Examples with OAuthServiceException org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException used on opensource projects

Search in sources :

Example 21 with OAuthServiceException

use of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException in project cxf by apache.

the class JAXRSOAuth2Test method testSAMLBadSubjectName.

@Test
public void testSAMLBadSubjectName() throws Exception {
    String address = "https://localhost:" + PORT + "/oauth2-auth/token";
    WebClient wc = createWebClient(address);
    String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
    // Create the SAML Assertion
    SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
    samlCallbackHandler.setSubjectName("bob");
    samlCallbackHandler.setAudience(audienceURI);
    SAMLCallback samlCallback = new SAMLCallback();
    SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
    SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
    if (samlCallback.isSignAssertion()) {
        samlAssertion.signAssertion(samlCallback.getIssuerKeyName(), samlCallback.getIssuerKeyPassword(), samlCallback.getIssuerCrypto(), samlCallback.isSendKeyValue(), samlCallback.getCanonicalizationAlgorithm(), samlCallback.getSignatureAlgorithm());
    }
    String assertion = samlAssertion.assertionToString();
    String encodedAssertion = Base64UrlUtility.encode(assertion);
    Map<String, String> extraParams = new HashMap<>();
    extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE, Constants.CLIENT_AUTH_SAML2_BEARER);
    extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, encodedAssertion);
    try {
        OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams);
        fail("Failure expected on a bad subject name");
    } catch (OAuthServiceException ex) {
    // expected
    }
}
Also used : SamlCallbackHandler(org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler) HashMap(java.util.HashMap) OAuthServiceException(org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback) WebClient(org.apache.cxf.jaxrs.client.WebClient) Test(org.junit.Test)

Example 22 with OAuthServiceException

use of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException in project cxf by apache.

the class OAuthDataProviderImpl method convertScopeToPermissions.

@Override
public List<OAuthPermission> convertScopeToPermissions(Client client, List<String> requestedScopes) {
    if (requestedScopes.isEmpty()) {
        return Collections.emptyList();
    }
    List<OAuthPermission> permissions = new ArrayList<>();
    for (String requestedScope : requestedScopes) {
        if ("read_book".equals(requestedScope)) {
            OAuthPermission permission = new OAuthPermission("read_book");
            permission.setHttpVerbs(Collections.singletonList("GET"));
            List<String> uris = new ArrayList<>();
            String partnerAddress = "/secured/bookstore/books/*";
            uris.add(partnerAddress);
            permission.setUris(uris);
            permissions.add(permission);
        } else if ("create_book".equals(requestedScope)) {
            OAuthPermission permission = new OAuthPermission("create_book");
            permission.setHttpVerbs(Collections.singletonList("POST"));
            List<String> uris = new ArrayList<>();
            String partnerAddress = "/secured/bookstore/books/*";
            uris.add(partnerAddress);
            permission.setUris(uris);
            permissions.add(permission);
        } else if ("create_image".equals(requestedScope)) {
            OAuthPermission permission = new OAuthPermission("create_image");
            permission.setHttpVerbs(Collections.singletonList("POST"));
            List<String> uris = new ArrayList<>();
            String partnerAddress = "/secured/bookstore/image/*";
            uris.add(partnerAddress);
            permission.setUris(uris);
            permissions.add(permission);
        } else if ("read_balance".equals(requestedScope)) {
            OAuthPermission permission = new OAuthPermission("read_balance");
            permission.setHttpVerbs(Collections.singletonList("GET"));
            List<String> uris = new ArrayList<>();
            String partnerAddress = "/partners/balance/*";
            uris.add(partnerAddress);
            permission.setUris(uris);
            permissions.add(permission);
        } else if ("create_balance".equals(requestedScope)) {
            OAuthPermission permission = new OAuthPermission("create_balance");
            permission.setHttpVerbs(Collections.singletonList("POST"));
            List<String> uris = new ArrayList<>();
            String partnerAddress = "/partners/balance/*";
            uris.add(partnerAddress);
            permission.setUris(uris);
            permissions.add(permission);
        } else if ("read_data".equals(requestedScope)) {
            OAuthPermission permission = new OAuthPermission("read_data");
            permission.setHttpVerbs(Collections.singletonList("GET"));
            List<String> uris = new ArrayList<>();
            String partnerAddress = "/partners/data/*";
            uris.add(partnerAddress);
            permission.setUris(uris);
            permissions.add(permission);
        } else if ("openid".equals(requestedScope)) {
            OAuthPermission permission = new OAuthPermission("openid", "Authenticate user");
            permissions.add(permission);
        } else {
            throw new OAuthServiceException("invalid_scope");
        }
    }
    return permissions;
}
Also used : OAuthPermission(org.apache.cxf.rs.security.oauth2.common.OAuthPermission) OAuthServiceException(org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List)

Example 23 with OAuthServiceException

use of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException in project cxf by apache.

the class JAXRSOAuth2Test method testConfidentialClientIdOnly.

