Search in sources :

Example 11 with OA2Client

use of edu.uiuc.ncsa.security.oauth_2_0.OA2Client in project OA4MP by ncsa.

the class ResponseSerializer method serialize.

protected void serialize(AttributeGetClientResponse response, HttpServletResponse servletResponse) throws IOException {
    PrintWriter pw = servletResponse.getWriter();
    JSONObject json = new JSONObject();
    json.put("status", 0);
    OA2ClientKeys keys = (OA2ClientKeys) cose.getClientStore().getACConverter().getKeys();
    List<String> allKeys = keys.allKeys();
    allKeys.remove(keys.secret());
    OA2Client newClient = (OA2Client) cose.getClientStore().getACConverter().subset(response.getClient(), response.getAttributes());
    JSONObject jsonClient = new JSONObject();
    cose.getClientStore().getACConverter().toJSON(newClient, jsonClient);
    json.put("content", jsonClient);
    // return json;
    pw.println(json);
}
Also used : OA2Client(edu.uiuc.ncsa.security.oauth_2_0.OA2Client) JSONObject(net.sf.json.JSONObject) OA2ClientKeys(edu.uiuc.ncsa.security.oauth_2_0.OA2ClientKeys) PrintWriter(java.io.PrintWriter)

Example 12 with OA2Client

use of edu.uiuc.ncsa.security.oauth_2_0.OA2Client in project OA4MP by ncsa.

the class AttributeServer method setClientAttribute.

protected AttributeClientResponse setClientAttribute(AttributeSetClientRequest request) {
    canWrite(request);
    OA2Client client = (OA2Client) getClientStore().get(request.getClient().getIdentifier());
    OA2ClientConverter clientConverter = (OA2ClientConverter) getClientConverter();
    ColumnMap map = new ColumnMap();
    clientConverter.toMap(client, map);
    for (String key : request.getAttributes().keySet()) {
        // don't let anyone change the identifier.
        if (!key.equals(getClientConverter().getKeys().identifier())) {
            map.put(key, request.getAttributes().get(key));
        }
        if (key.equalsIgnoreCase(clientConverter.getCK2().secret())) {
            // they are changing the secret and we want a hash of this.
            String secret = DigestUtils.sha1Hex(String.valueOf(request.getAttributes().get(key)));
            map.put(key, secret);
        }
    }
    OA2Client updatedClient = getClientConverter().fromMap(map, null);
    getClientStore().save(updatedClient);
    AttributeClientResponse attributeClientResponse = new AttributeClientResponse(updatedClient);
    return attributeClientResponse;
}
Also used : ColumnMap(edu.uiuc.ncsa.security.storage.sql.internals.ColumnMap) OA2Client(edu.uiuc.ncsa.security.oauth_2_0.OA2Client) OA2ClientConverter(edu.uiuc.ncsa.security.oauth_2_0.OA2ClientConverter)

Example 13 with OA2Client

use of edu.uiuc.ncsa.security.oauth_2_0.OA2Client in project OA4MP by ncsa.

the class ClientServer method get.

public ClientResponse get(GetRequest request) {
    canRead(request);
    OA2Client client = (OA2Client) getClientStore().get(request.getClient().getIdentifier());
    // do not return the secret or its hash
    client.setSecret("");
    return new GetResponse(client, cose.getClientApprovalStore().isApproved(client.getIdentifier()));
}
Also used : OA2Client(edu.uiuc.ncsa.security.oauth_2_0.OA2Client)

Example 14 with OA2Client

use of edu.uiuc.ncsa.security.oauth_2_0.OA2Client in project OA4MP by ncsa.

the class ClientServer method create.

public CreateResponse create(CreateRequest request) {
    if (request.getAdminClient() != null && (request.getAdminClient().getIdentifier() == null || request.getAdminClient().getIdentifierString().length() == 0)) {
        throw new GeneralException("Error: An admin client was specified, but no identifier for this client was given. Request rejected.");
    }
    // canCreate(request);
    // requires and admin client and hashmap
    ColumnMap values = new ColumnMap();
    values.putAll(request.getAttributes());
    // values.putAll(); // add all the values passed in
    ClientKeys keys = (ClientKeys) getClientStore().getACConverter().getKeys();
    OA2Client client = (OA2Client) getClientStore().create();
    values.put(keys.identifier(), client.getIdentifier());
    values.put(keys.creationTS(), client.getCreationTS());
    String secret = null;
    if (values.containsKey(keys.secret())) {
        // if the secret is supplied, just store its hash
        secret = (String) values.get(keys.secret());
    } else {
        // no secret means to create one.
        byte[] bytes = new byte[cose.getClientSecretLength()];
        random.nextBytes(bytes);
        secret = Base64.encodeBase64URLSafeString(bytes);
    }
    String hash = DigestUtils.sha1Hex(secret);
    values.put(keys.secret(), hash);
    getClientStore().getACConverter().fromMap(values, client);
    getClientStore().save(client);
    // set the permissions for this.
    if (request.getAdminClient() != null) {
        // if there is no admin client, then do not set permissions for it. It is possible for a client to simply
        // be created and manage itself.
        PermissionServer permissionServer = new PermissionServer(cose);
        permissionServer.process(RequestFactory.createRequest(request.getAdminClient(), new TypePermission(), new ActionAdd(), client, null));
    }
    // CIL-414 Make sure an approval record is created here so we can accurately track how many approvals are pending
    ClientApproval approval = (ClientApproval) getClientApprovalStore().create();
    approval.setApproved(false);
    approval.setIdentifier(client.getIdentifier());
    getClientApprovalStore().save(approval);
    return new CreateResponse(client, secret);
}
Also used : ColumnMap(edu.uiuc.ncsa.security.storage.sql.internals.ColumnMap) OA2Client(edu.uiuc.ncsa.security.oauth_2_0.OA2Client) PermissionServer(edu.uiuc.ncsa.myproxy.oa4mp.oauth2.cm.util.permissions.PermissionServer) GeneralException(edu.uiuc.ncsa.security.core.exceptions.GeneralException) ClientApproval(edu.uiuc.ncsa.security.delegation.server.storage.ClientApproval) TypePermission(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypePermission) ActionAdd(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.actions.ActionAdd) ClientKeys(edu.uiuc.ncsa.security.delegation.storage.ClientKeys)

Example 15 with OA2Client

use of edu.uiuc.ncsa.security.oauth_2_0.OA2Client in project OA4MP by ncsa.

the class AttributeServer method getClientAttributes.

protected AttributeClientResponse getClientAttributes(AttributeGetRequest request) {
    canRead(request);
    OA2Client fullclient = (OA2Client) getClientStore().get(request.getClient().getIdentifier());
    AttributeGetClientResponse response = new AttributeGetClientResponse(subset(fullclient, request.attributes), request.attributes);
    return response;
}
Also used : OA2Client(edu.uiuc.ncsa.security.oauth_2_0.OA2Client)

Aggregations

OA2Client (edu.uiuc.ncsa.security.oauth_2_0.OA2Client)31 JSONObject (net.sf.json.JSONObject)10 OA2ClientKeys (edu.uiuc.ncsa.security.oauth_2_0.OA2ClientKeys)7 LinkedList (java.util.LinkedList)7 ColumnMap (edu.uiuc.ncsa.security.storage.sql.internals.ColumnMap)6 LDAPConfiguration (edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfiguration)5 AdminClient (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient)4 Permission (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.Permission)4 Identifier (edu.uiuc.ncsa.security.core.Identifier)4 OA2ClientConverter (edu.uiuc.ncsa.security.oauth_2_0.OA2ClientConverter)4 JSONArray (net.sf.json.JSONArray)4 TypeAttribute (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypeAttribute)3 TypePermission (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypePermission)3 ClientApproval (edu.uiuc.ncsa.security.delegation.server.storage.ClientApproval)3 OA2GeneralError (edu.uiuc.ncsa.security.oauth_2_0.OA2GeneralError)3 LDAPEntry (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.cm.ldap.LDAPEntry)2 ActionAdd (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.actions.ActionAdd)2 TypeClient (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypeClient)2 GeneralException (edu.uiuc.ncsa.security.core.exceptions.GeneralException)2 ClaimSource (edu.uiuc.ncsa.security.oauth_2_0.server.ClaimSource)2