Examples with ServerAccessToken org.apache.cxf.rs.security.oauth2.common.ServerAccessToken used on opensource projects

Search in sources :

Example 26 with ServerAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.

the class AuthorizationCodeGrantService method getGrantRepresentation.

public ServerAuthorizationCodeGrant getGrantRepresentation(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preauthorizedToken) {
    AuthorizationCodeRegistration codeReg = createCodeRegistration(state, client, requestedScope, approvedScope, userSubject, preauthorizedToken);
    ServerAuthorizationCodeGrant grant = ((AuthorizationCodeDataProvider) getDataProvider()).createCodeGrant(codeReg);
    if (grant.getExpiresIn() > RECOMMENDED_CODE_EXPIRY_TIME_SECS) {
        LOG.warning("Code expiry time exceeds 10 minutes");
    }
    return grant;
}
Also used : AuthorizationCodeRegistration(org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeRegistration) AuthorizationCodeDataProvider(org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeDataProvider) ServerAuthorizationCodeGrant(org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)

Example 27 with ServerAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.

the class AuthorizationCodeGrantService method createCodeRegistration.

protected AuthorizationCodeRegistration createCodeRegistration(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preauthorizedToken) {
    AuthorizationCodeRegistration codeReg = new AuthorizationCodeRegistration();
    codeReg.setPreauthorizedTokenAvailable(preauthorizedToken != null);
    codeReg.setClient(client);
    codeReg.setRedirectUri(state.getRedirectUri());
    codeReg.setRequestedScope(requestedScope);
    codeReg.setResponseType(state.getResponseType());
    codeReg.setApprovedScope(getApprovedScope(requestedScope, approvedScope));
    codeReg.setSubject(userSubject);
    codeReg.setAudience(state.getAudience());
    codeReg.setNonce(state.getNonce());
    codeReg.setClientCodeChallenge(state.getClientCodeChallenge());
    codeReg.setClientCodeChallengeMethod(state.getClientCodeChallengeMethod());
    codeReg.getExtraProperties().putAll(state.getExtraProperties());
    return codeReg;
}
Also used : AuthorizationCodeRegistration(org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeRegistration)

Example 28 with ServerAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.

the class OidcHybridService method prepareRedirectResponse.

@Override
protected StringBuilder prepareRedirectResponse(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) {
    ServerAuthorizationCodeGrant codeGrant = prepareHybrideCode(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
    StringBuilder sb = super.prepareRedirectResponse(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
    if (codeGrant != null) {
        sb.append('&');
        sb.append(OAuthConstants.AUTHORIZATION_CODE_VALUE).append('=').append(codeGrant.getCode());
    }
    return sb;
}
Also used : ServerAuthorizationCodeGrant(org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)

Example 29 with ServerAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.

the class OidcHybridService method prepareHybrideCode.

protected ServerAuthorizationCodeGrant prepareHybrideCode(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) {
    ServerAuthorizationCodeGrant codeGrant = null;
    if (state.getResponseType() != null && state.getResponseType().startsWith(OAuthConstants.CODE_RESPONSE_TYPE)) {
        codeGrant = codeService.getGrantRepresentation(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
        JAXRSUtils.getCurrentMessage().getExchange().put(OAuthConstants.AUTHORIZATION_CODE_VALUE, codeGrant.getCode());
    }
    return codeGrant;
}
Also used : ServerAuthorizationCodeGrant(org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)

Example 30 with ServerAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ServerAccessToken in project cxf by apache.

the class EncryptingDataProvider method refreshAccessToken.

@Override
public ServerAccessToken refreshAccessToken(Client client, String refreshToken, List<String> requestedScopes) throws OAuthServiceException {
    String encrypted = refreshTokens.remove(refreshToken);
    ServerAccessToken token = ModelEncryptionSupport.decryptAccessToken(this, encrypted, key);
    tokens.remove(token.getTokenKey());
    // create a new refresh token
    createRefreshToken(token);
    // possibly update other token properties
    encryptAccessToken(token);
    return token;
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)

Aggregations

ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)54 AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)24 Client (org.apache.cxf.rs.security.oauth2.common.Client)24 Test (org.junit.Test)21 OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)15 RefreshToken (org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)15 UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)12 OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)11 BearerAccessToken (org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken)7 ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)6 ServerAuthorizationCodeGrant (org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)6 JoseJwtConsumer (org.apache.cxf.rs.security.jose.jwt.JoseJwtConsumer)5 JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)5 ArrayList (java.util.ArrayList)4 ByteArrayInputStream (java.io.ByteArrayInputStream)3 LinkedList (java.util.LinkedList)3 Map (java.util.Map)3 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)3 Ignore (org.junit.Ignore)3 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial