Examples with Client - org.apache.cxf.rs.security.oauth2.common.Client

Example 41 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project cxf by apache.

the class AccessTokenValidatorClient method validateAccessToken.

public AccessTokenValidation validateAccessToken(MessageContext mc, String authScheme, String authSchemeData, MultivaluedMap<String, String> extraProps) throws OAuthServiceException {
    WebClient client = WebClient.fromClient(tokenValidatorClient, true);
    MultivaluedMap<String, String> props = new MetadataMap<>();
    props.putSingle(OAuthConstants.AUTHORIZATION_SCHEME_TYPE, authScheme);
    props.putSingle(OAuthConstants.AUTHORIZATION_SCHEME_DATA, authSchemeData);
    if (extraProps != null) {
        props.putAll(extraProps);
    }
    try {
        return client.post(props, AccessTokenValidation.class);
    } catch (WebApplicationException ex) {
        throw new OAuthServiceException(ex);
    }
}

Also used : MetadataMap(org.apache.cxf.jaxrs.impl.MetadataMap) WebApplicationException(javax.ws.rs.WebApplicationException) OAuthServiceException(org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Example 42 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project cxf by apache.

the class AbstractTokenService method authenticateClientIfNeeded.

/**
 * Make sure the client is authenticated
 */
protected Client authenticateClientIfNeeded(MultivaluedMap<String, String> params) {
    Client client = null;
    SecurityContext sc = getMessageContext().getSecurityContext();
    Principal principal = sc.getUserPrincipal();
    String clientId = retrieveClientId(params);
    if (principal == null) {
        if (clientId != null) {
            String clientSecret = params.getFirst(OAuthConstants.CLIENT_SECRET);
            if (clientSecret != null) {
                client = getAndValidateClientFromIdAndSecret(clientId, clientSecret, params);
                validateClientAuthenticationMethod(client, OAuthConstants.TOKEN_ENDPOINT_AUTH_POST);
            } else if (OAuthUtils.isMutualTls(sc, getTlsSessionInfo())) {
                client = getClient(clientId, params);
                checkCertificateBinding(client, getTlsSessionInfo());
                validateClientAuthenticationMethod(client, OAuthConstants.TOKEN_ENDPOINT_AUTH_TLS);
            } else if (canSupportPublicClients) {
                client = getValidClient(clientId, params);
                if (!isValidPublicClient(client, clientId)) {
                    client = null;
                } else {
                    validateClientAuthenticationMethod(client, OAuthConstants.TOKEN_ENDPOINT_AUTH_NONE);
                }
            }
        }
    } else {
        if (clientId != null) {
            if (!clientId.equals(principal.getName())) {
                reportInvalidClient();
            }
            client = (Client) getMessageContext().get(Client.class.getName());
            if (client == null) {
                client = getClient(clientId, params);
            }
        } else if (principal.getName() != null) {
            client = getClient(principal.getName(), params);
        }
    }
    if (client == null) {
        client = getClientFromTLSCertificates(sc, getTlsSessionInfo(), params);
        if (client == null) {
            // Basic Authentication is expected by default
            client = getClientFromBasicAuthScheme(params);
        }
    }
    if (client == null) {
        reportInvalidClient();
    }
    return client;
}

Also used : SecurityContext(javax.ws.rs.core.SecurityContext) Client(org.apache.cxf.rs.security.oauth2.common.Client) Principal(java.security.Principal)

Example 43 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project cxf by apache.

the class AbstractOAuthDataProviderTest method testAddGetDeleteAccessToken2.

@Test
public void testAddGetDeleteAccessToken2() {
    Client c = addClient("102", "bob");
    AccessTokenRegistration atr = new AccessTokenRegistration();
    atr.setClient(c);
    atr.setApprovedScope(Collections.singletonList("a"));
    atr.setSubject(c.getResourceOwnerSubject());
    getProvider().createAccessToken(atr);
    List<ServerAccessToken> tokens = getProvider().getAccessTokens(c, null);
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    validateAccessToken(tokens.get(0));
    getProvider().removeClient(c.getClientId());
    tokens = getProvider().getAccessTokens(c, null);
    assertNotNull(tokens);
    assertEquals(0, tokens.size());
}

Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) Client(org.apache.cxf.rs.security.oauth2.common.Client) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration) Test(org.junit.Test)

Example 44 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project cxf by apache.

the class AbstractOAuthDataProviderTest method testAddGetDeleteClient.

@Test
public void testAddGetDeleteClient() {
    Client c = addClient("12345", "alice");
    Client c2 = getProvider().getClient(c.getClientId());
    compareClients(c, c2);
    c2.setClientSecret("567");
    getProvider().setClient(c2);
    Client c22 = getProvider().getClient(c.getClientId());
    compareClients(c2, c22);
    getProvider().removeClient(c.getClientId());
    Client c3 = getProvider().getClient(c.getClientId());
    assertNull(c3);
}

Also used : Client(org.apache.cxf.rs.security.oauth2.common.Client) Test(org.junit.Test)

Example 45 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project cxf by apache.

the class AbstractOAuthDataProviderTest method testAddGetDeleteAccessTokenWithNullSubject.

@Test
public void testAddGetDeleteAccessTokenWithNullSubject() {
    Client c = addClient("102", "bob");
    AccessTokenRegistration atr = new AccessTokenRegistration();
    atr.setClient(c);
    atr.setApprovedScope(Collections.singletonList("a"));
    atr.setSubject(null);
    getProvider().createAccessToken(atr);
    List<ServerAccessToken> tokens = getProvider().getAccessTokens(c, null);
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    validateAccessToken(tokens.get(0));
    getProvider().removeClient(c.getClientId());
    tokens = getProvider().getAccessTokens(c, null);
    assertNotNull(tokens);
    assertEquals(0, tokens.size());
}

Aggregations

WebClient (org.apache.cxf.jaxrs.client.WebClient)112 ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)100 Response (javax.ws.rs.core.Response)79 Client (org.apache.cxf.rs.security.oauth2.common.Client)75 Form (javax.ws.rs.core.Form)64 URL (java.net.URL)59 OAuthAuthorizationData (org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData)36 ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)36 Test (org.junit.Test)35 OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)27 UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)25 AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)22 OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)21 JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)16 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)15 ArrayList (java.util.ArrayList)13 TokenIntrospection (org.apache.cxf.rs.security.oauth2.common.TokenIntrospection)12 RefreshToken (org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)12 Book (org.apache.cxf.systest.jaxrs.security.Book)11 Consumes (javax.ws.rs.Consumes)8