Search in sources :

Example 36 with UserSubject

use of org.apache.cxf.rs.security.oauth2.common.UserSubject in project cxf by apache.

the class OidcHybridService method prepareFormResponse.

@Override
protected AbstractFormImplicitResponse prepareFormResponse(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) {
    ServerAuthorizationCodeGrant codeGrant = prepareHybrideCode(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
    AbstractFormImplicitResponse implResp = super.prepareFormResponse(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
    FormHybridResponse response = new FormHybridResponse();
    response.setResponseType(state.getResponseType());
    response.setRedirectUri(state.getRedirectUri());
    response.setState(state.getState());
    response.setImplicitResponse(implResp);
    if (codeGrant != null) {
        response.setCode(codeGrant.getCode());
    }
    return response;
}
Also used : ServerAuthorizationCodeGrant(org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant) AbstractFormImplicitResponse(org.apache.cxf.rs.security.oauth2.common.AbstractFormImplicitResponse)

Example 37 with UserSubject

use of org.apache.cxf.rs.security.oauth2.common.UserSubject in project cxf by apache.

the class AbstractOAuthDataProvider method getPreauthorizedToken.

@Override
public ServerAccessToken getPreauthorizedToken(Client client, List<String> requestedScopes, UserSubject sub, String grantType) throws OAuthServiceException {
    if (!isSupportPreauthorizedTokens()) {
        return null;
    }
    ServerAccessToken token = null;
    for (ServerAccessToken at : getAccessTokens(client, sub)) {
        if (at.getClient().getClientId().equals(client.getClientId()) && at.getGrantType().equals(grantType) && (sub == null && at.getSubject() == null || sub != null && at.getSubject().getLogin().equals(sub.getLogin()))) {
            token = at;
            break;
        }
    }
    if (token != null && OAuthUtils.isExpired(token.getIssuedAt(), token.getExpiresIn())) {
        revokeToken(client, token.getTokenKey(), OAuthConstants.ACCESS_TOKEN);
        token = null;
    }
    return token;
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)

Example 38 with UserSubject

use of org.apache.cxf.rs.security.oauth2.common.UserSubject in project cxf by apache.

the class DefaultEHCacheOAuthDataProvider method getClients.

@Override
public List<Client> getClients(UserSubject resourceOwner) {
    List<String> keys = CastUtils.cast(clientCache.getKeys());
    List<Client> clients = new ArrayList<>(keys.size());
    for (String key : keys) {
        Client c = doGetClient(key);
        if (isClientMatched(c, resourceOwner)) {
            clients.add(c);
        }
    }
    return clients;
}
Also used : ArrayList(java.util.ArrayList) Client(org.apache.cxf.rs.security.oauth2.common.Client)

Example 39 with UserSubject

use of org.apache.cxf.rs.security.oauth2.common.UserSubject in project cxf by apache.

the class JCacheOAuthDataProvider method getClients.

@Override
public List<Client> getClients(UserSubject resourceOwner) {
    List<Client> clients = new ArrayList<>();
    for (Iterator<Cache.Entry<String, Client>> it = clientCache.iterator(); it.hasNext(); ) {
        Cache.Entry<String, Client> entry = it.next();
        Client client = entry.getValue();
        if (isClientMatched(client, resourceOwner)) {
            clients.add(client);
        }
    }
    return clients;
}
Also used : ArrayList(java.util.ArrayList) Client(org.apache.cxf.rs.security.oauth2.common.Client) Cache(javax.cache.Cache)

Example 40 with UserSubject

use of org.apache.cxf.rs.security.oauth2.common.UserSubject in project cxf by apache.

the class JCacheOAuthDataProvider method getJwtAccessTokens.

protected List<ServerAccessToken> getJwtAccessTokens(Client client, UserSubject sub) {
    final Set<String> toRemove = new HashSet<>();
    final List<ServerAccessToken> tokens = new ArrayList<>();
    for (Iterator<Cache.Entry<String, String>> it = jwtAccessTokenCache.iterator(); it.hasNext(); ) {
        Cache.Entry<String, String> entry = it.next();
        String jose = entry.getValue();
        JoseJwtConsumer theConsumer = jwtTokenConsumer == null ? new JoseJwtConsumer() : jwtTokenConsumer;
        ServerAccessToken token = JwtTokenUtils.createAccessTokenFromJwt(theConsumer, jose, this, super.getJwtAccessTokenClaimMap());
        if (isExpired(token)) {
            toRemove.add(entry.getKey());
        } else if (isTokenMatched(token, client, sub)) {
            tokens.add(token);
        }
    }
    jwtAccessTokenCache.removeAll(toRemove);
    return tokens;
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) ArrayList(java.util.ArrayList) JoseJwtConsumer(org.apache.cxf.rs.security.jose.jwt.JoseJwtConsumer) HashSet(java.util.HashSet) Cache(javax.cache.Cache)

Aggregations

UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)29 Client (org.apache.cxf.rs.security.oauth2.common.Client)17 ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)10 OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)8 ArrayList (java.util.ArrayList)7 OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)7 AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)6 LinkedList (java.util.LinkedList)5 ServerAuthorizationCodeGrant (org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)5 SecurityContext (org.apache.cxf.security.SecurityContext)5 ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)4 OAuthAuthorizationData (org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData)4 Principal (java.security.Principal)3 Map (java.util.Map)3 Message (org.apache.cxf.message.Message)3 Test (org.junit.Test)3 ByteArrayInputStream (java.io.ByteArrayInputStream)2 IOException (java.io.IOException)2 Instant (java.time.Instant)2 HashMap (java.util.HashMap)2