Examples with OAuthPermission org.apache.cxf.rs.security.oauth2.common.OAuthPermission used on opensource projects

Search in sources :

Example 16 with OAuthPermission

use of org.apache.cxf.rs.security.oauth2.common.OAuthPermission in project cxf by apache.

the class JPAOAuthDataProviderTest method testAddGetDeleteRefreshToken.

@Test
public void testAddGetDeleteRefreshToken() {
    Client c = addClient("101", "bob");
    AccessTokenRegistration atr = new AccessTokenRegistration();
    atr.setClient(c);
    atr.setApprovedScope(Arrays.asList("a", "refreshToken"));
    atr.setSubject(c.getResourceOwnerSubject());
    ServerAccessToken at = getProvider().createAccessToken(atr);
    ServerAccessToken at2 = getProvider().getAccessToken(at.getTokenKey());
    assertEquals(at.getTokenKey(), at2.getTokenKey());
    List<OAuthPermission> scopes = at2.getScopes();
    assertNotNull(scopes);
    assertEquals(2, scopes.size());
    OAuthPermission perm = scopes.get(0);
    assertEquals("a", perm.getPermission());
    OAuthPermission perm2 = scopes.get(1);
    assertEquals("refreshToken", perm2.getPermission());
    RefreshToken rt = getProvider().getRefreshToken(at2.getRefreshToken());
    assertNotNull(rt);
    assertEquals(at2.getTokenKey(), rt.getAccessTokens().get(0));
    List<RefreshToken> tokens = getProvider().getRefreshTokens(c, c.getResourceOwnerSubject());
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    assertEquals(rt.getTokenKey(), tokens.get(0).getTokenKey());
    getProvider().revokeToken(c, rt.getTokenKey(), OAuthConstants.REFRESH_TOKEN);
    assertNull(getProvider().getRefreshToken(rt.getTokenKey()));
}
Also used : OAuthPermission(org.apache.cxf.rs.security.oauth2.common.OAuthPermission) ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) RefreshToken(org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken) Client(org.apache.cxf.rs.security.oauth2.common.Client) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration) Test(org.junit.Test)

Example 17 with OAuthPermission

use of org.apache.cxf.rs.security.oauth2.common.OAuthPermission in project cxf by apache.

the class JPAOAuthDataProviderTest method testAddGetDeleteAccessToken.

@Test
public void testAddGetDeleteAccessToken() {
    Client c = addClient("101", "bob");
    AccessTokenRegistration atr = new AccessTokenRegistration();
    atr.setClient(c);
    atr.setApprovedScope(Collections.singletonList("a"));
    atr.setSubject(c.getResourceOwnerSubject());
    ServerAccessToken at = getProvider().createAccessToken(atr);
    ServerAccessToken at2 = getProvider().getAccessToken(at.getTokenKey());
    assertEquals(at.getTokenKey(), at2.getTokenKey());
    List<OAuthPermission> scopes = at2.getScopes();
    assertNotNull(scopes);
    assertEquals(1, scopes.size());
    OAuthPermission perm = scopes.get(0);
    assertEquals("a", perm.getPermission());
    List<ServerAccessToken> tokens = getProvider().getAccessTokens(c, c.getResourceOwnerSubject());
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey());
    tokens = getProvider().getAccessTokens(c, null);
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey());
    tokens = getProvider().getAccessTokens(null, c.getResourceOwnerSubject());
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey());
    tokens = getProvider().getAccessTokens(null, null);
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey());
    getProvider().revokeToken(c, at.getTokenKey(), OAuthConstants.ACCESS_TOKEN);
    assertNull(getProvider().getAccessToken(at.getTokenKey()));
}
Also used : OAuthPermission(org.apache.cxf.rs.security.oauth2.common.OAuthPermission) ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) Client(org.apache.cxf.rs.security.oauth2.common.Client) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration) Test(org.junit.Test)

Example 18 with OAuthPermission

use of org.apache.cxf.rs.security.oauth2.common.OAuthPermission in project cxf by apache.

the class EncryptingDataProvider method createAccessTokenInternal.

