Examples with Consumer org.apache.cxf.rs.security.oauth2.client.Consumer used on opensource projects

Example 46 with Consumer

use of org.apache.cxf.rs.security.oauth2.client.Consumer in project cxf by apache.

the class JAXRSOAuth2Test method testConfidentialClientIdOnly.

@Test()
public void testConfidentialClientIdOnly() throws Exception {
    String address = "https://localhost:" + PORT + "/oauth2/token";
    WebClient wc = createWebClient(address);
    try {
        OAuthClientUtils.getAccessToken(wc, new Consumer("fredNoPassword"), new CustomGrant(), false);
        fail("NotAuthorizedException exception is expected");
    } catch (OAuthServiceException ex) {
        assertEquals("invalid_client", ex.getError().getError());
    }
}

Example 47 with Consumer

use of org.apache.cxf.rs.security.oauth2.client.Consumer in project cxf by apache.

the class JAXRSOAuth2Test method testBasicAuthClientCred.

@Test
public void testBasicAuthClientCred() throws Exception {
    String address = "https://localhost:" + PORT + "/oauth2/token";
    WebClient wc = createWebClient(address);
    ClientCredentialsGrant grant = new ClientCredentialsGrant();
    // Pass client_id & client_secret as form properties
    // (instead WebClient can be initialized with username & password)
    grant.setClientId("bob");
    grant.setClientSecret("bobPassword");
    try {
        OAuthClientUtils.getAccessToken(wc, grant);
        fail("Form based authentication is not supported");
    } catch (OAuthServiceException ex) {
        assertEquals(OAuthConstants.UNAUTHORIZED_CLIENT, ex.getError().getError());
    }
    ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, new Consumer("bob", "bobPassword"), new ClientCredentialsGrant(), true);
    assertNotNull(at.getTokenKey());
}

Example 48 with Consumer

use of org.apache.cxf.rs.security.oauth2.client.Consumer in project cxf by apache.

the class BearerAuthSupplier method refreshAccessToken.

private boolean refreshAccessToken(AuthorizationPolicy authPolicy) {
    ClientAccessToken at = getClientAccessToken();
    if (at.getRefreshToken() == null) {
        return false;
    }
    // Client id and secret are needed to refresh the tokens
    // AuthorizationPolicy can hold them by default, Consumer can also be injected into this supplier
    // and checked if the policy is null.
    // Client TLS authentication is also fine as an alternative authentication mechanism,
    // how can we check here that a 2-way TLS has been set up ?
    Consumer theConsumer = consumer;
    if (theConsumer == null && authPolicy != null && authPolicy.getUserName() != null && authPolicy.getPassword() != null) {
        theConsumer = new Consumer(authPolicy.getUserName(), authPolicy.getPassword());
        return false;
    }
    if (theConsumer == null) {
        return false;
    }
    // Can WebCient be safely constructed at HttpConduit initialization time ?
    // If yes then createAccessTokenServiceClient() can be called inside
    // setAccessTokenServiceUri, though given that the token refreshment would
    // not be done on every request the current approach is quite reasonable
    WebClient accessTokenService = createAccessTokenServiceClient();
    setClientAccessToken(OAuthClientUtils.refreshAccessToken(accessTokenService, theConsumer, at));
    return true;
}

Example 49 with Consumer

use of org.apache.cxf.rs.security.oauth2.client.Consumer in project cxf by apache.

the class ClientCodeRequestFilter method processCodeResponse.

protected void processCodeResponse(ContainerRequestContext rc, UriInfo ui, MultivaluedMap<String, String> requestParams) {
    MultivaluedMap<String, String> state = null;
    if (clientStateManager != null) {
        state = clientStateManager.fromRedirectState(mc, requestParams);
    }
    String codeParam = requestParams.getFirst(OAuthConstants.AUTHORIZATION_CODE_VALUE);
    ClientAccessToken at = null;
    if (codeParam != null) {
        AuthorizationCodeGrant grant = prepareCodeGrant(codeParam, getAbsoluteRedirectUri(ui));
        if (state != null) {
            grant.setCodeVerifier(state.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER));
        }
        at = OAuthClientUtils.getAccessToken(accessTokenServiceClient, consumer, grant, useAuthorizationHeader);
    }
    ClientTokenContext tokenContext = initializeClientTokenContext(rc, at, requestParams, state);
    if (at != null && clientTokenContextManager != null) {
        clientTokenContextManager.setClientTokenContext(mc, tokenContext);
    }
    setClientCodeRequest(tokenContext);
}

Example 50 with Consumer

use of org.apache.cxf.rs.security.oauth2.client.Consumer in project cxf by apache.

the class OAuthClientUtils method getAccessToken.

/**
 * Obtains the access token from OAuth AccessToken Service
 * @param accessTokenServiceUri the AccessToken endpoint address
 * @param consumer {@link Consumer} representing the registered client
 * @param grant {@link AccessTokenGrant} grant
 * @param setAuthorizationHeader if set to true then HTTP Basic scheme
 *           will be used to pass client id and secret, otherwise they will
 *           be passed in the form payload
 * @return {@link ClientAccessToken} access token
 * @throws OAuthServiceException
 */
public static ClientAccessToken getAccessToken(String accessTokenServiceUri, Consumer consumer, AccessTokenGrant grant, boolean setAuthorizationHeader) throws OAuthServiceException {
    OAuthJSONProvider provider = new OAuthJSONProvider();
    WebClient accessTokenService = WebClient.create(accessTokenServiceUri, Collections.singletonList(provider));
    accessTokenService.accept("application/json");
    return getAccessToken(accessTokenService, consumer, grant, setAuthorizationHeader);
}