Example 96 with Message
use of org.apache.cxf.message.Message in project ddf by codice.
the class PaosOutInterceptorTest method testHandleMessageNoAccept.
@Test
public void testHandleMessageNoAccept() {
Message message = new MessageImpl();
message.put(Message.PROTOCOL_HEADERS, new HashMap<String, List<String>>());
PaosOutInterceptor paosOutInterceptor = new PaosOutInterceptor(Phase.POST_LOGICAL);
paosOutInterceptor.handleMessage(message);
assertThat(((Map<String, List<String>>) message.get(Message.PROTOCOL_HEADERS)).get(HttpHeaders.ACCEPT), contains("application/vnd.paos+xml", "*/*"));
assertTrue(((Map<String, List<String>>) message.get(Message.PROTOCOL_HEADERS)).get("PAOS").contains("ver=\"urn:liberty:paos:2003-08\""));
assertTrue(((Map<String, List<String>>) message.get(Message.PROTOCOL_HEADERS)).get("PAOS").contains("\"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp\",\"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:2.0:WantAuthnRequestsSigned\""));
}Example 97 with Message
use of org.apache.cxf.message.Message in project meecrowave by apache.
the class JAXRSFieldInjectionInterceptor method doInject.
private void doInject(final InvocationContext ic) throws Exception {
final Message current = JAXRSUtils.getCurrentMessage();
if (current != null) {
final OperationResourceInfoStack stack = OperationResourceInfoStack.class.cast(current.get(OperationResourceInfoStack.class.getName()));
if (stack != null && !stack.isEmpty()) {
final Object instance;
if (ConstructorInterceptorInvocationContext.class.isInstance(ic)) {
final ConstructorInterceptorInvocationContext constructorInterceptorInvocationContext = ConstructorInterceptorInvocationContext.class.cast(ic);
constructorInterceptorInvocationContext.directProceed();
instance = constructorInterceptorInvocationContext.getNewInstance();
} else {
instance = ic.getTarget();
}
Application application = null;
final Object appInfo = current.getExchange().getEndpoint().get(Application.class.getName());
if (ApplicationInfo.class.isInstance(appInfo)) {
application = ApplicationInfo.class.cast(appInfo).getProvider();
}
synchronized (this) {
if (injected.get()) {
return;
}
InjectionUtils.injectContextProxiesAndApplication(stack.lastElement().getMethodInfo().getClassResourceInfo(), instance, application, ProviderFactory.getInstance(current));
injected.compareAndSet(false, true);
}
}
}
}
Also used :
ConstructorInterceptorInvocationContext(org.apache.webbeans.intercept.ConstructorInterceptorInvocationContext)
Message(org.apache.cxf.message.Message)
OperationResourceInfoStack(org.apache.cxf.jaxrs.model.OperationResourceInfoStack)
Application(javax.ws.rs.core.Application)
Example 98 with Message
use of org.apache.cxf.message.Message in project meecrowave by apache.
the class OAuth2Configurer method doCreateUserSubject.
public UserSubject doCreateUserSubject(final Principal pcp) {
final List<String> roles = GenericPrincipal.class.isInstance(pcp) ? new ArrayList<>(asList(GenericPrincipal.class.cast(pcp).getRoles())) : Collections.<String>emptyList();
final String name = pcp.getName();
final UserSubject userSubject = new UserSubject(name, name, roles);
final Message m = JAXRSUtils.getCurrentMessage();
if (m != null && m.get(AuthenticationMethod.class) != null) {
userSubject.setAuthenticationMethod(m.get(AuthenticationMethod.class));
} else {
userSubject.setAuthenticationMethod(PASSWORD);
}
forwardRolesAsClaims(userSubject);
return userSubject;
}
Also used :
GenericPrincipal(org.apache.catalina.realm.GenericPrincipal)
UserSubject(org.apache.cxf.rs.security.oauth2.common.UserSubject)
Message(org.apache.cxf.message.Message)
AuthenticationMethod(org.apache.cxf.rs.security.oauth2.common.AuthenticationMethod)
Example 99 with Message
use of org.apache.cxf.message.Message in project meecrowave by apache.
the class OAuth2Configurer method forwardSecurityProperties.
private void forwardSecurityProperties() {
// TODO: make it even more contextual, client based?
final Message currentMessage = PhaseInterceptorChain.getCurrentMessage();
securityProperties.forEach(currentMessage::put);
}
Also used :
Message(org.apache.cxf.message.Message)
Example 100 with Message
use of org.apache.cxf.message.Message in project carbon-apimgt by wso2.
the class OAuthOpaqueAuthenticatorImpl method authenticate.
