Search in sources :

Example 1 with ExecutionContext

use of io.jans.as.server.model.common.ExecutionContext in project jans by JanssenProject.

the class CleanerTimerTest method umaRpt_whichIsExpiredAndDeletable_MustBeRemoved.

@Test
public void umaRpt_whichIsExpiredAndDeletable_MustBeRemoved() throws StringEncrypter.EncryptionException {
    final Client client = createClient();
    clientService.persist(client);
    // 1. create RPT
    final ExecutionContext executionContext = new ExecutionContext(null, null);
    executionContext.setClient(client);
    final UmaRPT rpt = umaRptService.createRPTAndPersist(executionContext, Lists.newArrayList());
    // 2. RPT exists
    assertNotNull(umaRptService.getRPTByCode(rpt.getNotHashedCode()));
    // 3. clean up
    cleanerTimer.processImpl();
    cacheService.clear();
    // 4. RPT exists
    assertNotNull(umaRptService.getRPTByCode(rpt.getNotHashedCode()));
    final Calendar calendar = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
    calendar.add(Calendar.MINUTE, -10);
    rpt.setExpirationDate(calendar.getTime());
    umaRptService.merge(rpt);
    // 5. clean up
    cleanerTimer.processImpl();
    cacheService.clear();
    // 6. no RPT in persistence
    assertNull(umaRptService.getRPTByCode(rpt.getNotHashedCode()));
}
Also used : ExecutionContext(io.jans.as.server.model.common.ExecutionContext) UmaRPT(io.jans.as.server.uma.authorization.UmaRPT) Calendar(java.util.Calendar) GregorianCalendar(java.util.GregorianCalendar) GregorianCalendar(java.util.GregorianCalendar) Client(io.jans.as.common.model.registration.Client) Test(org.testng.annotations.Test) BaseComponentTest(io.jans.as.server.BaseComponentTest)

Example 2 with ExecutionContext

use of io.jans.as.server.model.common.ExecutionContext in project jans by JanssenProject.

the class RegisterRestWebServiceImpl method requestClientRead.

@Override
public Response requestClientRead(String clientId, String authorization, HttpServletRequest httpRequest, SecurityContext securityContext) {
    String accessToken = tokenService.getToken(authorization);
    log.debug("Attempting to read client: clientId = {}, registrationAccessToken = {} isSecure = {}", clientId, accessToken, securityContext.isSecure());
    errorResponseFactory.validateComponentEnabled(ComponentType.REGISTRATION);
    Response.ResponseBuilder builder = Response.ok();
    OAuth2AuditLog oAuth2AuditLog = new OAuth2AuditLog(ServerUtil.getIpAddress(httpRequest), Action.CLIENT_READ);
    oAuth2AuditLog.setClientId(clientId);
    try {
        if (registerParamsValidator.validateParamsClientRead(clientId, accessToken)) {
            if (isTrue(appConfiguration.getDcrAuthorizationWithClientCredentials())) {
                validateAuthorizationAccessToken(accessToken, clientId);
            }
            Client client = clientService.getClient(clientId, accessToken);
            if (client != null) {
                oAuth2AuditLog.setScope(clientScopesToString(client));
                oAuth2AuditLog.setSuccess(true);
                JSONObject jsonObject = getJSONObject(client);
                jsonObject = modifyReadScript(jsonObject, new ExecutionContext(httpRequest, null).setClient(client));
                builder.entity(jsonObjectToString(jsonObject));
            } else {
                log.trace("The Access Token is not valid for the Client ID, returns invalid_token error.");
                builder = Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).type(MediaType.APPLICATION_JSON_TYPE);
                builder.entity(errorResponseFactory.errorAsJson(RegisterErrorResponseType.INVALID_TOKEN, "The Access Token is not valid for the Client"));
            }
        } else {
            log.trace("Client ID or Access Token is not valid.");
            throw errorResponseFactory.createWebApplicationException(Response.Status.BAD_REQUEST, RegisterErrorResponseType.INVALID_CLIENT_METADATA, "Client ID or Access Token is not valid.");
        }
    } catch (JSONException e) {
        log.error(e.getMessage(), e);
        throw errorResponseFactory.createWebApplicationException(Response.Status.INTERNAL_SERVER_ERROR, RegisterErrorResponseType.INVALID_CLIENT_METADATA, "Failed to parse json.");
    } catch (StringEncrypter.EncryptionException e) {
        log.error(e.getMessage(), e);
        throw errorResponseFactory.createWebApplicationException(Response.Status.INTERNAL_SERVER_ERROR, RegisterErrorResponseType.INVALID_CLIENT_METADATA, "Encryption exception occurred.");
    }
    builder.cacheControl(ServerUtil.cacheControl(true, false));
    builder.header(Constants.PRAGMA, Constants.NO_CACHE);
    applicationAuditLogger.sendMessage(oAuth2AuditLog);
    return builder.build();
}
Also used : Response(javax.ws.rs.core.Response) ExecutionContext(io.jans.as.server.model.common.ExecutionContext) JSONObject(org.json.JSONObject) OAuth2AuditLog(io.jans.as.server.model.audit.OAuth2AuditLog) JSONException(org.json.JSONException) Client(io.jans.as.common.model.registration.Client) StringEncrypter(io.jans.util.security.StringEncrypter)

