Examples with Client org.apache.cxf.rs.security.oauth2.common.Client used on opensource projects

Example 36 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project meecrowave by apache.

the class OAuth2Test method getPasswordTokenNoClient.

@Test
public void getPasswordTokenNoClient() {
    final Client client = ClientBuilder.newClient().register(new OAuthJSONProvider());
    try {
        final ClientAccessToken token = client.target("http://localhost:" + MEECROWAVE.getConfiguration().getHttpPort()).path("oauth2/token").request(APPLICATION_JSON_TYPE).post(entity(new Form().param("grant_type", "password").param("username", "test").param("password", "pwd"), APPLICATION_FORM_URLENCODED_TYPE), ClientAccessToken.class);
        assertNotNull(token);
        assertEquals("Bearer", token.getTokenType());
        assertNotNull(token.getTokenKey());
        assertIsJwt(token.getTokenKey(), "__default");
        assertEquals(3600, token.getExpiresIn());
        assertNotEquals(0, token.getIssuedAt());
        assertNotNull(token.getRefreshToken());
        validateJwt(token);
    } finally {
        client.close();
    }
}

Example 37 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project meecrowave by apache.

the class OAuth2Test method authorizationCode.

@Test
public void authorizationCode() throws URISyntaxException {
    final int httpPort = MEECROWAVE.getConfiguration().getHttpPort();
    createRedirectedClient(httpPort);
    final Client client = ClientBuilder.newClient().property(Message.MAINTAIN_SESSION, true).register(new OAuthJSONProvider());
    try {
        final WebTarget target = client.target("http://localhost:" + httpPort);
        final Response authorization = target.path("oauth2/authorize").queryParam(OAuthConstants.GRANT_TYPE, OAuthConstants.AUTHORIZATION_CODE_GRANT).queryParam(OAuthConstants.RESPONSE_TYPE, OAuthConstants.CODE_RESPONSE_TYPE).queryParam(OAuthConstants.CLIENT_ID, "c1").queryParam(OAuthConstants.CLIENT_SECRET, "cpwd").queryParam(OAuthConstants.REDIRECT_URI, "http://localhost:" + httpPort + "/redirected").request(APPLICATION_JSON_TYPE).header("authorization", "Basic " + Base64.getEncoder().encodeToString("test:pwd".getBytes(StandardCharsets.UTF_8))).get();
        final OAuthAuthorizationData data = authorization.readEntity(OAuthAuthorizationData.class);
        assertNotNull(data.getAuthenticityToken());
        assertEquals("c1", data.getClientId());
        assertEquals("http://localhost:" + httpPort + "/oauth2/authorize/decision", data.getReplyTo());
        assertEquals("code", data.getResponseType());
        assertEquals("http://localhost:" + httpPort + "/redirected", data.getRedirectUri());
        final Response decision = target.path("oauth2/authorize/decision").queryParam(OAuthConstants.SESSION_AUTHENTICITY_TOKEN, data.getAuthenticityToken()).queryParam(OAuthConstants.AUTHORIZATION_DECISION_KEY, "allow").request(APPLICATION_JSON_TYPE).cookie(authorization.getCookies().get("JSESSIONID")).header("authorization", "Basic " + Base64.getEncoder().encodeToString("test:pwd".getBytes(StandardCharsets.UTF_8))).get();
        assertEquals(Response.Status.SEE_OTHER.getStatusCode(), decision.getStatus());
        assertTrue(decision.getLocation().toASCIIString(), decision.getLocation().toASCIIString().startsWith("http://localhost:" + httpPort + "/redirected?code="));
        final ClientAccessToken token = target.path("oauth2/token").request(APPLICATION_JSON_TYPE).post(entity(new Form().param(OAuthConstants.GRANT_TYPE, OAuthConstants.AUTHORIZATION_CODE_GRANT).param(OAuthConstants.CODE_RESPONSE_TYPE, decision.getLocation().getRawQuery().substring("code=".length())).param(OAuthConstants.REDIRECT_URI, "http://localhost:" + httpPort + "/redirected").param(OAuthConstants.CLIENT_ID, "c1").param(OAuthConstants.CLIENT_SECRET, "cpwd"), APPLICATION_FORM_URLENCODED_TYPE), ClientAccessToken.class);
        assertNotNull(token);
        assertEquals("Bearer", token.getTokenType());
        assertIsJwt(token.getTokenKey(), "c1");
        assertEquals(3600, token.getExpiresIn());
        assertNotEquals(0, token.getIssuedAt());
        assertNotNull(token.getRefreshToken());
    } finally {
        client.close();
    }
}

Example 38 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project meecrowave by apache.

the class JCacheConfigurer method doSetup.

