Example 11 with ServerAuthorizationCodeGrant
use of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant in project cxf by apache.
the class OidcHybridService method prepareRedirectResponse.
@Override
protected StringBuilder prepareRedirectResponse(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) {
ServerAuthorizationCodeGrant codeGrant = prepareHybrideCode(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
StringBuilder sb = super.prepareRedirectResponse(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
if (codeGrant != null) {
sb.append("&");
sb.append(OAuthConstants.AUTHORIZATION_CODE_VALUE).append("=").append(codeGrant.getCode());
}
return sb;
}
Also used :
ServerAuthorizationCodeGrant(org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)
Example 12 with ServerAuthorizationCodeGrant
use of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant in project cxf by apache.
the class OidcHybridService method prepareHybrideCode.
protected ServerAuthorizationCodeGrant prepareHybrideCode(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) {
ServerAuthorizationCodeGrant codeGrant = null;
if (state.getResponseType() != null && state.getResponseType().startsWith(OAuthConstants.CODE_RESPONSE_TYPE)) {
codeGrant = codeService.getGrantRepresentation(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
JAXRSUtils.getCurrentMessage().getExchange().put(OAuthConstants.AUTHORIZATION_CODE_VALUE, codeGrant.getCode());
}
return codeGrant;
}
Also used :
ServerAuthorizationCodeGrant(org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)
Example 13 with ServerAuthorizationCodeGrant
use of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant in project cxf by apache.
the class JCacheCodeDataProviderTest method testAddGetDeleteCodeGrants.
@Ignore
@Test
public void testAddGetDeleteCodeGrants() {
Client c = addClient("111", "bob");
AuthorizationCodeRegistration atr = new AuthorizationCodeRegistration();
atr.setClient(c);
atr.setApprovedScope(Collections.singletonList("a"));
atr.setSubject(c.getResourceOwnerSubject());
ServerAuthorizationCodeGrant grant = provider.createCodeGrant(atr);
List<ServerAuthorizationCodeGrant> grants = provider.getCodeGrants(c, c.getResourceOwnerSubject());
assertNotNull(grants);
assertEquals(1, grants.size());
assertEquals(grant.getCode(), grants.get(0).getCode());
grants = provider.getCodeGrants(c, null);
assertNotNull(grants);
assertEquals(1, grants.size());
assertEquals(grant.getCode(), grants.get(0).getCode());
ServerAuthorizationCodeGrant grant2 = provider.removeCodeGrant(grant.getCode());
assertEquals(grant.getCode(), grant2.getCode());
grants = provider.getCodeGrants(c, null);
assertNotNull(grants);
assertEquals(0, grants.size());
}Example 14 with ServerAuthorizationCodeGrant
use of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant in project cxf by apache.
the class CryptoUtilsTest method testCodeGrantJSON.
@Test
public void testCodeGrantJSON() throws Exception {
Client c = new Client("client", "secret", true);
ServerAuthorizationCodeGrant grant = new ServerAuthorizationCodeGrant(c, "code", 1, 2);
JSONProvider<ServerAuthorizationCodeGrant> jsonp = new JSONProvider<ServerAuthorizationCodeGrant>();
jsonp.setMarshallAsJaxbElement(true);
jsonp.setUnmarshallAsJaxbElement(true);
ByteArrayOutputStream bos = new ByteArrayOutputStream();
jsonp.writeTo(grant, ServerAuthorizationCodeGrant.class, new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE, new MetadataMap<String, Object>(), bos);
String encrypted = CryptoUtils.encryptSequence(bos.toString(), p.key);
String decrypted = CryptoUtils.decryptSequence(encrypted, p.key);
ServerAuthorizationCodeGrant grant2 = jsonp.readFrom(ServerAuthorizationCodeGrant.class, Client.class, new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE, new MetadataMap<String, String>(), new ByteArrayInputStream(decrypted.getBytes()));
assertEquals("code", grant2.getCode());
assertEquals(1, grant2.getExpiresIn());
assertEquals(2, grant2.getIssuedAt());
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
JSONProvider(org.apache.cxf.jaxrs.provider.json.JSONProvider)
ServerAuthorizationCodeGrant(org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
Client(org.apache.cxf.rs.security.oauth2.common.Client)
Test(org.junit.Test)
Example 15 with ServerAuthorizationCodeGrant
use of org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant in project cxf by apache.
the class OidcHybridService method prepareFormResponse.
@Override
protected AbstractFormImplicitResponse prepareFormResponse(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) {
ServerAuthorizationCodeGrant codeGrant = prepareHybrideCode(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
AbstractFormImplicitResponse implResp = super.prepareFormResponse(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken);
FormHybridResponse response = new FormHybridResponse();
response.setResponseType(state.getResponseType());
response.setRedirectUri(state.getRedirectUri());
response.setState(state.getState());
response.setImplicitResponse(implResp);
if (codeGrant != null) {
response.setCode(codeGrant.getCode());
}
return response;
}
Also used :
ServerAuthorizationCodeGrant(org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)
AbstractFormImplicitResponse(org.apache.cxf.rs.security.oauth2.common.AbstractFormImplicitResponse)
Aggregations
ServerAuthorizationCodeGrant (org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant)10
Client (org.apache.cxf.rs.security.oauth2.common.Client)6
Test (org.junit.Test)6
OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)3
ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)2
AuthorizationCodeRegistration (org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeRegistration)2
Ignore (org.junit.Ignore)2
ByteArrayInputStream (java.io.ByteArrayInputStream)1
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
File (java.io.File)1
URI (java.net.URI)1
CacheException (javax.cache.CacheException)1
UriBuilder (javax.ws.rs.core.UriBuilder)1
JSONProvider (org.apache.cxf.jaxrs.provider.json.JSONProvider)1
AbstractFormImplicitResponse (org.apache.cxf.rs.security.oauth2.common.AbstractFormImplicitResponse)1
AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)1
FormAuthorizationResponse (org.apache.cxf.rs.security.oauth2.common.FormAuthorizationResponse)1
OOBAuthorizationResponse (org.apache.cxf.rs.security.oauth2.common.OOBAuthorizationResponse)1
AuthorizationCodeDataProvider (org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeDataProvider)1
RefreshToken (org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)1
