Example 1 with ClientAccessToken
use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project tesb-rt-se by Talend.
the class RestaurantReservationService method completeReservation.
@GET
@Path("complete")
@Produces({ "text/html", "application/xml;q=0.9" })
public Response completeReservation(@QueryParam("code") String code, @QueryParam("state") String state) {
String userName = sc.getUserPrincipal().getName();
Map<String, ReservationRequest> userRequests = requests.get(userName);
if (userRequests == null) {
return redirectToFailureHandler(NO_REQUEST_USER);
}
if (state == null) {
return redirectToFailureHandler(NO_REQUEST_STATE);
}
ReservationRequest request = userRequests.remove(state);
if (request == null) {
return redirectToFailureHandler(NO_REQUEST_AVAILABLE);
}
if (code == null) {
return redirectToFailureHandler(NO_CODE_GRANT);
}
LOG.info("Completing the reservation request for a user: " + request.getReserveName());
AuthorizationCodeGrant codeGrant = new AuthorizationCodeGrant(code, getCallbackURI());
LOG.info("Requesting OAuth server to replace an authorized request token with an access token");
ClientAccessToken accessToken = manager.getAccessToken(codeGrant);
if (accessToken == null) {
return redirectToFailureHandler(NO_OAUTH_ACCESS_TOKEN);
}
Calendar c = null;
try {
String authHeader = manager.createAuthorizationHeader(accessToken);
socialService.replaceHeader("Authorization", authHeader);
c = socialService.get(Calendar.class);
} catch (RuntimeException ex) {
return redirectToFailureHandler(CALENDAR_ACCESS_PROBLEM);
}
CalendarEntry entry = c.getEntry(request.getHour());
if (entry.getEventDescription() == null || entry.getEventDescription().trim().isEmpty()) {
String address = restaurantService.post(new Form().param("name", request.getReserveName()).param("phone", request.getContactPhone()).param("hour", Integer.toString(request.getHour())), String.class);
if (address == null) {
return redirectToFailureHandler(NO_RESERVATION);
}
// update the user's calendar
String authHeader = manager.createAuthorizationHeader(accessToken);
socialService.replaceHeader("Authorization", authHeader);
Response response = socialService.form(new Form().param("hour", Integer.toString(request.getHour())).param("description", "Table reserved at " + address));
boolean calendarUpdated = response.getStatus() == 200 || response.getStatus() == 204;
return Response.ok(new ReservationConfirmation(address, request.getHour(), calendarUpdated)).build();
} else {
return redirectToFailureHandler(CALENDAR_BUSY);
}
}
Also used :
Response(javax.ws.rs.core.Response)
AuthorizationCodeGrant(org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeGrant)
CalendarEntry(oauth2.common.CalendarEntry)
Form(javax.ws.rs.core.Form)
ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)
Calendar(oauth2.common.Calendar)
ReservationConfirmation(oauth2.common.ReservationConfirmation)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Example 2 with ClientAccessToken
use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project teiid by teiid.
the class OAuth20CredentialImpl method getAccessToken.
protected ClientAccessToken getAccessToken() {
if (getAccessTokenString() != null) {
// if we have access_token directly, use it
return new ClientAccessToken(OAuthConstants.ACCESS_TOKEN_TYPE, getAccessTokenString());
}
Consumer consumer = new Consumer(getClientId(), getClientSecret());
WebClient client = WebClient.create(getAccessTokenURI());
RefreshTokenGrant grant = new RefreshTokenGrant(getRefreshToken());
return OAuthClientUtils.getAccessToken(client, consumer, grant, null, "Bearer", false);
}
Also used :
Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer)
RefreshTokenGrant(org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrant)
ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
Example 3 with ClientAccessToken
use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project testcases by coheigea.
the class AuthorizationGrantTest method testAuthorizationCodeGrant.
@org.junit.Test
public void testAuthorizationCodeGrant() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("cxf-client.xml");
String address = "https://localhost:" + PORT + "/services/";
WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
String code = getAuthorizationCode(client);
assertNotNull(code);
// Now get the access token
client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(client, code);
assertNotNull(accessToken.getTokenKey());
}
Also used :
ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
URL(java.net.URL)
Example 4 with ClientAccessToken
use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project testcases by coheigea.
the class AuthorizationGrantTest method testClientCredentialsGrant.
@org.junit.Test
public void testClientCredentialsGrant() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("cxf-client.xml");
String address = "https://localhost:" + PORT + "/services/";
WebClient client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
client.path("token");
Form form = new Form();
form.param("grant_type", "client_credentials");
Response response = client.post(form);
ClientAccessToken accessToken = response.readEntity(ClientAccessToken.class);
assertNotNull(accessToken.getTokenKey());
assertNotNull(accessToken.getRefreshToken());
}
Also used :
Response(javax.ws.rs.core.Response)
Form(javax.ws.rs.core.Form)
ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
URL(java.net.URL)
Example 5 with ClientAccessToken
use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project testcases by coheigea.
the class AuthorizationGrantTest method testAuthorizationCodeGrantRefresh.
@org.junit.Test
public void testAuthorizationCodeGrantRefresh() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("cxf-client.xml");
String address = "https://localhost:" + PORT + "/services/";
WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
String code = getAuthorizationCode(client);
assertNotNull(code);
// Now get the access token
client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(client, code);
assertNotNull(accessToken.getTokenKey());
assertNotNull(accessToken.getRefreshToken());
// Refresh the access token
client.type("application/x-www-form-urlencoded").accept("application/json");
Form form = new Form();
form.param("grant_type", "refresh_token");
form.param("refresh_token", accessToken.getRefreshToken());
form.param("client_id", "consumer-id");
Response response = client.post(form);
accessToken = response.readEntity(ClientAccessToken.class);
assertNotNull(accessToken.getTokenKey());
assertNotNull(accessToken.getRefreshToken());
}
Also used :
Response(javax.ws.rs.core.Response)
Form(javax.ws.rs.core.Form)
ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
URL(java.net.URL)
Aggregations
ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)134
WebClient (org.apache.cxf.jaxrs.client.WebClient)116
URL (java.net.URL)53
Response (javax.ws.rs.core.Response)51
Form (javax.ws.rs.core.Form)41
Test (org.junit.Test)21
Consumer (org.apache.cxf.rs.security.oauth2.client.Consumer)16
Book (org.apache.cxf.systest.jaxrs.security.Book)12
JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)11
TokenIntrospection (org.apache.cxf.rs.security.oauth2.common.TokenIntrospection)11
OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)8
JsonMapObjectProvider (org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider)7
OAuthJSONProvider (org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider)7
ClientRegistration (org.apache.cxf.rs.security.oauth2.services.ClientRegistration)7
ClientRegistrationResponse (org.apache.cxf.rs.security.oauth2.services.ClientRegistrationResponse)7
ResponseProcessingException (javax.ws.rs.client.ResponseProcessingException)6
JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)6
AuthorizationCodeGrant (org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeGrant)6
HashMap (java.util.HashMap)4
Produces (javax.ws.rs.Produces)4
