()) {
        return true;
    }
    return false;
}
Also used : Identifier(edu.uiuc.ncsa.security.core.Identifier) RefreshToken(edu.uiuc.ncsa.security.delegation.token.RefreshToken) Date(java.util.Date)

Example 3 with RefreshToken

use of edu.uiuc.ncsa.security.delegation.token.RefreshToken in project OA4MP by ncsa.

the class OA2ATServlet method doAT.

protected IssuerTransactionState doAT(HttpServletRequest request, HttpServletResponse response, OA2Client client) throws Throwable {
    verifyClientSecret(client, getClientSecret(request));
    IssuerTransactionState state = doDelegation(client, request, response);
    ATIResponse2 atResponse = (ATIResponse2) state.getIssuerResponse();
    atResponse.setSignToken(client.isSignTokens());
    DebugUtil.dbg(this, "set token signing flag =" + atResponse.isSignToken());
    OA2ServiceTransaction st2 = (OA2ServiceTransaction) state.getTransaction();
    if (!client.isRTLifetimeEnabled() && ((OA2SE) getServiceEnvironment()).isRefreshTokenEnabled()) {
        // Since this bit of information could be extremely useful if a service decides
        // eto start issuing refresh tokens after
        // clients have been registered, it should be logged.
        info("Refresh tokens are disabled for client " + client.getIdentifierString() + ", but enabled on the server. No refresh token will be madeg.");
    }
    if (client.isRTLifetimeEnabled() && ((OA2SE) getServiceEnvironment()).isRefreshTokenEnabled()) {
        RefreshToken rt = atResponse.getRefreshToken();
        st2.setRefreshToken(rt);
        // First pass through the system should have the system default as the refresh token lifetime.
        st2.setRefreshTokenLifetime(((OA2SE) getServiceEnvironment()).getRefreshTokenLifetime());
        rt.setExpiresIn(computeRefreshLifetime(st2));
        st2.setRefreshTokenValid(true);
    } else {
        // Do not return a refresh token.
        atResponse.setRefreshToken(null);
    }
    getTransactionStore().save(st2);
    return state;
}
Also used : IssuerTransactionState(edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.IssuerTransactionState) RefreshToken(edu.uiuc.ncsa.security.delegation.token.RefreshToken) OA2ServiceTransaction(edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2ServiceTransaction)

Example 4 with RefreshToken

use of edu.uiuc.ncsa.security.delegation.token.RefreshToken in project OA4MP by ncsa.

the class RefreshTokenStoreTest method testRT.

public void testRT(TransactionStore tStore) throws Exception {
    if (!(tStore instanceof RefreshTokenStore)) {
        // fail here if can't cast
        throw new IllegalStateException("Error: The store " + tStore.getClass().getSimpleName() + " is not of a type RefreshTokenStore");
    }
    RefreshTokenStore rts = (RefreshTokenStore) tStore;
    OA2ServiceTransaction st2 = (OA2ServiceTransaction) tStore.create();
    OA2TokenForge tf2 = new OA2TokenForge("http://localhost/test/");
    RefreshToken rt = tf2.getRefreshToken();
    st2.setRefreshToken(rt);
    // the auth grant is used to retrieve this later and should in this case just be set to the identifier.
    AuthorizationGrant ag = tf2.getAuthorizationGrant(st2.getIdentifierString());
    st2.setAuthorizationGrant(ag);
    st2.setRefreshTokenLifetime(EXPIRES_IN);
    tStore.save(st2);
    OA2ServiceTransaction testST = rts.get(rt);
    assert testST.equals(st2) : "Error: created transaction is not fetched faithfully from the store";
    // get another one and retry since we have to be able to show the store can handle updating the refresh token
    rt = tf2.getRefreshToken();
    st2.setRefreshToken(rt);
    st2.setRefreshTokenValid(false);
    tStore.save(st2);
    assert rts.get(rt).equals(st2) : "Error: updating refresh token fails.";
}
Also used : RefreshTokenStore(edu.uiuc.ncsa.myproxy.oa4mp.oauth2.storage.RefreshTokenStore) RefreshToken(edu.uiuc.ncsa.security.delegation.token.RefreshToken) OA2ServiceTransaction(edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2ServiceTransaction) AuthorizationGrant(edu.uiuc.ncsa.security.delegation.token.AuthorizationGrant) OA2TokenForge(edu.uiuc.ncsa.security.oauth_2_0.OA2TokenForge)

Example 5 with RefreshToken

use of edu.uiuc.ncsa.security.delegation.token.RefreshToken in project OA4MP by ncsa.

the class RefreshTokenRetentionPolicy method retain.

@Override
public boolean retain(Object key, Object value) {
    OA2ServiceTransaction st2 = (OA2ServiceTransaction) value;
    RefreshToken rt = st2.getRefreshToken();
    long timeout = st2.getRefreshTokenLifetime();
    if (rt == null || rt.getToken() == null) {
        // fall back to looking at the access token timestamp. Failing that, fall back to the creation time from
        // the identifier.
        String token;
        token = (st2.getAccessToken() == null ? st2.getIdentifierString() : st2.getAccessToken().getToken());
        try {
            DateUtils.checkTimestamp(token);
        } catch (InvalidTimestampException its) {
            return false;
        }
        return true;
    }
    try {
        if (timeout <= 0) {
            // use default????
            DateUtils.checkTimestamp(rt.getToken());
        } else {
            DateUtils.checkTimestamp(rt.getToken(), timeout);
        }
        return true;
    } catch (InvalidTimestampException its) {
        return false;
    }
}
Also used : RefreshToken(edu.uiuc.ncsa.security.delegation.token.RefreshToken) OA2ServiceTransaction(edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2ServiceTransaction) InvalidTimestampException(edu.uiuc.ncsa.security.core.exceptions.InvalidTimestampException)

Aggregations

RefreshToken (edu.uiuc.ncsa.security.delegation.token.RefreshToken)8 OA2ServiceTransaction (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2ServiceTransaction)4 IssuerTransactionState (edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.IssuerTransactionState)2 AccessToken (edu.uiuc.ncsa.security.delegation.token.AccessToken)2 AccessTokenImpl (edu.uiuc.ncsa.security.delegation.token.impl.AccessTokenImpl)2 OA2RefreshTokenImpl (edu.uiuc.ncsa.security.oauth_2_0.OA2RefreshTokenImpl)2 OA2SE (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2SE)1 FlowStates (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.flows.FlowStates)1 RefreshTokenStore (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.storage.RefreshTokenStore)1 Identifier (edu.uiuc.ncsa.security.core.Identifier)1 InvalidTimestampException (edu.uiuc.ncsa.security.core.exceptions.InvalidTimestampException)1 AuthorizationGrant (edu.uiuc.ncsa.security.delegation.token.AuthorizationGrant)1 OA2TokenForge (edu.uiuc.ncsa.security.oauth_2_0.OA2TokenForge)1 MyPKCS10CertRequest (edu.uiuc.ncsa.security.util.pkcs.MyPKCS10CertRequest)1 ArrayList (java.util.ArrayList)1 Collection (java.util.Collection)1 Date (java.util.Date)1 JSONArray (net.sf.json.JSONArray)1 JSONObject (net.sf.json.JSONObject)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial