use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.
the class DefaultEHCacheOAuthDataProvider method getAccessTokens.
@Override
public List<ServerAccessToken> getAccessTokens(Client c, UserSubject sub) {
List<String> keys = CastUtils.cast(accessTokenCache.getKeys());
List<ServerAccessToken> tokens = new ArrayList<>(keys.size());
for (String key : keys) {
ServerAccessToken token = getAccessToken(key);
if (isTokenMatched(token, c, sub)) {
tokens.add(token);
}
}
return tokens;
}
use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.
the class DefaultEHCacheOAuthDataProvider method getAccessToken.
@Override
public ServerAccessToken getAccessToken(String accessToken) throws OAuthServiceException {
ServerAccessToken at = null;
if (isUseJwtFormatForAccessTokens() && isStoreJwtTokenKeyOnly()) {
String jose = getCacheValue(accessTokenCache, accessToken, String.class);
if (jose != null) {
JoseJwtConsumer theConsumer = jwtTokenConsumer == null ? new JoseJwtConsumer() : jwtTokenConsumer;
at = JwtTokenUtils.createAccessTokenFromJwt(theConsumer, jose, this, super.getJwtAccessTokenClaimMap());
}
} else {
at = getCacheValue(accessTokenCache, accessToken, ServerAccessToken.class);
}
return at;
}
use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.
the class JCacheOAuthDataProviderTest method testAddGetDeleteAccessToken.
@Ignore
@Test
public void testAddGetDeleteAccessToken() {
Client c = addClient("101", "bob");
AccessTokenRegistration atr = new AccessTokenRegistration();
atr.setClient(c);
atr.setApprovedScope(Collections.singletonList("a"));
atr.setSubject(c.getResourceOwnerSubject());
ServerAccessToken at = provider.createAccessToken(atr);
ServerAccessToken at2 = provider.getAccessToken(at.getTokenKey());
assertEquals(at.getTokenKey(), at2.getTokenKey());
List<OAuthPermission> scopes = at2.getScopes();
assertNotNull(scopes);
assertEquals(1, scopes.size());
OAuthPermission perm = scopes.get(0);
assertEquals("a", perm.getPermission());
List<ServerAccessToken> tokens = provider.getAccessTokens(c, c.getResourceOwnerSubject());
assertNotNull(tokens);
assertEquals(1, tokens.size());
assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey());
tokens = provider.getAccessTokens(c, null);
assertNotNull(tokens);
assertEquals(1, tokens.size());
assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey());
tokens = provider.getAccessTokens(null, c.getResourceOwnerSubject());
assertNotNull(tokens);
assertEquals(1, tokens.size());
assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey());
tokens = provider.getAccessTokens(null, null);
assertNotNull(tokens);
assertEquals(1, tokens.size());
assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey());
provider.revokeToken(c, at.getTokenKey(), OAuthConstants.ACCESS_TOKEN);
assertNull(provider.getAccessToken(at.getTokenKey()));
}
use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.
the class JCacheOAuthDataProviderTest method testAddGetDeleteAccessToken2.
@Ignore
@Test
public void testAddGetDeleteAccessToken2() {
Client c = addClient("102", "bob");
AccessTokenRegistration atr = new AccessTokenRegistration();
atr.setClient(c);
atr.setApprovedScope(Collections.singletonList("a"));
atr.setSubject(c.getResourceOwnerSubject());
provider.createAccessToken(atr);
List<ServerAccessToken> tokens = provider.getAccessTokens(c, null);
assertNotNull(tokens);
assertEquals(1, tokens.size());
provider.removeClient(c.getClientId());
tokens = provider.getAccessTokens(c, null);
assertNotNull(tokens);
assertEquals(0, tokens.size());
}
use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.
the class JCacheOAuthDataProviderTest method testAddGetDeleteRefreshToken.
@Ignore
@Test
public void testAddGetDeleteRefreshToken() {
Client c = addClient("101", "bob");
AccessTokenRegistration atr = new AccessTokenRegistration();
atr.setClient(c);
atr.setApprovedScope(Arrays.asList("a", "refreshToken"));
atr.setSubject(c.getResourceOwnerSubject());
ServerAccessToken at = provider.createAccessToken(atr);
ServerAccessToken at2 = provider.getAccessToken(at.getTokenKey());
assertEquals(at.getTokenKey(), at2.getTokenKey());
List<OAuthPermission> scopes = at2.getScopes();
assertNotNull(scopes);
assertEquals(2, scopes.size());
OAuthPermission perm = scopes.get(0);
assertEquals("a", perm.getPermission());
OAuthPermission perm2 = scopes.get(1);
assertEquals("refreshToken", perm2.getPermission());
RefreshToken rt = provider.getRefreshToken(at2.getRefreshToken());
assertNotNull(rt);
assertEquals(at2.getTokenKey(), rt.getAccessTokens().get(0));
List<RefreshToken> tokens = provider.getRefreshTokens(c, c.getResourceOwnerSubject());
assertNotNull(tokens);
assertEquals(1, tokens.size());
assertEquals(rt.getTokenKey(), tokens.get(0).getTokenKey());
provider.revokeToken(c, rt.getTokenKey(), OAuthConstants.REFRESH_TOKEN);
assertNull(provider.getRefreshToken(rt.getTokenKey()));
}
Aggregations