Search in sources :

Example 11 with OAuthRedirectionState

use of org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState in project cxf by apache.

the class JoseSessionTokenProvider method convertStateStringToState.

private OAuthRedirectionState convertStateStringToState(String stateString) {
    String[] parts = ModelEncryptionSupport.getParts(stateString);
    OAuthRedirectionState state = new OAuthRedirectionState();
    if (!StringUtils.isEmpty(parts[0])) {
        state.setClientId(parts[0]);
    }
    if (!StringUtils.isEmpty(parts[1])) {
        state.setAudience(parts[1]);
    }
    if (!StringUtils.isEmpty(parts[2])) {
        state.setClientCodeChallenge(parts[2]);
    }
    if (!StringUtils.isEmpty(parts[3])) {
        state.setState(parts[3]);
    }
    if (!StringUtils.isEmpty(parts[4])) {
        state.setProposedScope(parts[4]);
    }
    if (!StringUtils.isEmpty(parts[5])) {
        state.setRedirectUri(parts[5]);
    }
    if (!StringUtils.isEmpty(parts[6])) {
        state.setNonce(parts[6]);
    }
    if (!StringUtils.isEmpty(parts[7])) {
        state.setResponseType(parts[7]);
    }
    if (!StringUtils.isEmpty(parts[8])) {
        state.setExtraProperties(ModelEncryptionSupport.parseSimpleMap(parts[8]));
    }
    return state;
}
Also used : OAuthRedirectionState(org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState)

Example 12 with OAuthRedirectionState

use of org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState in project cxf by apache.

the class AbstractImplicitGrantService method getClientAccessToken.

protected ClientAccessToken getClientAccessToken(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) {
    ServerAccessToken token = null;
    if (preAuthorizedToken == null) {
        AccessTokenRegistration reg = createTokenRegistration(state, client, requestedScope, approvedScope, userSubject);
        token = getDataProvider().createAccessToken(reg);
    } else {
        token = preAuthorizedToken;
        if (state.getNonce() != null) {
            JAXRSUtils.getCurrentMessage().getExchange().put(OAuthConstants.NONCE, state.getNonce());
        }
    }
    ClientAccessToken clientToken = OAuthUtils.toClientAccessToken(token, isWriteOptionalParameters());
    processClientAccessToken(clientToken, token);
    return clientToken;
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)

Example 13 with OAuthRedirectionState

use of org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState in project cxf by apache.

the class AbstractImplicitGrantService method prepareFormResponse.

protected AbstractFormImplicitResponse prepareFormResponse(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) {
    ClientAccessToken clientToken = getClientAccessToken(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
    FormTokenResponse bean = new FormTokenResponse();
    bean.setResponseType(OAuthConstants.TOKEN_RESPONSE_TYPE);
    bean.setRedirectUri(state.getRedirectUri());
    bean.setState(state.getState());
    bean.setAccessToken(clientToken.getTokenKey());
    bean.setAccessTokenType(clientToken.getTokenType());
    bean.setAccessTokenExpiresIn(clientToken.getExpiresIn());
    bean.getParameters().putAll(clientToken.getParameters());
    return bean;
}
Also used : FormTokenResponse(org.apache.cxf.rs.security.oauth2.common.FormTokenResponse) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)

Example 14 with OAuthRedirectionState

use of org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState in project cxf by apache.

the class AbstractImplicitGrantService method prepareRedirectResponse.

protected StringBuilder prepareRedirectResponse(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) {
    ClientAccessToken clientToken = getClientAccessToken(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
    // return the token by appending it as a fragment parameter to the redirect URI
    StringBuilder sb = getUriWithFragment(state.getRedirectUri());
    sb.append(OAuthConstants.ACCESS_TOKEN).append("=").append(clientToken.getTokenKey());
    sb.append("&");
    sb.append(OAuthConstants.ACCESS_TOKEN_TYPE).append("=").append(clientToken.getTokenType());
    if (isWriteOptionalParameters()) {
        sb.append("&").append(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN).append("=").append(clientToken.getExpiresIn());
        if (!StringUtils.isEmpty(clientToken.getApprovedScope())) {
            sb.append("&").append(OAuthConstants.SCOPE).append("=").append(HttpUtils.queryEncode(clientToken.getApprovedScope()));
        }
        for (Map.Entry<String, String> entry : clientToken.getParameters().entrySet()) {
            sb.append("&").append(entry.getKey()).append("=").append(HttpUtils.queryEncode(entry.getValue()));
        }
    }
    if (clientToken.getRefreshToken() != null) {
        processRefreshToken(sb, clientToken.getRefreshToken());
    }
    finalizeResponse(sb, state);
    return sb;
}
Also used : ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) Map(java.util.Map)

Example 15 with OAuthRedirectionState

use of org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState in project cxf by apache.

the class AbstractImplicitGrantService method createTokenRegistration.

protected AccessTokenRegistration createTokenRegistration(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject) {
    AccessTokenRegistration reg = new AccessTokenRegistration();
    reg.setClient(client);
    reg.setGrantType(super.getSupportedGrantType());
    reg.setResponseType(state.getResponseType());
    reg.setSubject(userSubject);
    reg.setRequestedScope(requestedScope);
    reg.setApprovedScope(getApprovedScope(requestedScope, approvedScope));
    reg.setAudiences(Collections.singletonList(state.getAudience()));
    reg.setNonce(state.getNonce());
    reg.getExtraProperties().putAll(state.getExtraProperties());
    return reg;
}
Also used : AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)

Aggregations

OAuthRedirectionState (org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState)7 ServerAuthorizationCodeGrant (org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)5 ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)3 Map (java.util.Map)2 Properties (java.util.Properties)2 AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)2 AuthorizationCodeRegistration (org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeRegistration)2 OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)2 IOException (java.io.IOException)1 StringReader (java.io.StringReader)1 StandardCharsets (java.nio.charset.StandardCharsets)1 Principal (java.security.Principal)1 ArrayList (java.util.ArrayList)1 Arrays.asList (java.util.Arrays.asList)1 Collections (java.util.Collections)1 Collections.emptySet (java.util.Collections.emptySet)1 HashMap (java.util.HashMap)1 LinkedList (java.util.LinkedList)1 List (java.util.List)1 ENGLISH (java.util.Locale.ENGLISH)1