/**
* @param message cxf message to be authenticated
* @return true if authentication was successful else false
* @throws APIManagementException when error in authentication process
*/
@Override
public boolean authenticate(Message message) throws APIManagementException {
boolean retrievedFromInvalidTokenCache = false;
boolean retrievedFromTokenCache = false;
String accessToken = RestApiUtil.extractOAuthAccessTokenFromMessage(message, RestApiConstants.REGEX_BEARER_PATTERN, RestApiConstants.AUTH_HEADER_NAME);
OAuthTokenInfo tokenInfo = null;
RESTAPICacheConfiguration cacheConfiguration = APIUtil.getRESTAPICacheConfig();
// validate the token from cache if it is enabled
if (cacheConfiguration.isTokenCacheEnabled()) {
tokenInfo = (OAuthTokenInfo) getRESTAPITokenCache().get(accessToken);
if (tokenInfo != null) {
if (isAccessTokenExpired(tokenInfo)) {
tokenInfo.setTokenValid(false);
// remove the token from token cache and put the token into invalid token cache
// when the access token is expired
getRESTAPIInvalidTokenCache().put(accessToken, tokenInfo);
getRESTAPITokenCache().remove(accessToken);
log.error(RestApiConstants.ERROR_TOKEN_EXPIRED);
return false;
} else {
retrievedFromTokenCache = true;
}
} else {
// if the token doesn't exist in the valid token cache, then check it in the invalid token cache
tokenInfo = (OAuthTokenInfo) getRESTAPIInvalidTokenCache().get(accessToken);
if (tokenInfo != null) {
retrievedFromInvalidTokenCache = true;
}
}
}
// if the tokenInfo is null, then only retrieve the token information from the database
try {
if (tokenInfo == null) {
tokenInfo = getTokenMetaData(accessToken);
}
} catch (APIManagementException e) {
log.error("Error while retrieving token information for token: " + accessToken, e);
}
// if we got valid access token we will proceed with next
if (tokenInfo != null && tokenInfo.isTokenValid()) {
if (cacheConfiguration.isTokenCacheEnabled() && !retrievedFromTokenCache) {
// put the token info into token cache
getRESTAPITokenCache().put(accessToken, tokenInfo);
}
// If access token is valid then we will perform scope check for given resource.
