Search in sources :

Example 1 with UIIRequest2

use of edu.uiuc.ncsa.security.oauth_2_0.server.UIIRequest2 in project OA4MP by ncsa.

the class UserInfoServlet method doIt.

@Override
protected void doIt(HttpServletRequest request, HttpServletResponse response) throws Throwable {
    // The access token is sent in the authorization header and should look like
    // Bearer oa4mp:...
    AccessToken at = getAT(request);
    ServiceTransaction transaction = (ServiceTransaction) getTransactionStore().get(at);
    if (((OA2Client) transaction.getClient()).isPublicClient()) {
        throw new OA2GeneralError(OA2Errors.INVALID_REQUEST, "public client not authorized to access user information", HttpStatus.SC_UNAUTHORIZED);
    }
    if (transaction == null) {
        throw new OA2GeneralError(OA2Errors.INVALID_REQUEST, "no transaction for the access token was found.", HttpStatus.SC_BAD_REQUEST);
    }
    if (!transaction.isAccessTokenValid()) {
        throw new OA2GeneralError(OA2Errors.INVALID_REQUEST, "invalid access token.", HttpStatus.SC_BAD_REQUEST);
    }
    try {
        checkTimestamp(at.getToken());
    } catch (InvalidTimestampException itx) {
        throw new OA2GeneralError(OA2Errors.INVALID_REQUEST, "token expired.", HttpStatus.SC_BAD_REQUEST);
    }
    OA2SE oa2SE = (OA2SE) getServiceEnvironment();
    UII2 uis = new UII2(oa2SE.getTokenForge(), getServiceEnvironment().getServiceAddress());
    UIIRequest2 uireq = new UIIRequest2(request, at);
    uireq.setUsername(getUsername(transaction));
    // Now we figure out which scope handler to use.
    UIIResponse2 uiresp = (UIIResponse2) uis.process(uireq);
    LinkedList<ClaimSource> claimSources = OA2ATServlet.setupScopeHandlers((OA2ServiceTransaction) transaction, oa2SE);
    DebugUtil.dbg(this, "Invoking scope handler");
    if (claimSources == null || claimSources.isEmpty()) {
        DebugUtil.dbg(this, " ***** NO SCOPE HANDLERS ");
    }
    for (ClaimSource claimSource : claimSources) {
        DebugUtil.dbg(this, " scope handler=" + claimSource.getClass().getSimpleName());
        claimSource.process(uiresp.getUserInfo(), transaction);
    }
    uiresp.write(response);
}
Also used : OA2Client(edu.uiuc.ncsa.security.oauth_2_0.OA2Client) OA2ServiceTransaction(edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2ServiceTransaction) ServiceTransaction(edu.uiuc.ncsa.security.delegation.server.ServiceTransaction) OA2SE(edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2SE) AccessToken(edu.uiuc.ncsa.security.delegation.token.AccessToken) UIIRequest2(edu.uiuc.ncsa.security.oauth_2_0.server.UIIRequest2) OA2GeneralError(edu.uiuc.ncsa.security.oauth_2_0.OA2GeneralError) InvalidTimestampException(edu.uiuc.ncsa.security.core.exceptions.InvalidTimestampException) UII2(edu.uiuc.ncsa.security.oauth_2_0.server.UII2) ClaimSource(edu.uiuc.ncsa.security.oauth_2_0.server.ClaimSource) UIIResponse2(edu.uiuc.ncsa.security.oauth_2_0.server.UIIResponse2)

Aggregations

OA2SE (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2SE)1 OA2ServiceTransaction (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2ServiceTransaction)1 InvalidTimestampException (edu.uiuc.ncsa.security.core.exceptions.InvalidTimestampException)1 ServiceTransaction (edu.uiuc.ncsa.security.delegation.server.ServiceTransaction)1 AccessToken (edu.uiuc.ncsa.security.delegation.token.AccessToken)1 OA2Client (edu.uiuc.ncsa.security.oauth_2_0.OA2Client)1 OA2GeneralError (edu.uiuc.ncsa.security.oauth_2_0.OA2GeneralError)1 ClaimSource (edu.uiuc.ncsa.security.oauth_2_0.server.ClaimSource)1 UII2 (edu.uiuc.ncsa.security.oauth_2_0.server.UII2)1 UIIRequest2 (edu.uiuc.ncsa.security.oauth_2_0.server.UIIRequest2)1 UIIResponse2 (edu.uiuc.ncsa.security.oauth_2_0.server.UIIResponse2)1