BearerAccessToken createAccessTokenInternal(AccessTokenRegistration accessTokenReg) {
    BearerAccessToken token = new BearerAccessToken(accessTokenReg.getClient(), 3600L);
    token.setSubject(accessTokenReg.getSubject());
    createRefreshToken(token);
    token.setGrantType(accessTokenReg.getGrantType());
    token.setAudiences(accessTokenReg.getAudiences());
    token.setParameters(Collections.singletonMap("param", "value"));
    token.setScopes(Collections.singletonList(new OAuthPermission("read", "read permission")));
    return token;
}
Also used : OAuthPermission(org.apache.cxf.rs.security.oauth2.common.OAuthPermission) BearerAccessToken(org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken)

Example 19 with OAuthPermission

use of org.apache.cxf.rs.security.oauth2.common.OAuthPermission in project cxf by apache.

the class OidcAuthorizationCodeService method canAuthorizationBeSkipped.

@Override
protected boolean canAuthorizationBeSkipped(MultivaluedMap<String, String> params, Client client, UserSubject userSubject, List<String> requestedScope, List<OAuthPermission> permissions) {
    List<String> promptValues = OidcUtils.getPromptValues(params);
    if (promptValues.contains(OidcUtils.PROMPT_CONSENT_VALUE)) {
        // Displaying the consent screen is preferred by the client
        return false;
    }
    // Check the pre-configured consent
    boolean preConfiguredConsentForScopes = super.canAuthorizationBeSkipped(params, client, userSubject, requestedScope, permissions);
    if (!preConfiguredConsentForScopes && promptValues.contains(OidcUtils.PROMPT_NONE_VALUE)) {
        // An error is returned if client does not have pre-configured consent for the requested scopes/claims
        LOG.log(Level.FINE, "Prompt 'none' request can not be met");
        throw new OAuthServiceException(new OAuthError(OidcUtils.CONSENT_REQUIRED_ERROR));
    }
    return preConfiguredConsentForScopes;
}
Also used : OAuthError(org.apache.cxf.rs.security.oauth2.common.OAuthError) OAuthServiceException(org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)

Example 20 with OAuthPermission

use of org.apache.cxf.rs.security.oauth2.common.OAuthPermission in project cxf by apache.

the class AbstractOAuthDataProvider method doCreateNewRefreshToken.

protected RefreshToken doCreateNewRefreshToken(ServerAccessToken at) {
    RefreshToken rt = new RefreshToken(at.getClient(), refreshTokenLifetime);
    if (at.getAudiences() != null) {
        List<String> audiences = new LinkedList<String>();
        audiences.addAll(at.getAudiences());
        rt.setAudiences(audiences);
    }
    rt.setGrantType(at.getGrantType());
    if (at.getScopes() != null) {
        List<OAuthPermission> scopes = new LinkedList<OAuthPermission>();
        scopes.addAll(at.getScopes());
        rt.setScopes(scopes);
    }
    rt.setGrantCode(at.getGrantCode());
    rt.setNonce(at.getNonce());
    rt.setSubject(at.getSubject());
    rt.setClientCodeVerifier(at.getClientCodeVerifier());
    return rt;
}
Also used : OAuthPermission(org.apache.cxf.rs.security.oauth2.common.OAuthPermission) RefreshToken(org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken) LinkedList(java.util.LinkedList)

Aggregations

OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)22 ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)8 LinkedList (java.util.LinkedList)6 Client (org.apache.cxf.rs.security.oauth2.common.Client)6 AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)4 OAuthAuthorizationData (org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData)4 UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)4 OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)4 RefreshToken (org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)4 Test (org.junit.Test)4 ArrayList (java.util.ArrayList)3 AccessTokenValidation (org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation)3 Instant (java.time.Instant)2 JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)2 OAuthContext (org.apache.cxf.rs.security.oauth2.common.OAuthContext)2 OAuthError (org.apache.cxf.rs.security.oauth2.common.OAuthError)2 BearerAccessToken (org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken)2 Ignore (org.junit.Ignore)2 X509Certificate (java.security.cert.X509Certificate)1 HashMap (java.util.HashMap)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial