Example 46 with ServerAccessToken
use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.
the class AbstractOAuthDataProvider method removeClientTokens.
protected void removeClientTokens(Client c) {
List<RefreshToken> refreshTokens = getRefreshTokens(c, null);
if (refreshTokens != null) {
for (RefreshToken rt : refreshTokens) {
revokeRefreshToken(rt.getTokenKey());
}
}
List<ServerAccessToken> accessTokens = getAccessTokens(c, null);
if (accessTokens != null) {
for (ServerAccessToken at : accessTokens) {
revokeAccessToken(at.getTokenKey());
}
}
}
Also used :
ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)
RefreshToken(org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)
Example 47 with ServerAccessToken
use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.
the class AbstractOAuthDataProvider method handleLinkedRefreshToken.
protected void handleLinkedRefreshToken(ServerAccessToken accessToken) {
if (accessToken != null && accessToken.getRefreshToken() != null) {
RefreshToken rt = getRefreshToken(accessToken.getRefreshToken());
if (rt == null) {
return;
}
unlinkRefreshAccessToken(rt, accessToken.getTokenKey());
if (rt.getAccessTokens().isEmpty()) {
revokeRefreshToken(rt.getTokenKey());
} else {
saveRefreshToken(rt);
}
}
}
Also used :
RefreshToken(org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)
Example 48 with ServerAccessToken
use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.
the class AbstractOAuthDataProvider method createAccessToken.
@Override
public ServerAccessToken createAccessToken(AccessTokenRegistration reg) throws OAuthServiceException {
ServerAccessToken at = doCreateAccessToken(reg);
saveAccessToken(at);
if (isRefreshTokenSupported(reg.getApprovedScope())) {
createNewRefreshToken(at);
}
return at;
}
Also used :
ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)
Example 49 with ServerAccessToken
use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.
the class AbstractOAuthDataProvider method refreshAccessToken.
@Override
public ServerAccessToken refreshAccessToken(Client client, String refreshTokenKey, List<String> restrictedScopes) throws OAuthServiceException {
RefreshToken currentRefreshToken = recycleRefreshTokens ? revokeRefreshToken(refreshTokenKey) : getRefreshToken(refreshTokenKey);
if (currentRefreshToken == null) {
throw new OAuthServiceException(OAuthConstants.ACCESS_DENIED);
}
if (OAuthUtils.isExpired(currentRefreshToken.getIssuedAt(), currentRefreshToken.getExpiresIn())) {
if (!recycleRefreshTokens) {
revokeRefreshToken(refreshTokenKey);
}
throw new OAuthServiceException(OAuthConstants.ACCESS_DENIED);
}
if (recycleRefreshTokens) {
revokeAccessTokens(currentRefreshToken);
}
ServerAccessToken at = doRefreshAccessToken(client, currentRefreshToken, restrictedScopes);
saveAccessToken(at);
if (recycleRefreshTokens) {
createNewRefreshToken(at);
} else {
updateExistingRefreshToken(currentRefreshToken, at);
}
return at;
}
Also used :
ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)
RefreshToken(org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)
Example 50 with ServerAccessToken
use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.
the class JCacheOAuthDataProvider method getJwtAccessTokens.
protected List<ServerAccessToken> getJwtAccessTokens(Client client, UserSubject sub) {
final Set<String> toRemove = new HashSet<>();
final List<ServerAccessToken> tokens = new ArrayList<>();
for (Iterator<Cache.Entry<String, String>> it = jwtAccessTokenCache.iterator(); it.hasNext(); ) {
Cache.Entry<String, String> entry = it.next();
String jose = entry.getValue();
JoseJwtConsumer theConsumer = jwtTokenConsumer == null ? new JoseJwtConsumer() : jwtTokenConsumer;
ServerAccessToken token = JwtTokenUtils.createAccessTokenFromJwt(theConsumer, jose, this, super.getJwtAccessTokenClaimMap());
if (isExpired(token)) {
toRemove.add(entry.getKey());
} else if (isTokenMatched(token, client, sub)) {
tokens.add(token);
}
}
jwtAccessTokenCache.removeAll(toRemove);
return tokens;
}
Also used :
ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)
ArrayList(java.util.ArrayList)
JoseJwtConsumer(org.apache.cxf.rs.security.jose.jwt.JoseJwtConsumer)
HashSet(java.util.HashSet)
Cache(javax.cache.Cache)
Aggregations
ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)41
AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)19
Client (org.apache.cxf.rs.security.oauth2.common.Client)16
Test (org.junit.Test)16
OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)13
RefreshToken (org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)12
OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)10
UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)9
ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)6
ServerAuthorizationCodeGrant (org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)6
BearerAccessToken (org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken)6
ByteArrayInputStream (java.io.ByteArrayInputStream)3
ArrayList (java.util.ArrayList)3
LinkedList (java.util.LinkedList)3
Consumes (javax.ws.rs.Consumes)3
POST (javax.ws.rs.POST)3
Produces (javax.ws.rs.Produces)3
JoseJwtConsumer (org.apache.cxf.rs.security.jose.jwt.JoseJwtConsumer)3
JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)3
Ignore (org.junit.Ignore)3
