Search in sources :

Example 1 with BearerAccessToken

use of org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken in project cxf by apache.

the class TokenGrantHandlerTest method testComplexGrantSupported.

@Test
public void testComplexGrantSupported() {
    ComplexGrantHandler handler = new ComplexGrantHandler(Arrays.asList("a", "b"));
    handler.setDataProvider(new OAuthDataProviderImpl());
    ServerAccessToken t = handler.createAccessToken(createClient("a"), createMap("a"));
    assertTrue(t instanceof BearerAccessToken);
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) BearerAccessToken(org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken) Test(org.junit.Test)

Example 2 with BearerAccessToken

use of org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken in project cxf by apache.

the class CryptoUtilsTest method testBearerTokenJSON.

@Test
public void testBearerTokenJSON() throws Exception {
    AccessTokenRegistration atr = prepareTokenRegistration();
    BearerAccessToken token = p.createAccessTokenInternal(atr);
    JSONProvider<BearerAccessToken> jsonp = new JSONProvider<BearerAccessToken>();
    jsonp.setMarshallAsJaxbElement(true);
    jsonp.setUnmarshallAsJaxbElement(true);
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    jsonp.writeTo(token, BearerAccessToken.class, new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE, new MetadataMap<String, Object>(), bos);
    String encrypted = CryptoUtils.encryptSequence(bos.toString(), p.key);
    String decrypted = CryptoUtils.decryptSequence(encrypted, p.key);
    ServerAccessToken token2 = jsonp.readFrom(BearerAccessToken.class, BearerAccessToken.class, new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE, new MetadataMap<String, String>(), new ByteArrayInputStream(decrypted.getBytes()));
    // compare tokens
    compareAccessTokens(token, token2);
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) ByteArrayInputStream(java.io.ByteArrayInputStream) JSONProvider(org.apache.cxf.jaxrs.provider.json.JSONProvider) BearerAccessToken(org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken) ByteArrayOutputStream(java.io.ByteArrayOutputStream) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration) Test(org.junit.Test)

Example 3 with BearerAccessToken

use of org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken in project cxf by apache.

the class CryptoUtilsTest method testBearerTokenCertAndSecretKey.

@Test
public void testBearerTokenCertAndSecretKey() throws Exception {
    AccessTokenRegistration atr = prepareTokenRegistration();
    BearerAccessToken token = p.createAccessTokenInternal(atr);
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
    KeyPair keyPair = kpg.generateKeyPair();
    PublicKey publicKey = keyPair.getPublic();
    PrivateKey privateKey = keyPair.getPrivate();
    SecretKey secretKey = CryptoUtils.getSecretKey("AES");
    String encryptedSecretKey = CryptoUtils.encryptSecretKey(secretKey, publicKey);
    String encryptedToken = ModelEncryptionSupport.encryptAccessToken(token, secretKey);
    token.setTokenKey(encryptedToken);
    SecretKey decryptedSecretKey = CryptoUtils.decryptSecretKey(encryptedSecretKey, privateKey);
    ServerAccessToken token2 = ModelEncryptionSupport.decryptAccessToken(p, encryptedToken, decryptedSecretKey);
    // compare tokens
    compareAccessTokens(token, token2);
}
Also used : KeyPair(java.security.KeyPair) SecretKey(javax.crypto.SecretKey) ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) PrivateKey(java.security.PrivateKey) PublicKey(java.security.PublicKey) BearerAccessToken(org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken) KeyPairGenerator(java.security.KeyPairGenerator) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration) Test(org.junit.Test)

Example 4 with BearerAccessToken

use of org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken in project cxf by apache.

the class CryptoUtilsTest method testBearerTokenJSONCertificate.

@Test
public void testBearerTokenJSONCertificate() throws Exception {
    if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
        return;
    }
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
    KeyPair keyPair = kpg.generateKeyPair();
    PublicKey publicKey = keyPair.getPublic();
    PrivateKey privateKey = keyPair.getPrivate();
    AccessTokenRegistration atr = prepareTokenRegistration();
    BearerAccessToken token = p.createAccessTokenInternal(atr);
    JSONProvider<BearerAccessToken> jsonp = new JSONProvider<BearerAccessToken>();
    jsonp.setMarshallAsJaxbElement(true);
    jsonp.setUnmarshallAsJaxbElement(true);
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    jsonp.writeTo(token, BearerAccessToken.class, new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE, new MetadataMap<String, Object>(), bos);
    KeyProperties props1 = new KeyProperties(publicKey.getAlgorithm());
    String encrypted = CryptoUtils.encryptSequence(bos.toString(), publicKey, props1);
    KeyProperties props2 = new KeyProperties(privateKey.getAlgorithm());
    String decrypted = CryptoUtils.decryptSequence(encrypted, privateKey, props2);
    ServerAccessToken token2 = jsonp.readFrom(BearerAccessToken.class, BearerAccessToken.class, new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE, new MetadataMap<String, String>(), new ByteArrayInputStream(decrypted.getBytes()));
    // compare tokens
    compareAccessTokens(token, token2);
}
Also used : KeyPair(java.security.KeyPair) PrivateKey(java.security.PrivateKey) KeyProperties(org.apache.cxf.rt.security.crypto.KeyProperties) PublicKey(java.security.PublicKey) KeyPairGenerator(java.security.KeyPairGenerator) ByteArrayOutputStream(java.io.ByteArrayOutputStream) ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) ByteArrayInputStream(java.io.ByteArrayInputStream) JSONProvider(org.apache.cxf.jaxrs.provider.json.JSONProvider) BearerAccessToken(org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration) Test(org.junit.Test)

Example 5 with BearerAccessToken

use of org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken in project cxf by apache.

the class EncryptingDataProvider method createAccessTokenInternal.

BearerAccessToken createAccessTokenInternal(AccessTokenRegistration accessTokenReg) {
    BearerAccessToken token = new BearerAccessToken(accessTokenReg.getClient(), 3600L);
    token.setSubject(accessTokenReg.getSubject());
    createRefreshToken(token);
    token.setGrantType(accessTokenReg.getGrantType());
    token.setAudiences(accessTokenReg.getAudiences());
    token.setParameters(Collections.singletonMap("param", "value"));
    token.setScopes(Collections.singletonList(new OAuthPermission("read", "read permission")));
    return token;
}
Also used : OAuthPermission(org.apache.cxf.rs.security.oauth2.common.OAuthPermission) BearerAccessToken(org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken)

Aggregations

BearerAccessToken (org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken)7 ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)5 Test (org.junit.Test)5 AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)3 ByteArrayInputStream (java.io.ByteArrayInputStream)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 KeyPair (java.security.KeyPair)2 KeyPairGenerator (java.security.KeyPairGenerator)2 PrivateKey (java.security.PrivateKey)2 PublicKey (java.security.PublicKey)2 JSONProvider (org.apache.cxf.jaxrs.provider.json.JSONProvider)2 OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)2 LinkedList (java.util.LinkedList)1 SecretKey (javax.crypto.SecretKey)1 JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)1 Client (org.apache.cxf.rs.security.oauth2.common.Client)1 UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)1 KeyProperties (org.apache.cxf.rt.security.crypto.KeyProperties)1