use of edu.uiuc.ncsa.security.oauth_2_0.OA2Client in project OA4MP by ncsa.
the class ResponseSerializer method serialize.
protected void serialize(AttributeGetClientResponse response, HttpServletResponse servletResponse) throws IOException {
PrintWriter pw = servletResponse.getWriter();
JSONObject json = new JSONObject();
json.put("status", 0);
OA2ClientKeys keys = (OA2ClientKeys) cose.getClientStore().getACConverter().getKeys();
List<String> allKeys = keys.allKeys();
allKeys.remove(keys.secret());
OA2Client newClient = (OA2Client) cose.getClientStore().getACConverter().subset(response.getClient(), response.getAttributes());
JSONObject jsonClient = new JSONObject();
cose.getClientStore().getACConverter().toJSON(newClient, jsonClient);
json.put("content", jsonClient);
// return json;
pw.println(json);
}
use of edu.uiuc.ncsa.security.oauth_2_0.OA2Client in project OA4MP by ncsa.
the class AttributeServer method setClientAttribute.
protected AttributeClientResponse setClientAttribute(AttributeSetClientRequest request) {
canWrite(request);
OA2Client client = (OA2Client) getClientStore().get(request.getClient().getIdentifier());
OA2ClientConverter clientConverter = (OA2ClientConverter) getClientConverter();
ColumnMap map = new ColumnMap();
clientConverter.toMap(client, map);
for (String key : request.getAttributes().keySet()) {
// don't let anyone change the identifier.
if (!key.equals(getClientConverter().getKeys().identifier())) {
map.put(key, request.getAttributes().get(key));
}
if (key.equalsIgnoreCase(clientConverter.getCK2().secret())) {
// they are changing the secret and we want a hash of this.
String secret = DigestUtils.sha1Hex(String.valueOf(request.getAttributes().get(key)));
map.put(key, secret);
}
}
OA2Client updatedClient = getClientConverter().fromMap(map, null);
getClientStore().save(updatedClient);
AttributeClientResponse attributeClientResponse = new AttributeClientResponse(updatedClient);
return attributeClientResponse;
}
use of edu.uiuc.ncsa.security.oauth_2_0.OA2Client in project OA4MP by ncsa.
the class ClientServer method get.
public ClientResponse get(GetRequest request) {
canRead(request);
OA2Client client = (OA2Client) getClientStore().get(request.getClient().getIdentifier());
// do not return the secret or its hash
client.setSecret("");
return new GetResponse(client, cose.getClientApprovalStore().isApproved(client.getIdentifier()));
}
use of edu.uiuc.ncsa.security.oauth_2_0.OA2Client in project OA4MP by ncsa.
the class ClientServer method create.
public CreateResponse create(CreateRequest request) {
if (request.getAdminClient() != null && (request.getAdminClient().getIdentifier() == null || request.getAdminClient().getIdentifierString().length() == 0)) {
throw new GeneralException("Error: An admin client was specified, but no identifier for this client was given. Request rejected.");
}
// canCreate(request);
// requires and admin client and hashmap
ColumnMap values = new ColumnMap();
values.putAll(request.getAttributes());
// values.putAll(); // add all the values passed in
ClientKeys keys = (ClientKeys) getClientStore().getACConverter().getKeys();
OA2Client client = (OA2Client) getClientStore().create();
values.put(keys.identifier(), client.getIdentifier());
values.put(keys.creationTS(), client.getCreationTS());
String secret = null;
if (values.containsKey(keys.secret())) {
// if the secret is supplied, just store its hash
secret = (String) values.get(keys.secret());
} else {
// no secret means to create one.
byte[] bytes = new byte[cose.getClientSecretLength()];
random.nextBytes(bytes);
secret = Base64.encodeBase64URLSafeString(bytes);
}
String hash = DigestUtils.sha1Hex(secret);
values.put(keys.secret(), hash);
getClientStore().getACConverter().fromMap(values, client);
getClientStore().save(client);
// set the permissions for this.
if (request.getAdminClient() != null) {
// if there is no admin client, then do not set permissions for it. It is possible for a client to simply
// be created and manage itself.
PermissionServer permissionServer = new PermissionServer(cose);
permissionServer.process(RequestFactory.createRequest(request.getAdminClient(), new TypePermission(), new ActionAdd(), client, null));
}
// CIL-414 Make sure an approval record is created here so we can accurately track how many approvals are pending
ClientApproval approval = (ClientApproval) getClientApprovalStore().create();
approval.setApproved(false);
approval.setIdentifier(client.getIdentifier());
getClientApprovalStore().save(approval);
return new CreateResponse(client, secret);
}
use of edu.uiuc.ncsa.security.oauth_2_0.OA2Client in project OA4MP by ncsa.
the class AttributeServer method getClientAttributes.
protected AttributeClientResponse getClientAttributes(AttributeGetRequest request) {
canRead(request);
OA2Client fullclient = (OA2Client) getClientStore().get(request.getClient().getIdentifier());
AttributeGetClientResponse response = new AttributeGetClientResponse(subset(fullclient, request.attributes), request.attributes);
return response;
}
Aggregations