Examples with Verifier edu.uiuc.ncsa.security.delegation.token.Verifier used on opensource projects

Example 1 with Verifier

use of edu.uiuc.ncsa.security.delegation.token.Verifier in project OA4MP by ncsa.

the class AbstractAccessTokenServlet method doDelegation.

protected IssuerTransactionState doDelegation(Client client, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable, ServletException {
    printAllParameters(httpServletRequest);
    info("5.a. Starting access token exchange");
    Verifier v = getServiceEnvironment().getTokenForge().getVerifier(httpServletRequest);
    AuthorizationGrant ag = getServiceEnvironment().getTokenForge().getAuthorizationGrant(httpServletRequest);
    ATRequest atRequest = new ATRequest(httpServletRequest, client);
    atRequest.setVerifier(v);
    atRequest.setAuthorizationGrant(ag);
    // FIXME!! make this configurable??
    atRequest.setExpiresIn(DateUtils.MAX_TIMEOUT);
    ATResponse atResp = (ATResponse) getATI().process(atRequest);
    ServiceTransaction transaction = verifyAndGet(atResp);
    String cc = "client=" + transaction.getClient();
    info("5.a. got access token " + cc);
    preprocess(new TransactionState(httpServletRequest, httpServletResponse, atResp.getParameters(), transaction));
    debug("5.a. access token = " + atResp.getAccessToken() + " for verifier = " + v);
    transaction.setAuthGrantValid(false);
    transaction.setAccessToken(atResp.getAccessToken());
    transaction.setAccessTokenValid(true);
    try {
        getTransactionStore().save(transaction);
        info("5.a. updated transaction state for " + cc + ", sending response to client");
    } catch (GeneralException e) {
        throw new ServletException("Error saving transaction", e);
    }
    // atResp.write(httpServletResponse);
    info("5.b. done with access token exchange with " + cc);
    IssuerTransactionState transactionState = new IssuerTransactionState(httpServletRequest, httpServletResponse, atResp.getParameters(), transaction, atResp);
    postprocess(transactionState);
    return transactionState;
}

Example 2 with Verifier

use of edu.uiuc.ncsa.security.delegation.token.Verifier in project OA4MP by ncsa.

the class AbstractOA4MPService method getCert.

/**
 * Performs the {@link #getCert(String, String)} call then updates the asset associated with
 * the given identifier. This throws an exception is there is no asset or if the asset store
 * is not enabled.
 *
 * @param tempToken
 * @param verifier
 * @param identifier
 * @return
 */
public AssetResponse getCert(String tempToken, String verifier, Identifier identifier) {
    Asset asset = null;
    Identifier realId = null;
    if (identifier == null) {
        // failsafe. Should only happen if user never specifies an identifier
        realId = makeb64Uri(tempToken);
    } else {
        // most common use case by far.
        realId = identifier;
    }
    if (realId == null) {
        throw new IllegalArgumentException("Error: no identifier found for this transaction. Cannot retrieve asset.");
    }
    asset = getAssetStore().get(realId);
    if (asset == null && tempToken != null) {
        asset = getAssetStore().getByToken(BasicIdentifier.newID(tempToken));
    }
    if (asset == null) {
        // If the asset is still null nothing is found, so demunge any identifier and throw an exception.
        String currentID = tempToken == null ? realId.toString() : tempToken;
        throw new IllegalArgumentException("Error:No asset with the given identifier \"" + currentID + "\" found. " + "You might need to clear your cookies and retry the entire request.");
    }
    AuthorizationGrant ag = getEnvironment().getTokenForge().getAuthorizationGrant(tempToken);
    Verifier v = null;
    if (verifier != null) {
        v = getEnvironment().getTokenForge().getVerifier(verifier);
    }
    return getCert(asset, ag, v);
}

Example 3 with Verifier

use of edu.uiuc.ncsa.security.delegation.token.Verifier in project OA4MP by ncsa.

the class AccessTokenServlet method verifyAndGet.

@Override
public ServiceTransaction verifyAndGet(IssuerResponse iResponse) throws IOException {
    ATResponse atResponse = (ATResponse) iResponse;
    Verifier verifier = atResponse.getVerifier();
    debug("5.a. verifier = " + atResponse.getVerifier());
    checkTimestamp(verifier.getToken());
    ServiceTransaction transaction = (ServiceTransaction) getTransactionStore().get(verifier);
    if (transaction == null) {
        throw new TransactionNotFoundException("No transaction found for verifier " + verifier);
    }
    checkClientApproval(transaction.getClient());
    String cc = "client=" + transaction.getClient().getIdentifierString();
    info("5.a. " + cc);
    debug("5.a. grant valid=" + transaction.isAuthGrantValid() + ", at valid=" + transaction.isAccessTokenValid());
    if (!transaction.isAuthGrantValid() || transaction.isAccessTokenValid()) {
        String msg = "Error: the state of the transaction is invalid for auth grant " + transaction.getAuthorizationGrant();
        warn(msg);
        throw new GeneralException(msg);
    }
    return transaction;
}