use of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException in project cxf by apache.
the class OAuthUtils method setCertificateThumbprintConfirmation.
public static void setCertificateThumbprintConfirmation(MessageContext mc, X509Certificate cert) {
try {
byte[] thumbprint = createCertificateThumbprint(cert);
String encodedThumbprint = Base64UrlUtility.encode(thumbprint);
mc.put(JoseConstants.HEADER_X509_THUMBPRINT_SHA256, encodedThumbprint);
} catch (Exception ex) {
throw new OAuthServiceException(ex);
}
}
use of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException in project cxf by apache.
the class OAuthUtils method getClientSecretSignatureAlgorithm.
public static SignatureAlgorithm getClientSecretSignatureAlgorithm(Properties sigProps) {
String clientSecretSigProp = sigProps.getProperty(OAuthConstants.CLIENT_SECRET_SIGNATURE_ALGORITHM);
if (clientSecretSigProp == null) {
String sigProp = sigProps.getProperty(JoseConstants.RSSEC_SIGNATURE_ALGORITHM);
if (AlgorithmUtils.isHmacSign(sigProp)) {
clientSecretSigProp = sigProp;
}
}
SignatureAlgorithm sigAlgo = SignatureAlgorithm.getAlgorithm(clientSecretSigProp);
sigAlgo = sigAlgo != null ? sigAlgo : SignatureAlgorithm.HS256;
if (!AlgorithmUtils.isHmacSign(sigAlgo)) {
// Must be HS-based for the symmetric signature
throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
}
return sigAlgo;
}
use of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException in project cxf by apache.
the class JAXRSOAuth2TlsTest method testTwoWayTLSClientUnbound.
@Test
public void testTwoWayTLSClientUnbound() throws Exception {
String address = "https://localhost:" + PORT + "/oauth2/token";
WebClient wc = createOAuth2WebClient(address);
try {
OAuthClientUtils.getAccessToken(wc, new Consumer("unbound"), new CustomGrant());
fail("exception_expected");
} catch (OAuthServiceException ex) {
assertEquals("invalid_client", ex.getError().getError());
}
}
Aggregations