Example 36 with UserSubject
use of org.apache.cxf.rs.security.oauth2.common.UserSubject in project cxf by apache.
the class OidcHybridService method prepareFormResponse.
@Override
protected AbstractFormImplicitResponse prepareFormResponse(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) {
ServerAuthorizationCodeGrant codeGrant = prepareHybrideCode(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
AbstractFormImplicitResponse implResp = super.prepareFormResponse(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
FormHybridResponse response = new FormHybridResponse();
response.setResponseType(state.getResponseType());
response.setRedirectUri(state.getRedirectUri());
response.setState(state.getState());
response.setImplicitResponse(implResp);
if (codeGrant != null) {
response.setCode(codeGrant.getCode());
}
return response;
}
Also used :
ServerAuthorizationCodeGrant(org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)
AbstractFormImplicitResponse(org.apache.cxf.rs.security.oauth2.common.AbstractFormImplicitResponse)
Example 37 with UserSubject
use of org.apache.cxf.rs.security.oauth2.common.UserSubject in project cxf by apache.
the class AbstractOAuthDataProvider method getPreauthorizedToken.
@Override
public ServerAccessToken getPreauthorizedToken(Client client, List<String> requestedScopes, UserSubject sub, String grantType) throws OAuthServiceException {
if (!isSupportPreauthorizedTokens()) {
return null;
}
ServerAccessToken token = null;
for (ServerAccessToken at : getAccessTokens(client, sub)) {
if (at.getClient().getClientId().equals(client.getClientId()) && at.getGrantType().equals(grantType) && (sub == null && at.getSubject() == null || sub != null && at.getSubject().getLogin().equals(sub.getLogin()))) {
token = at;
break;
}
}
if (token != null && OAuthUtils.isExpired(token.getIssuedAt(), token.getExpiresIn())) {
revokeToken(client, token.getTokenKey(), OAuthConstants.ACCESS_TOKEN);
token = null;
}
return token;
}
Also used :
ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)
Example 38 with UserSubject
use of org.apache.cxf.rs.security.oauth2.common.UserSubject in project cxf by apache.
the class DefaultEHCacheOAuthDataProvider method getClients.
@Override
public List<Client> getClients(UserSubject resourceOwner) {
List<String> keys = CastUtils.cast(clientCache.getKeys());
List<Client> clients = new ArrayList<>(keys.size());
for (String key : keys) {
Client c = doGetClient(key);
if (isClientMatched(c, resourceOwner)) {
clients.add(c);
}
}
return clients;
}Example 39 with UserSubject
use of org.apache.cxf.rs.security.oauth2.common.UserSubject in project cxf by apache.
the class JCacheOAuthDataProvider method getClients.
@Override
public List<Client> getClients(UserSubject resourceOwner) {
List<Client> clients = new ArrayList<>();
for (Iterator<Cache.Entry<String, Client>> it = clientCache.iterator(); it.hasNext(); ) {
Cache.Entry<String, Client> entry = it.next();
Client client = entry.getValue();
if (isClientMatched(client, resourceOwner)) {
clients.add(client);
}
}
return clients;
}Example 40 with UserSubject
use of org.apache.cxf.rs.security.oauth2.common.UserSubject in project cxf by apache.
the class JCacheOAuthDataProvider method getJwtAccessTokens.
protected List<ServerAccessToken> getJwtAccessTokens(Client client, UserSubject sub) {
final Set<String> toRemove = new HashSet<>();
final List<ServerAccessToken> tokens = new ArrayList<>();
for (Iterator<Cache.Entry<String, String>> it = jwtAccessTokenCache.iterator(); it.hasNext(); ) {
Cache.Entry<String, String> entry = it.next();
String jose = entry.getValue();
JoseJwtConsumer theConsumer = jwtTokenConsumer == null ? new JoseJwtConsumer() : jwtTokenConsumer;
ServerAccessToken token = JwtTokenUtils.createAccessTokenFromJwt(theConsumer, jose, this, super.getJwtAccessTokenClaimMap());
if (isExpired(token)) {
toRemove.add(entry.getKey());
} else if (isTokenMatched(token, client, sub)) {
tokens.add(token);
}
}
jwtAccessTokenCache.removeAll(toRemove);
return tokens;
}
Also used :
ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)
ArrayList(java.util.ArrayList)
JoseJwtConsumer(org.apache.cxf.rs.security.jose.jwt.JoseJwtConsumer)
HashSet(java.util.HashSet)
Cache(javax.cache.Cache)
Aggregations
UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)29
Client (org.apache.cxf.rs.security.oauth2.common.Client)17
ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)10
OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)8
ArrayList (java.util.ArrayList)7
OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)7
AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)6
LinkedList (java.util.LinkedList)5
ServerAuthorizationCodeGrant (org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)5
SecurityContext (org.apache.cxf.security.SecurityContext)5
ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)4
OAuthAuthorizationData (org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData)4
Principal (java.security.Principal)3
Map (java.util.Map)3
Message (org.apache.cxf.message.Message)3
Test (org.junit.Test)3
ByteArrayInputStream (java.io.ByteArrayInputStream)2
IOException (java.io.IOException)2
Instant (java.time.Instant)2
HashMap (java.util.HashMap)2
