Example 1 with PAIResponse2
use of edu.uiuc.ncsa.security.oauth_2_0.server.PAIResponse2 in project OA4MP by ncsa.
the class OA2CertServlet method verifyAndGet.
public ServiceTransaction verifyAndGet(IssuerResponse iResponse) throws IOException {
PAIResponse2 par = (PAIResponse2) iResponse;
AccessToken accessToken = par.getAccessToken();
OA2ServiceTransaction t = (OA2ServiceTransaction) getTransactionStore().get(accessToken);
// an HTTP status code of 200 with no other information.
if (t == null) {
throw new GeneralException("Invalid access token. Request refused");
}
if (!t.getScopes().contains(OA2Scopes.SCOPE_MYPROXY)) {
// Note that this requires a state, but none is sent in the OA4MP cert request.
throw new GeneralException("Certificate request is not in scope.");
}
if (t == null) {
throw new GeneralException("No transaction found for access token \"" + accessToken + "\"");
}
if (!t.isAccessTokenValid()) {
throw new GeneralException("Invalid access token. Request refused");
}
checkClientApproval(t.getClient());
// Access tokens must be valid in order to get a cert. If the token is invalid, the user must
// get a valid one using the refresh token.
checkTimestamp(accessToken.getToken());
return t;
}
Also used :
GeneralException(edu.uiuc.ncsa.security.core.exceptions.GeneralException)
AccessToken(edu.uiuc.ncsa.security.delegation.token.AccessToken)
OA2ServiceTransaction(edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2ServiceTransaction)
PAIResponse2(edu.uiuc.ncsa.security.oauth_2_0.server.PAIResponse2)
Aggregations
OA2ServiceTransaction (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2ServiceTransaction)1
GeneralException (edu.uiuc.ncsa.security.core.exceptions.GeneralException)1
AccessToken (edu.uiuc.ncsa.security.delegation.token.AccessToken)1
PAIResponse2 (edu.uiuc.ncsa.security.oauth_2_0.server.PAIResponse2)1
