Search in sources :

Example 71 with ServerAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.

the class AbstractOAuthDataProvider method createAccessToken.

@Override
public ServerAccessToken createAccessToken(AccessTokenRegistration reg) throws OAuthServiceException {
    ServerAccessToken at = doCreateAccessToken(reg);
    saveAccessToken(at);
    if (isRefreshTokenSupported(reg.getApprovedScope())) {
        createNewRefreshToken(at);
    }
    return at;
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)

Example 72 with ServerAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.

the class AbstractOAuthDataProvider method removeClientTokens.

protected void removeClientTokens(Client c) {
    List<RefreshToken> refreshTokens = getRefreshTokens(c, null);
    if (refreshTokens != null) {
        for (RefreshToken rt : refreshTokens) {
            revokeRefreshToken(c, rt.getTokenKey());
        }
    }
    List<ServerAccessToken> accessTokens = getAccessTokens(c, null);
    if (accessTokens != null) {
        for (ServerAccessToken at : accessTokens) {
            revokeAccessToken(c, at.getTokenKey());
        }
    }
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) RefreshToken(org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)

Example 73 with ServerAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.

the class AbstractOAuthDataProvider method doCreateNewRefreshToken.

protected RefreshToken doCreateNewRefreshToken(ServerAccessToken at) {
    RefreshToken rt = new RefreshToken(at.getClient(), refreshTokenLifetime);
    if (at.getAudiences() != null) {
        rt.setAudiences(new ArrayList<>(at.getAudiences()));
    }
    rt.setGrantType(at.getGrantType());
    if (at.getScopes() != null) {
        rt.setScopes(new ArrayList<>(at.getScopes()));
    }
    rt.setGrantCode(at.getGrantCode());
    rt.setNonce(at.getNonce());
    rt.setSubject(at.getSubject());
    rt.setClientCodeVerifier(at.getClientCodeVerifier());
    return rt;
}
Also used : RefreshToken(org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)

Example 74 with ServerAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.

the class JPAOAuthDataProviderImpl method createNewAccessToken.

@Override
protected ServerAccessToken createNewAccessToken(Client client, UserSubject userSub) {
    ServerAccessToken token = super.createNewAccessToken(client, userSub);
    token.setNotBefore((System.currentTimeMillis() / 1000L) - 5L);
    return token;
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)

Example 75 with ServerAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.

the class JCacheOAuthDataProviderImpl method createNewAccessToken.

@Override
protected ServerAccessToken createNewAccessToken(Client client, UserSubject userSub) {
    ServerAccessToken token = super.createNewAccessToken(client, userSub);
    token.setNotBefore((System.currentTimeMillis() / 1000L) - 5L);
    return token;
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)

Aggregations

ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)54 AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)24 Client (org.apache.cxf.rs.security.oauth2.common.Client)24 Test (org.junit.Test)21 OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)15 RefreshToken (org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)15 UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)12 OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)11 BearerAccessToken (org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken)7 ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)6 ServerAuthorizationCodeGrant (org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)6 JoseJwtConsumer (org.apache.cxf.rs.security.jose.jwt.JoseJwtConsumer)5 JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)5 ArrayList (java.util.ArrayList)4 ByteArrayInputStream (java.io.ByteArrayInputStream)3 LinkedList (java.util.LinkedList)3 Map (java.util.Map)3 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)3 Ignore (org.junit.Ignore)3 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2