use of org.apache.cxf.rs.security.oauth2.common.Client in project cxf by apache.
the class EncryptingDataProvider method refreshAccessToken.
@Override
public ServerAccessToken refreshAccessToken(Client client, String refreshToken, List<String> requestedScopes) throws OAuthServiceException {
String encrypted = refreshTokens.remove(refreshToken);
ServerAccessToken token = ModelEncryptionSupport.decryptAccessToken(this, encrypted, key);
tokens.remove(token.getTokenKey());
// create a new refresh token
createRefreshToken(token);
// possibly update other token properties
encryptAccessToken(token);
return token;
}
use of org.apache.cxf.rs.security.oauth2.common.Client in project cxf by apache.
the class CryptoUtilsTest method compareAccessTokens.
private void compareAccessTokens(ServerAccessToken token, ServerAccessToken token2) {
assertEquals(token.getTokenKey(), token2.getTokenKey());
assertEquals(token.getTokenType(), token2.getTokenType());
assertEquals(token.getIssuedAt(), token2.getIssuedAt());
assertEquals(token.getExpiresIn(), token2.getExpiresIn());
Client regClient1 = token.getClient();
Client regClient2 = token2.getClient();
assertEquals(regClient1.getClientId(), regClient2.getClientId());
assertNull(regClient2.getApplicationDescription());
UserSubject endUser1 = token.getSubject();
UserSubject endUser2 = token2.getSubject();
assertEquals(endUser1.getLogin(), endUser2.getLogin());
assertEquals(endUser1.getId(), endUser2.getId());
assertEquals(endUser1.getRoles(), endUser2.getRoles());
assertEquals(token.getRefreshToken(), token2.getRefreshToken());
assertEquals(token.getAudiences(), token2.getAudiences());
assertEquals(token.getGrantType(), token2.getGrantType());
assertEquals(token.getParameters(), token2.getParameters());
List<OAuthPermission> permissions = token.getScopes();
List<OAuthPermission> permissions2 = token2.getScopes();
assertEquals(1, permissions.size());
assertEquals(1, permissions2.size());
OAuthPermission perm1 = permissions.get(0);
OAuthPermission perm2 = permissions2.get(0);
assertEquals(perm1.getPermission(), perm2.getPermission());
assertEquals(perm1.getDescription(), perm2.getDescription());
RefreshToken refreshToken = ModelEncryptionSupport.decryptRefreshToken(p, token2.getRefreshToken(), p.key);
assertEquals(1200L, refreshToken.getExpiresIn());
}
use of org.apache.cxf.rs.security.oauth2.common.Client in project cxf by apache.
the class OAuth2TestUtils method getLocation.
public static String getLocation(WebClient client, AuthorizationCodeParameters parameters) {
// Make initial authorization request
client.type("application/json").accept("application/json");
client.query("client_id", parameters.getConsumerId());
client.query("redirect_uri", "http://www.blah.apache.org");
client.query("response_type", parameters.getResponseType());
if (parameters.getScope() != null) {
client.query("scope", parameters.getScope());
}
if (parameters.getNonce() != null) {
client.query("nonce", parameters.getNonce());
}
if (parameters.getState() != null) {
client.query("state", parameters.getState());
}
if (parameters.getRequest() != null) {
client.query("request", parameters.getRequest());
}
if (parameters.getCodeChallenge() != null) {
client.query("code_challenge", parameters.getCodeChallenge());
}
if (parameters.getCodeChallengeMethod() != null) {
client.query("code_challenge_method", parameters.getCodeChallengeMethod());
}
client.path(parameters.getPath());
Response response = client.get();
OAuthAuthorizationData authzData = response.readEntity(OAuthAuthorizationData.class);
return getLocation(client, authzData, parameters.getState());
}
use of org.apache.cxf.rs.security.oauth2.common.Client in project cxf by apache.
the class OAuth2JwtFiltersTest method doTestServiceWithJwtTokenAndScope.
private void doTestServiceWithJwtTokenAndScope(String oauthService, String rsAddress) throws Exception {
final AuthorizationMetadata authorizationMetadata = OAuthClientUtils.getAuthorizationMetadata(oauthService);
final String scope = "create_book";
final URI authorizationURI = OAuthClientUtils.getAuthorizationURI(authorizationMetadata.getAuthorizationEndpoint().toString(), "consumer-id", null, null, scope);
// Get Authorization Code
WebClient oauthClient = WebClient.create(authorizationURI.toString(), OAuth2TestUtils.setupProviders(), "alice", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
final String location = OAuth2TestUtils.getLocation(oauthClient, oauthClient.accept(MediaType.APPLICATION_JSON).get(OAuthAuthorizationData.class), null);
final String code = OAuth2TestUtils.getSubstring(location, "code");
assertNotNull(code);
// Now get the access token
final ClientAccessToken accessToken = OAuthClientUtils.getAccessToken(authorizationMetadata.getTokenEndpoint().toString(), new Consumer("consumer-id", "this-is-a-secret"), new AuthorizationCodeGrant(code), true);
assertNotNull(accessToken.getTokenKey());
JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(accessToken.getTokenKey());
JwsSignatureVerifier verifier = JwsUtils.loadSignatureVerifier("org/apache/cxf/systest/jaxrs/security/alice.rs.properties", null);
assertTrue(jwtConsumer.verifySignatureWith(verifier));
JwtClaims claims = jwtConsumer.getJwtClaims();
assertEquals("consumer-id", claims.getStringProperty(OAuthConstants.CLIENT_ID));
assertEquals("alice", claims.getStringProperty("username"));
assertTrue(claims.getStringProperty(OAuthConstants.SCOPE).contains(scope));
// Now invoke on the service with the access token
WebClient client = WebClient.create(rsAddress, OAuth2TestUtils.setupProviders()).authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
Book returnedBook = client.type("application/xml").post(new Book("book", 123L), Book.class);
assertEquals(returnedBook.getName(), "book");
assertEquals(returnedBook.getId(), 123L);
}
use of org.apache.cxf.rs.security.oauth2.common.Client in project cxf by apache.
the class OAuth2FiltersTest method testServiceWithTokenUsingAudience.
@org.junit.Test
public void testServiceWithTokenUsingAudience() throws Exception {
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(), "alice", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
String code = OAuth2TestUtils.getAuthorizationCode(oauthClient, null, "consumer-id-aud");
assertNotNull(code);
// Now get the access token
oauthClient = WebClient.create(oauthService, "consumer-id-aud", "this-is-a-secret", null);
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
ClientAccessToken accessToken = OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code, "consumer-id-aud", address);
assertNotNull(accessToken.getTokenKey());
// Now invoke on the service with the access token
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders()).authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
Response response = client.type("application/xml").post(new Book("book", 123L));
assertEquals(response.getStatus(), 200);
Book returnedBook = response.readEntity(Book.class);
assertEquals(returnedBook.getName(), "book");
assertEquals(returnedBook.getId(), 123L);
}
Aggregations