Search in sources :

Example 11 with AccessTokenValidation

use of org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation in project cxf by apache.

the class HawkAccessTokenValidator method getAccessTokenValidation.

protected AccessTokenValidation getAccessTokenValidation(MessageContext mc, String authScheme, String authSchemeData, MultivaluedMap<String, String> extraProps, Map<String, String> schemeParams) {
    String macKey = schemeParams.get(OAuthConstants.HAWK_TOKEN_ID);
    ServerAccessToken accessToken = dataProvider.getAccessToken(macKey);
    if (!(accessToken instanceof HawkAccessToken)) {
        throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
    }
    HawkAccessToken macAccessToken = (HawkAccessToken) accessToken;
    AccessTokenValidation atv = new AccessTokenValidation(macAccessToken);
    // OAuth2 Pop token introspection will likely support returning a JWE-encrypted key
    if (!isRemoteSignatureValidation() || mc.getSecurityContext().isSecure()) {
        atv.getExtraProps().put(OAuthConstants.HAWK_TOKEN_KEY, macAccessToken.getMacKey());
        atv.getExtraProps().put(OAuthConstants.HAWK_TOKEN_ALGORITHM, macAccessToken.getMacAlgorithm());
    }
    return atv;
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) OAuthServiceException(org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException) AccessTokenValidation(org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation)

Aggregations

AccessTokenValidation (org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation)8 OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)5 OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)3 UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)3 Instant (java.time.Instant)2 LinkedList (java.util.LinkedList)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 WebApplicationException (javax.ws.rs.WebApplicationException)2 WebClient (org.apache.cxf.jaxrs.client.WebClient)2 MetadataMap (org.apache.cxf.jaxrs.impl.MetadataMap)2 ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)2 SecurityContext (org.apache.cxf.security.SecurityContext)2 X509Certificate (java.security.cert.X509Certificate)1 ArrayList (java.util.ArrayList)1 Consumes (javax.ws.rs.Consumes)1 NotAuthorizedException (javax.ws.rs.NotAuthorizedException)1 POST (javax.ws.rs.POST)1 Produces (javax.ws.rs.Produces)1 UriInfo (javax.ws.rs.core.UriInfo)1 SimplePrincipal (org.apache.cxf.common.security.SimplePrincipal)1