public void doSetup(final OAuth2Options options) {
    if (!options.getProvider().startsWith("jcache")) {
        return;
    }
    provider = Caching.getCachingProvider();
    final File file = new File(options.getJcacheConfigUri());
    URI configFileURI = file.isFile() ? file.toURI() : null;
    if (configFileURI == null) {
        try {
            configFileURI = getClasspathResourceURL(options.getJcacheConfigUri(), JCacheOAuthDataProvider.class, bus).toURI();
        } catch (final Exception ex) {
            configFileURI = provider.getDefaultURI();
        }
    }
    cacheManager = provider.getCacheManager(configFileURI, Thread.currentThread().getContextClassLoader());
    try {
        cacheManager.createCache(JCacheOAuthDataProvider.CLIENT_CACHE_KEY, configure(new MutableConfiguration<String, Client>().setTypes(String.class, Client.class), options));
        if (!options.isJcacheStoreJwtKeyOnly()) /* && options.isUseJwtFormatForAccessTokens()*/
        {
            cacheManager.createCache(JCacheOAuthDataProvider.ACCESS_TOKEN_CACHE_KEY, configure(new MutableConfiguration<String, ServerAccessToken>().setTypes(String.class, ServerAccessToken.class), options));
        } else {
            cacheManager.createCache(JCacheOAuthDataProvider.ACCESS_TOKEN_CACHE_KEY, configure(new MutableConfiguration<String, String>().setTypes(String.class, String.class), options));
        }
        cacheManager.createCache(JCacheOAuthDataProvider.REFRESH_TOKEN_CACHE_KEY, configure(new MutableConfiguration<String, RefreshToken>().setTypes(String.class, RefreshToken.class), options));
        if (options.isAuthorizationCodeSupport()) {
            cacheManager.createCache(JCacheCodeDataProvider.CODE_GRANT_CACHE_KEY, configure(new MutableConfiguration<String, ServerAuthorizationCodeGrant>().setTypes(String.class, ServerAuthorizationCodeGrant.class), options));
        }
    } catch (final CacheException ce) {
    // already created
    }
}

Example 39 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project cxf by apache.

the class AbstractTokenService method getClient.

protected Client getClient(String clientId, String clientSecret, MultivaluedMap<String, String> params) {
    if (clientId == null) {
        reportInvalidRequestError("Client ID is null");
        return null;
    }
    Client client = null;
    try {
        client = getValidClient(clientId, clientSecret, params);
    } catch (OAuthServiceException ex) {
        LOG.warning("No valid client found for clientId: " + clientId);
        if (ex.getError() != null) {
            reportInvalidClient(ex.getError());
            return null;
        }
    }
    if (client == null) {
        LOG.warning("No valid client found for clientId: " + clientId);
        reportInvalidClient();
    }
    return client;
}

Example 40 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project cxf by apache.

the class AccessTokenService method handleTokenRequest.

/**
 * Processes an access token request
 * @param params the form parameters representing the access token grant
 * @return Access Token or the error
 */
@POST
@Consumes("application/x-www-form-urlencoded")
@Produces("application/json")
public Response handleTokenRequest(MultivaluedMap<String, String> params) {
    // Make sure the client is authenticated
    Client client = authenticateClientIfNeeded(params);
    if (!OAuthUtils.isGrantSupportedForClient(client, isCanSupportPublicClients(), params.getFirst(OAuthConstants.GRANT_TYPE))) {
        LOG.log(Level.FINE, "The grant type {} is not supported for the client", params.getFirst(OAuthConstants.GRANT_TYPE));
        return createErrorResponse(params, OAuthConstants.UNAUTHORIZED_CLIENT);
    }
    try {
        checkAudience(client, params);
    } catch (OAuthServiceException ex) {
        return super.createErrorResponseFromBean(ex.getError());
    }
    // Find the grant handler
    AccessTokenGrantHandler handler = findGrantHandler(params);
    if (handler == null) {
        LOG.fine("No Grant Handler found");
        return createErrorResponse(params, OAuthConstants.UNSUPPORTED_GRANT_TYPE);
    }
    // Create the access token
    final ServerAccessToken serverToken;
    try {
        serverToken = handler.createAccessToken(client, params);
    } catch (WebApplicationException ex) {
        throw ex;
    } catch (RuntimeException ex) {
        LOG.log(Level.FINE, "Error creating the access token", ex);
        // This is done to bypass a Check-Style
        // restriction on a number of return statements
        OAuthServiceException oauthEx = ex instanceof OAuthServiceException ? (OAuthServiceException) ex : new OAuthServiceException(ex);
        return handleException(oauthEx, OAuthConstants.INVALID_GRANT);
    }
    if (serverToken == null) {
        LOG.fine("No access token was created");
        return createErrorResponse(params, OAuthConstants.INVALID_GRANT);
    }
    // Extract the information to be of use for the client
    ClientAccessToken clientToken = OAuthUtils.toClientAccessToken(serverToken, isWriteOptionalParameters());
    processClientAccessToken(clientToken, serverToken);
    // Return it to the client
    return Response.ok(clientToken).header(HttpHeaders.CACHE_CONTROL, "no-store").header("Pragma", "no-cache").build();
}