use of org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider in project cxf by apache.
the class BigQueryServer method getAccessToken.
private static ClientAccessToken getAccessToken(PrivateKey privateKey, String issuer) {
JwsHeaders headers = new JwsHeaders(JoseType.JWT, SignatureAlgorithm.RS256);
JwtClaims claims = new JwtClaims();
claims.setIssuer(issuer);
claims.setAudience("https://www.googleapis.com/oauth2/v3/token");
long issuedAt = OAuthUtils.getIssuedAt();
claims.setIssuedAt(issuedAt);
claims.setExpiryTime(issuedAt + 60 * 60);
claims.setProperty("scope", "https://www.googleapis.com/auth/bigquery.readonly");
JwtToken token = new JwtToken(headers, claims);
JwsJwtCompactProducer p = new JwsJwtCompactProducer(token);
String base64UrlAssertion = p.signWith(privateKey);
JwtBearerGrant grant = new JwtBearerGrant(base64UrlAssertion);
WebClient accessTokenService = WebClient.create("https://www.googleapis.com/oauth2/v3/token", Arrays.asList(new OAuthJSONProvider(), new AccessTokenGrantWriter()));
WebClient.getConfig(accessTokenService).getInInterceptors().add(new LoggingInInterceptor());
accessTokenService.type(MediaType.APPLICATION_FORM_URLENCODED).accept(MediaType.APPLICATION_JSON);
return accessTokenService.post(grant, ClientAccessToken.class);
}
use of org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider in project cxf by apache.
the class OAuth2TestUtils method setupProviders.
public static List<Object> setupProviders() {
List<Object> providers = new ArrayList<>();
JSONProvider<OAuthAuthorizationData> jsonP = new JSONProvider<OAuthAuthorizationData>();
jsonP.setNamespaceMap(Collections.singletonMap("http://org.apache.cxf.rs.security.oauth", "ns2"));
providers.add(jsonP);
providers.add(new OAuthJSONProvider());
providers.add(new JsonWebKeysProvider());
providers.add(new JsonMapObjectProvider());
return providers;
}
use of org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider in project meecrowave by apache.
the class OAuth2Test method getRefreshTokenNoClient.
@Test
public void getRefreshTokenNoClient() {
final Client client = ClientBuilder.newClient().register(new OAuthJSONProvider());
try {
// password
final ClientAccessToken primary = client.target("http://localhost:" + MEECROWAVE.getConfiguration().getHttpPort()).path("oauth2/token").request(APPLICATION_JSON_TYPE).post(entity(new Form().param("grant_type", "password").param("username", "test").param("password", "pwd"), APPLICATION_FORM_URLENCODED_TYPE), ClientAccessToken.class);
// refresh
final ClientAccessToken token = client.target("http://localhost:" + MEECROWAVE.getConfiguration().getHttpPort()).path("oauth2/token").request(APPLICATION_JSON_TYPE).post(entity(new Form().param("grant_type", "refresh_token").param("refresh_token", primary.getRefreshToken()), APPLICATION_FORM_URLENCODED_TYPE), ClientAccessToken.class);
assertNotNull(token);
assertEquals("Bearer", token.getTokenType());
assertNotNull(token.getTokenKey());
assertEquals(3600, token.getExpiresIn());
assertNotEquals(0, token.getIssuedAt());
assertNotNull(token.getRefreshToken());
} finally {
client.close();
}
}
use of org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider in project cxf by apache.
the class OAuthClientUtils method getAccessToken.
/**
* Obtains the access token from OAuth AccessToken Service
* @param accessTokenServiceUri the AccessToken endpoint address
* @param consumer {@link Consumer} representing the registered client
* @param grant {@link AccessTokenGrant} grant
* @param setAuthorizationHeader if set to true then HTTP Basic scheme
* will be used to pass client id and secret, otherwise they will
* be passed in the form payload
* @return {@link ClientAccessToken} access token
* @throws OAuthServiceException
*/
public static ClientAccessToken getAccessToken(String accessTokenServiceUri, Consumer consumer, AccessTokenGrant grant, boolean setAuthorizationHeader) throws OAuthServiceException {
OAuthJSONProvider provider = new OAuthJSONProvider();
WebClient accessTokenService = WebClient.create(accessTokenServiceUri, Collections.singletonList(provider));
accessTokenService.accept("application/json");
return getAccessToken(accessTokenService, consumer, grant, setAuthorizationHeader);
}
use of org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider in project cxf by apache.
the class OAuthJSONProviderTest method doReadClientAccessToken.
@SuppressWarnings({ "unchecked", "rawtypes" })
public ClientAccessToken doReadClientAccessToken(String response, String expectedTokenType, Map<String, String> expectedParams) throws Exception {
OAuthJSONProvider provider = new OAuthJSONProvider();
ClientAccessToken token = (ClientAccessToken) provider.readFrom((Class) ClientAccessToken.class, ClientAccessToken.class, new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE, new MetadataMap<String, String>(), new ByteArrayInputStream(response.getBytes()));
assertEquals("1234", token.getTokenKey());
assertTrue(expectedTokenType.equalsIgnoreCase(token.getTokenType()));
assertEquals("5678", token.getRefreshToken());
assertEquals(12345, token.getExpiresIn());
assertEquals("read", token.getApprovedScope());
Map<String, String> extraParams = token.getParameters();
if (expectedParams != null) {
assertEquals(expectedParams, extraParams);
}
assertEquals("http://abc", extraParams.get("my_parameter"));
return token;
}
Aggregations