Examples with ClientAccessToken org.apache.cxf.rs.security.oauth2.common.ClientAccessToken used on opensource projects

Example 26 with ClientAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project cxf by apache.

the class OAuthJSONProvider method readFrom.

public Object readFrom(Class<Object> cls, Type t, Annotation[] anns, MediaType mt, MultivaluedMap<String, String> headers, InputStream is) throws IOException, WebApplicationException {
    if (TokenIntrospection.class.isAssignableFrom(cls)) {
        return fromMapToTokenIntrospection(is);
    }
    Map<String, String> params = readJSONResponse(is);
    if (Map.class.isAssignableFrom(cls)) {
        return params;
    }
    ClientAccessToken token = OAuthClientUtils.fromMapToClientToken(params);
    if (token == null) {
        throw new WebApplicationException(500);
    }
    return token;
}

Example 27 with ClientAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project cxf by apache.

the class OAuthJSONProviderTest method testWriteBearerClientAccessToken.

@Test
public void testWriteBearerClientAccessToken() throws Exception {
    ClientAccessToken token = new ClientAccessToken(OAuthConstants.BEARER_TOKEN_TYPE, "1234");
    token.setExpiresIn(12345);
    token.setRefreshToken("5678");
    token.setApprovedScope("read");
    token.setParameters(Collections.singletonMap("my_parameter", "http://abc"));
    OAuthJSONProvider provider = new OAuthJSONProvider();
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    provider.writeTo(token, ClientAccessToken.class, ClientAccessToken.class, new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE, new MetadataMap<String, Object>(), bos);
    doReadClientAccessToken(bos.toString(), OAuthConstants.BEARER_TOKEN_TYPE, token.getParameters());
}

Example 28 with ClientAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project cxf by apache.

the class CodeAuthSupplier method getAuthorization.

public String getAuthorization(AuthorizationPolicy authPolicy, URI currentURI, Message message, String fullHeader) {
    if (code != null) {
        synchronized (tokenSupplier) {
            if (tokenSupplier.getClientAccessToken().getTokenKey() == null) {
                WebClient wc = tokenSupplier.createAccessTokenServiceClient();
                ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, tokenSupplier.getConsumer(), new AuthorizationCodeGrant(code));
                code = null;
                tokenSupplier.setClientAccessToken(at);
            }
        }
    }
    return tokenSupplier.getAuthorization(authPolicy, currentURI, message, fullHeader);
}

Example 29 with ClientAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project cxf by apache.

the class OAuthClientUtils method fromMapToClientToken.

public static ClientAccessToken fromMapToClientToken(Map<String, String> map, String defaultTokenType) {
    final String tokenKey = map.remove(OAuthConstants.ACCESS_TOKEN);
    if (tokenKey != null) {
        String tokenType = map.remove(OAuthConstants.ACCESS_TOKEN_TYPE);
        if (tokenType == null) {
            tokenType = defaultTokenType;
        }
        if (tokenType != null) {
            ClientAccessToken token = new ClientAccessToken(tokenType, tokenKey);
            String refreshToken = map.remove(OAuthConstants.REFRESH_TOKEN);
            if (refreshToken != null) {
                token.setRefreshToken(refreshToken);
            }
            String expiresInStr = map.remove(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN);
            if (expiresInStr != null) {
                token.setExpiresIn(Long.parseLong(expiresInStr));
            }
            String issuedAtStr = map.remove(OAuthConstants.ACCESS_TOKEN_ISSUED_AT);
            token.setIssuedAt(issuedAtStr != null ? Long.parseLong(issuedAtStr) : System.currentTimeMillis() / 1000);
            String scope = map.remove(OAuthConstants.SCOPE);
            if (scope != null) {
                token.setApprovedScope(scope);
            }
            token.setParameters(map);
            return token;
        }
    }
    return null;
}

Example 30 with ClientAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project cxf by apache.

the class OAuthClientUtils method getAccessToken.

/**
 * Obtains the access token from OAuth AccessToken Service
 * using the initialized web client
 * @param accessTokenService the AccessToken client
 * @param consumer {@link Consumer} representing the registered client.
 * @param grant {@link AccessTokenGrant} grant
 * @param extraParams extra parameters
 * @param defaultTokenType default expected token type - some early
 *        well-known OAuth2 services do not return a required token_type parameter
 * @param setAuthorizationHeader if set to true then HTTP Basic scheme
 *           will be used to pass client id and secret, otherwise they will
 *           be passed in the form payload
 * @return {@link ClientAccessToken} access token
 * @throws OAuthServiceException
 */
public static ClientAccessToken getAccessToken(WebClient accessTokenService, Consumer consumer, AccessTokenGrant grant, Map<String, String> extraParams, String defaultTokenType, boolean setAuthorizationHeader) throws OAuthServiceException {
    if (accessTokenService == null) {
        throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
    }
    Form form = new Form(grant.toMap());
    if (extraParams != null) {
        for (Map.Entry<String, String> entry : extraParams.entrySet()) {
            form.param(entry.getKey(), entry.getValue());
        }
    }
    if (consumer != null) {
        boolean secretAvailable = !StringUtils.isEmpty(consumer.getClientSecret());
        if (setAuthorizationHeader && secretAvailable) {
            accessTokenService.replaceHeader(HttpHeaders.AUTHORIZATION, DefaultBasicAuthSupplier.getBasicAuthHeader(consumer.getClientId(), consumer.getClientSecret()));
        } else {
            form.param(OAuthConstants.CLIENT_ID, consumer.getClientId());
            if (secretAvailable) {
                form.param(OAuthConstants.CLIENT_SECRET, consumer.getClientSecret());
            }
        }
    } else {
    // in this case the AccessToken service is expected to find a mapping between
    // the authenticated credentials and the client registration id
    }
    Response response = accessTokenService.form(form);
    final Map<String, String> map;
    try {
        map = response.getMediaType() == null || response.getMediaType().isCompatible(MediaType.APPLICATION_JSON_TYPE) ? new OAuthJSONProvider().readJSONResponse((InputStream) response.getEntity()) : Collections.emptyMap();
    } catch (Exception ex) {
        throw new ResponseProcessingException(response, ex);
    }
    if (200 == response.getStatus()) {
        ClientAccessToken token = fromMapToClientToken(map, defaultTokenType);
        if (token == null) {
            throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
        }
        return token;
    } else if (response.getStatus() >= 400 && map.containsKey(OAuthConstants.ERROR_KEY)) {
        OAuthError error = new OAuthError(map.get(OAuthConstants.ERROR_KEY), map.get(OAuthConstants.ERROR_DESCRIPTION_KEY));
        error.setErrorUri(map.get(OAuthConstants.ERROR_URI_KEY));
        throw new OAuthServiceException(error);
    }
    throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
}