if (validateScopes(message, tokenInfo)) {
// Add the user scopes list extracted from token to the cxf message
message.getExchange().put(RestApiConstants.USER_REST_API_SCOPES, tokenInfo.getScopes());
// If scope validation successful then set tenant name and user name to current context
String tenantDomain = MultitenantUtils.getTenantDomain(tokenInfo.getEndUserName());
int tenantId;
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
RealmService realmService = (RealmService) carbonContext.getOSGiService(RealmService.class, null);
try {
String username = tokenInfo.getEndUserName();
if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
// when the username is an email in supertenant, it has at least 2 occurrences of '@'
long count = username.chars().filter(ch -> ch == '@').count();
// in the case of email, there will be more than one '@'
boolean isEmailUsernameEnabled = Boolean.parseBoolean(CarbonUtils.getServerConfiguration().getFirstProperty("EnableEmailUserName"));
if (isEmailUsernameEnabled || (username.endsWith(SUPER_TENANT_SUFFIX) && count <= 1)) {
username = MultitenantUtils.getTenantAwareUsername(username);
}
}
if (log.isDebugEnabled()) {
log.debug("username = " + username);
}
tenantId = realmService.getTenantManager().getTenantId(tenantDomain);
carbonContext.setTenantDomain(tenantDomain);
carbonContext.setTenantId(tenantId);
carbonContext.setUsername(username);
message.put(RestApiConstants.SUB_ORGANIZATION, tenantDomain);
if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
APIUtil.loadTenantConfigBlockingMode(tenantDomain);
}
return true;
} catch (UserStoreException e) {
log.error("Error while retrieving tenant id for tenant domain: " + tenantDomain, e);
}
} else {
log.error(RestApiConstants.ERROR_SCOPE_VALIDATION_FAILED);
}
} else {
log.error(RestApiConstants.ERROR_TOKEN_INVALID);
if (cacheConfiguration.isTokenCacheEnabled() && !retrievedFromInvalidTokenCache) {
getRESTAPIInvalidTokenCache().put(accessToken, tokenInfo);
}
}
return false;
}
Also used :
RESTAPICacheConfiguration(org.wso2.carbon.apimgt.impl.RESTAPICacheConfiguration)
MultitenantConstants(org.wso2.carbon.utils.multitenancy.MultitenantConstants)
Message(org.apache.cxf.message.Message)
APIUtil(org.wso2.carbon.apimgt.impl.utils.APIUtil)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
OAuth2TokenValidationRequestDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationRequestDTO)
AbstractOAuthAuthenticator(org.wso2.carbon.apimgt.rest.api.util.authenticators.AbstractOAuthAuthenticator)
MethodStats(org.wso2.carbon.apimgt.rest.api.util.MethodStats)
RestApiUtil(org.wso2.carbon.apimgt.rest.api.util.utils.RestApiUtil)
PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext)
RealmService(org.wso2.carbon.user.core.service.RealmService)
APIConstants(org.wso2.carbon.apimgt.impl.APIConstants)
APIKeyValidationInfoDTO(org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO)
OAuth2TokenValidationService(org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService)
OAuth2ClientApplicationDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2ClientApplicationDTO)
CarbonUtils(org.wso2.carbon.utils.CarbonUtils)
MultitenantUtils(org.wso2.carbon.utils.multitenancy.MultitenantUtils)
RestApiConstants(org.wso2.carbon.apimgt.rest.api.common.RestApiConstants)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
OAuthTokenInfo(org.wso2.carbon.apimgt.api.OAuthTokenInfo)
Log(org.apache.commons.logging.Log)
LogFactory(org.apache.commons.logging.LogFactory)
ServiceReferenceHolder(org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder)
OAuth2TokenValidationResponseDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationResponseDTO)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
RealmService(org.wso2.carbon.user.core.service.RealmService)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
OAuthTokenInfo(org.wso2.carbon.apimgt.api.OAuthTokenInfo)
RESTAPICacheConfiguration(org.wso2.carbon.apimgt.impl.RESTAPICacheConfiguration)
PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext)
Aggregations
Message (org.apache.cxf.message.Message)1002
Test (org.junit.Test)507
MessageImpl (org.apache.cxf.message.MessageImpl)291
Exchange (org.apache.cxf.message.Exchange)199
ExchangeImpl (org.apache.cxf.message.ExchangeImpl)169
Endpoint (org.apache.cxf.endpoint.Endpoint)91
Interceptor (org.apache.cxf.interceptor.Interceptor)87
ClassResourceInfo (org.apache.cxf.jaxrs.model.ClassResourceInfo)85
ArrayList (java.util.ArrayList)83
EndpointInfo (org.apache.cxf.service.model.EndpointInfo)76
List (java.util.List)75
IOException (java.io.IOException)73
OperationResourceInfo (org.apache.cxf.jaxrs.model.OperationResourceInfo)73
Method (java.lang.reflect.Method)69
Bus (org.apache.cxf.Bus)69
QName (javax.xml.namespace.QName)62
SoapMessage (org.apache.cxf.binding.soap.SoapMessage)55
HashMap (java.util.HashMap)53
Fault (org.apache.cxf.interceptor.Fault)51
ByteArrayInputStream (java.io.ByteArrayInputStream)49