Example 3 with ExecutionContext

use of io.jans.as.server.model.common.ExecutionContext in project jans by JanssenProject.

the class ExternalDynamicClientRegistrationServiceTest method modifyPostResponse_whenDefaultExternalCustomScriptIsNull_shouldReturnFalseWithoutNpe.

@Test
public void modifyPostResponse_whenDefaultExternalCustomScriptIsNull_shouldReturnFalseWithoutNpe() {
    final boolean result = externalDynamicClientRegistrationService.modifyPostResponse(new JSONObject(), new ExecutionContext());
    assertFalse(result);
}
Also used : ExecutionContext(io.jans.as.server.model.common.ExecutionContext) JSONObject(org.json.JSONObject) Test(org.testng.annotations.Test)

Example 4 with ExecutionContext

use of io.jans.as.server.model.common.ExecutionContext in project jans by JanssenProject.

the class ExternalDynamicClientRegistrationServiceTest method modifyPutResponse_whenDefaultExternalCustomScriptIsNull_shouldReturnFalseWithoutNpe.

@Test
public void modifyPutResponse_whenDefaultExternalCustomScriptIsNull_shouldReturnFalseWithoutNpe() {
    final boolean result = externalDynamicClientRegistrationService.modifyPutResponse(new JSONObject(), new ExecutionContext());
    assertFalse(result);
}
Also used : ExecutionContext(io.jans.as.server.model.common.ExecutionContext) JSONObject(org.json.JSONObject) Test(org.testng.annotations.Test)

Example 5 with ExecutionContext

use of io.jans.as.server.model.common.ExecutionContext in project jans by JanssenProject.

the class ExternalDynamicClientRegistrationServiceTest method modifyReadResponse_whenDefaultExternalCustomScriptIsNull_shouldReturnFalseWithoutNpe.

@Test
public void modifyReadResponse_whenDefaultExternalCustomScriptIsNull_shouldReturnFalseWithoutNpe() {
    final boolean result = externalDynamicClientRegistrationService.modifyReadResponse(new JSONObject(), new ExecutionContext());
    assertFalse(result);
}
Also used : ExecutionContext(io.jans.as.server.model.common.ExecutionContext) JSONObject(org.json.JSONObject) Test(org.testng.annotations.Test)

Aggregations

ExecutionContext (io.jans.as.server.model.common.ExecutionContext)16 Client (io.jans.as.common.model.registration.Client)8 JSONObject (org.json.JSONObject)8 WebApplicationException (javax.ws.rs.WebApplicationException)7 OAuth2AuditLog (io.jans.as.server.model.audit.OAuth2AuditLog)5 Response (javax.ws.rs.core.Response)5 JSONException (org.json.JSONException)4 Test (org.testng.annotations.Test)4 InvalidJwtException (io.jans.as.model.exception.InvalidJwtException)3 AccessToken (io.jans.as.server.model.common.AccessToken)3 RegisterRequest (io.jans.as.client.RegisterRequest)2 User (io.jans.as.common.model.common.User)2 GrantType (io.jans.as.model.common.GrantType)2 Jwt (io.jans.as.model.jwt.Jwt)2 AuthorizationGrant (io.jans.as.server.model.common.AuthorizationGrant)2 ClientCredentialsGrant (io.jans.as.server.model.common.ClientCredentialsGrant)2 SessionId (io.jans.as.server.model.common.SessionId)2 SessionClient (io.jans.as.server.model.session.SessionClient)2 ExternalUpdateTokenContext (io.jans.as.server.service.external.context.ExternalUpdateTokenContext)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2