Example 21 with AccessTokenRegistration
use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.
the class JPAOidcUserSubjectTest method testAccessTokenWithOidcUserSubject.
@Test
public void testAccessTokenWithOidcUserSubject() {
Client c = addClient("101", "bob");
AccessTokenRegistration atr = new AccessTokenRegistration();
atr.setClient(c);
atr.setApprovedScope(Collections.singletonList("a"));
OidcUserSubject oidcSubject = new OidcUserSubject();
oidcSubject.setLogin("bob");
IdToken idToken = new IdToken();
idToken.setAudience(c.getClientId());
oidcSubject.setIdToken(idToken);
atr.setSubject(oidcSubject);
ServerAccessToken at = getProvider().createAccessToken(atr);
ServerAccessToken at2 = getProvider().getAccessToken(at.getTokenKey());
assertEquals(at.getTokenKey(), at2.getTokenKey());
OidcUserSubject oidcSubject2 = (OidcUserSubject) at2.getSubject();
assertEquals(c.getClientId(), oidcSubject2.getIdToken().getAudience());
OidcUserSubject oidcSubject3 = new OidcUserSubject();
oidcSubject3.setLogin("bob");
IdToken idToken2 = new IdToken();
idToken2.setAudience(c.getClientId());
oidcSubject3.setIdToken(idToken2);
atr.setSubject(oidcSubject3);
ServerAccessToken at3 = getProvider().createAccessToken(atr);
ServerAccessToken at4 = getProvider().getAccessToken(at3.getTokenKey());
OidcUserSubject oidcSubject4 = (OidcUserSubject) at4.getSubject();
assertEquals(c.getClientId(), oidcSubject4.getIdToken().getAudience());
}
Also used :
IdToken(org.apache.cxf.rs.security.oidc.common.IdToken)
ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)
Client(org.apache.cxf.rs.security.oauth2.common.Client)
AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)
Test(org.junit.Test)
Example 22 with AccessTokenRegistration
use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.
the class AbstractOAuthDataProvider method createAccessToken.
@Override
public ServerAccessToken createAccessToken(AccessTokenRegistration reg) throws OAuthServiceException {
ServerAccessToken at = doCreateAccessToken(reg);
saveAccessToken(at);
if (isRefreshTokenSupported(reg.getApprovedScope())) {
createNewRefreshToken(at);
}
return at;
}
Also used :
ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)
Example 23 with AccessTokenRegistration
use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.
the class AbstractImplicitGrantService method getClientAccessToken.
protected ClientAccessToken getClientAccessToken(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) {
ServerAccessToken token = null;
if (preAuthorizedToken == null) {
AccessTokenRegistration reg = createTokenRegistration(state, client, requestedScope, approvedScope, userSubject);
token = getDataProvider().createAccessToken(reg);
} else {
token = preAuthorizedToken;
if (state.getNonce() != null) {
JAXRSUtils.getCurrentMessage().getExchange().put(OAuthConstants.NONCE, state.getNonce());
}
}
ClientAccessToken clientToken = OAuthUtils.toClientAccessToken(token, isWriteOptionalParameters());
processClientAccessToken(clientToken, token);
return clientToken;
}
Also used :
ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)
ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)
AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)
Example 24 with AccessTokenRegistration
use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.
the class AbstractImplicitGrantService method createTokenRegistration.
protected AccessTokenRegistration createTokenRegistration(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject) {
AccessTokenRegistration reg = new AccessTokenRegistration();
reg.setClient(client);
reg.setGrantType(super.getSupportedGrantType());
reg.setResponseType(state.getResponseType());
reg.setSubject(userSubject);
reg.setRequestedScope(requestedScope);
reg.setApprovedScope(getApprovedScope(requestedScope, approvedScope));
reg.setAudiences(Collections.singletonList(state.getAudience()));
reg.setNonce(state.getNonce());
reg.getExtraProperties().putAll(state.getExtraProperties());
return reg;
}
Also used :
AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)
Example 25 with AccessTokenRegistration
use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.
the class DirectAuthorizationService method authorize.
@POST
@Consumes("application/x-www-form-urlencoded")
@Produces("text/html")
public Response authorize(MultivaluedMap<String, String> params) {
SecurityContext sc = getAndValidateSecurityContext(params);
Client client = getClient(params);
// Create a UserSubject representing the end user
UserSubject userSubject = createUserSubject(sc, params);
AccessTokenRegistration reg = new AccessTokenRegistration();
reg.setClient(client);
reg.setGrantType(OAuthConstants.DIRECT_TOKEN_GRANT);
reg.setSubject(userSubject);
String providedScope = params.getFirst(OAuthConstants.SCOPE);
List<String> requestedScope = OAuthUtils.getRequestedScopes(client, providedScope, useAllClientScopes, partialMatchScopeValidation);
reg.setRequestedScope(requestedScope);
reg.setApprovedScope(requestedScope);
ServerAccessToken token = getDataProvider().createAccessToken(reg);
ClientAccessToken clientToken = OAuthUtils.toClientAccessToken(token, isWriteOptionalParameters());
return Response.ok(clientToken).build();
}
Also used :
ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)
UserSubject(org.apache.cxf.rs.security.oauth2.common.UserSubject)
ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)
SecurityContext(org.apache.cxf.security.SecurityContext)
Client(org.apache.cxf.rs.security.oauth2.common.Client)
AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
Aggregations
ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)22
AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)21
Test (org.junit.Test)14
Client (org.apache.cxf.rs.security.oauth2.common.Client)12
OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)6
BearerAccessToken (org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken)5
Ignore (org.junit.Ignore)4
UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)3
RefreshToken (org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)3
ByteArrayInputStream (java.io.ByteArrayInputStream)2
ByteArrayOutputStream (java.io.ByteArrayOutputStream)2
KeyPair (java.security.KeyPair)2
KeyPairGenerator (java.security.KeyPairGenerator)2
PrivateKey (java.security.PrivateKey)2
PublicKey (java.security.PublicKey)2
JSONProvider (org.apache.cxf.jaxrs.provider.json.JSONProvider)2
ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)2
SecretKey (javax.crypto.SecretKey)1
Consumes (javax.ws.rs.Consumes)1
POST (javax.ws.rs.POST)1