@Test()
public void testConfidentialClientIdOnly() throws Exception {
    String address = "https://localhost:" + PORT + "/oauth2/token";
    WebClient wc = createWebClient(address);
    try {
        OAuthClientUtils.getAccessToken(wc, new Consumer("fredNoPassword"), new CustomGrant(), false);
        fail("NotAuthorizedException exception is expected");
    } catch (OAuthServiceException ex) {
        assertEquals("invalid_client", ex.getError().getError());
    }
}
Also used : Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer) OAuthServiceException(org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException) WebClient(org.apache.cxf.jaxrs.client.WebClient) Test(org.junit.Test)

Example 24 with OAuthServiceException

use of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException in project cxf by apache.

the class JAXRSOAuth2Test method testSAMLHolderOfKey.

@Test
public void testSAMLHolderOfKey() throws Exception {
    String address = "https://localhost:" + PORT + "/oauth2-auth/token";
    WebClient wc = createWebClient(address);
    String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
    // Create the SAML Assertion
    SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
    samlCallbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
    samlCallbackHandler.setSubjectName("alice");
    samlCallbackHandler.setAudience(audienceURI);
    SAMLCallback samlCallback = new SAMLCallback();
    SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
    SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
    if (samlCallback.isSignAssertion()) {
        samlAssertion.signAssertion(samlCallback.getIssuerKeyName(), samlCallback.getIssuerKeyPassword(), samlCallback.getIssuerCrypto(), samlCallback.isSendKeyValue(), samlCallback.getCanonicalizationAlgorithm(), samlCallback.getSignatureAlgorithm());
    }
    String assertion = samlAssertion.assertionToString();
    String encodedAssertion = Base64UrlUtility.encode(assertion);
    Map<String, String> extraParams = new HashMap<>();
    extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE, Constants.CLIENT_AUTH_SAML2_BEARER);
    extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, encodedAssertion);
    try {
        OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams);
        fail("Failure expected on a bad subject confirmation method");
    } catch (OAuthServiceException ex) {
    // expected
    }
}
Also used : SamlCallbackHandler(org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler) HashMap(java.util.HashMap) OAuthServiceException(org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback) WebClient(org.apache.cxf.jaxrs.client.WebClient) Test(org.junit.Test)

Example 25 with OAuthServiceException

use of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException in project cxf by apache.

the class JAXRSOAuth2Test method testBasicAuthClientCred.

@Test
public void testBasicAuthClientCred() throws Exception {
    String address = "https://localhost:" + PORT + "/oauth2/token";
    WebClient wc = createWebClient(address);
    ClientCredentialsGrant grant = new ClientCredentialsGrant();
    // Pass client_id & client_secret as form properties
    // (instead WebClient can be initialized with username & password)
    grant.setClientId("bob");
    grant.setClientSecret("bobPassword");
    try {
        OAuthClientUtils.getAccessToken(wc, grant);
        fail("Form based authentication is not supported");
    } catch (OAuthServiceException ex) {
        assertEquals(OAuthConstants.UNAUTHORIZED_CLIENT, ex.getError().getError());
    }
    ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, new Consumer("bob", "bobPassword"), new ClientCredentialsGrant(), true);
    assertNotNull(at.getTokenKey());
}
Also used : Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer) OAuthServiceException(org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException) ClientCredentialsGrant(org.apache.cxf.rs.security.oauth2.grants.clientcred.ClientCredentialsGrant) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) WebClient(org.apache.cxf.jaxrs.client.WebClient) Test(org.junit.Test)

Aggregations

OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)37 ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)12 WebClient (org.apache.cxf.jaxrs.client.WebClient)11 Test (org.junit.Test)8 HashMap (java.util.HashMap)6 IOException (java.io.IOException)4 OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)4 UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)4 ArrayList (java.util.ArrayList)3 Base64Exception (org.apache.cxf.common.util.Base64Exception)3 Consumer (org.apache.cxf.rs.security.oauth2.client.Consumer)3 AccessTokenValidation (org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation)3 OAuthError (org.apache.cxf.rs.security.oauth2.common.OAuthError)3 InputStream (java.io.InputStream)2 List (java.util.List)2 Map (java.util.Map)2 Consumes (javax.ws.rs.Consumes)2 POST (javax.ws.rs.POST)2 ProcessingException (javax.ws.rs.ProcessingException)2 Produces (javax.ws.rs.Produces)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial