Examples with RefreshToken org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken used on opensource projects

Search in sources :

Example 6 with RefreshToken

use of org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken in project cxf by apache.

the class CryptoUtilsTest method compareAccessTokens.

private void compareAccessTokens(ServerAccessToken token, ServerAccessToken token2) {
    assertEquals(token.getTokenKey(), token2.getTokenKey());
    assertEquals(token.getTokenType(), token2.getTokenType());
    assertEquals(token.getIssuedAt(), token2.getIssuedAt());
    assertEquals(token.getExpiresIn(), token2.getExpiresIn());
    Client regClient1 = token.getClient();
    Client regClient2 = token2.getClient();
    assertEquals(regClient1.getClientId(), regClient2.getClientId());
    assertNull(regClient2.getApplicationDescription());
    UserSubject endUser1 = token.getSubject();
    UserSubject endUser2 = token2.getSubject();
    assertEquals(endUser1.getLogin(), endUser2.getLogin());
    assertEquals(endUser1.getId(), endUser2.getId());
    assertEquals(endUser1.getRoles(), endUser2.getRoles());
    assertEquals(token.getRefreshToken(), token2.getRefreshToken());
    assertEquals(token.getAudiences(), token2.getAudiences());
    assertEquals(token.getGrantType(), token2.getGrantType());
    assertEquals(token.getParameters(), token2.getParameters());
    List<OAuthPermission> permissions = token.getScopes();
    List<OAuthPermission> permissions2 = token2.getScopes();
    assertEquals(1, permissions.size());
    assertEquals(1, permissions2.size());
    OAuthPermission perm1 = permissions.get(0);
    OAuthPermission perm2 = permissions2.get(0);
    assertEquals(perm1.getPermission(), perm2.getPermission());
    assertEquals(perm1.getDescription(), perm2.getDescription());
    RefreshToken refreshToken = ModelEncryptionSupport.decryptRefreshToken(p, token2.getRefreshToken(), p.key);
    assertEquals(1200L, refreshToken.getExpiresIn());
}
Also used : OAuthPermission(org.apache.cxf.rs.security.oauth2.common.OAuthPermission) RefreshToken(org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken) UserSubject(org.apache.cxf.rs.security.oauth2.common.UserSubject) Client(org.apache.cxf.rs.security.oauth2.common.Client)

Example 7 with RefreshToken

use of org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken in project cxf by apache.

the class EncryptingDataProvider method refreshAccessToken.

@Override
public ServerAccessToken refreshAccessToken(Client client, String refreshToken, List<String> requestedScopes) throws OAuthServiceException {
    String encrypted = refreshTokens.remove(refreshToken);
    ServerAccessToken token = ModelEncryptionSupport.decryptAccessToken(this, encrypted, key);
    tokens.remove(token.getTokenKey());
    // create a new refresh token
    createRefreshToken(token);
    // possibly update other token properties
    encryptAccessToken(token);
    return token;
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)

Example 8 with RefreshToken

use of org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken in project ddf by codice.

the class OAuthPlugin method refreshTokens.

/**
 * Attempts to refresh the user's access token and saves the new tokens in the token storage
 *
 * @param refreshToken refresh token used to refresh access token
 * @param oauthSource source being queried
 * @throws OAuthPluginException if the access token could not be renewed
 */
private void refreshTokens(String refreshToken, OAuthFederatedSource oauthSource, String sessionId, OIDCProviderMetadata metadata) throws StopProcessingException {
    if (refreshToken == null) {
        throw createNoAuthException(oauthSource, sessionId, metadata, "unable to find the user's refresh token.");
    }
    ClientAccessToken clientAccessToken;
    try {
        LOGGER.debug("Attempting to refresh the user's access token.");
        WebClient webClient = createWebclient(metadata.getTokenEndpointURI().toURL().toString());
        Consumer consumer = new Consumer(oauthSource.getOauthClientId(), oauthSource.getOauthClientSecret());
        AccessTokenGrant accessTokenGrant = new RefreshTokenGrant(refreshToken);
        clientAccessToken = OAuthClientUtils.getAccessToken(webClient, consumer, accessTokenGrant);
    } catch (OAuthServiceException e) {
        String error = e.getError() != null ? e.getError().getError() : "";
        throw createNoAuthException(oauthSource, sessionId, metadata, "failed to refresh access token " + error);
    } catch (MalformedURLException e) {
        throw createNoAuthException(oauthSource, sessionId, metadata, "malformed token endpoint URL. " + e.getMessage());
    }
    // Validate new access token
    try {
        AccessToken accessToken = convertCxfAccessTokenToNimbusdsToken(clientAccessToken);
        OidcTokenValidator.validateAccessToken(accessToken, null, resourceRetriever, metadata, null);
    } catch (OidcValidationException e) {
        throw createNoAuthException(oauthSource, sessionId, metadata, "failed to validate refreshed access token.");
    }
    // Store new tokens
    String newAccessToken = clientAccessToken.getTokenKey();
    String newRefreshToken = clientAccessToken.getRefreshToken();
    int status = tokenStorage.create(sessionId, oauthSource.getId(), newAccessToken, newRefreshToken, oauthSource.getOauthDiscoveryUrl());
    if (status != SC_OK) {
        LOGGER.warn("Error updating the token information.");
    }
}
Also used : MalformedURLException(java.net.MalformedURLException) Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer) OAuthServiceException(org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException) RefreshTokenGrant(org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrant) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) AccessToken(com.nimbusds.oauth2.sdk.token.AccessToken) BearerAccessToken(com.nimbusds.oauth2.sdk.token.BearerAccessToken) TypelessAccessToken(com.nimbusds.oauth2.sdk.token.TypelessAccessToken) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) AccessTokenGrant(org.apache.cxf.rs.security.oauth2.common.AccessTokenGrant) WebClient(org.apache.cxf.jaxrs.client.WebClient) OidcValidationException(org.codice.ddf.security.oidc.validator.OidcValidationException)

Example 9 with RefreshToken

use of org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken in project meecrowave by apache.

the class JCacheConfigurer method doSetup.

public void doSetup(final OAuth2Options options) {
    if (!options.getProvider().startsWith("jcache")) {
        return;
    }
    provider = Caching.getCachingProvider();
    final File file = new File(options.getJcacheConfigUri());
    URI configFileURI = file.isFile() ? file.toURI() : null;
    if (configFileURI == null) {
        try {
            configFileURI = getClasspathResourceURL(options.getJcacheConfigUri(), JCacheOAuthDataProvider.class, bus).toURI();
        } catch (final Exception ex) {
            configFileURI = provider.getDefaultURI();
        }
    }
    cacheManager = provider.getCacheManager(configFileURI, Thread.currentThread().getContextClassLoader());
    try {
        cacheManager.createCache(JCacheOAuthDataProvider.CLIENT_CACHE_KEY, configure(new MutableConfiguration<String, Client>().setTypes(String.class, Client.class), options));
        if (!options.isJcacheStoreJwtKeyOnly()) /* && options.isUseJwtFormatForAccessTokens()*/
        {
            cacheManager.createCache(JCacheOAuthDataProvider.ACCESS_TOKEN_CACHE_KEY, configure(new MutableConfiguration<String, ServerAccessToken>().setTypes(String.class, ServerAccessToken.class), options));
        } else {
            cacheManager.createCache(JCacheOAuthDataProvider.ACCESS_TOKEN_CACHE_KEY, configure(new MutableConfiguration<String, String>().setTypes(String.class, String.class), options));
        }
        cacheManager.createCache(JCacheOAuthDataProvider.REFRESH_TOKEN_CACHE_KEY, configure(new MutableConfiguration<String, RefreshToken>().setTypes(String.class, RefreshToken.class), options));
        if (options.isAuthorizationCodeSupport()) {
            cacheManager.createCache(JCacheCodeDataProvider.CODE_GRANT_CACHE_KEY, configure(new MutableConfiguration<String, ServerAuthorizationCodeGrant>().setTypes(String.class, ServerAuthorizationCodeGrant.class), options));
        }
    } catch (final CacheException ce) {
    // already created
    }
}
Also used : CacheException(javax.cache.CacheException) URI(java.net.URI) CacheException(javax.cache.CacheException) ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) RefreshToken(org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken) ServerAuthorizationCodeGrant(org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant) Client(org.apache.cxf.rs.security.oauth2.common.Client) File(java.io.File)

Example 10 with RefreshToken

use of org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken in project cxf by apache.

the class JPACMTOAuthDataProviderTest method testRefreshAccessTokenConcurrently.

@Test
public void testRefreshAccessTokenConcurrently() throws Exception {
    getProvider().setRecycleRefreshTokens(false);
    Client c = addClient("101", "bob");
    AccessTokenRegistration atr = new AccessTokenRegistration();
    atr.setClient(c);
    atr.setApprovedScope(Arrays.asList("a", "refreshToken"));
    atr.setSubject(null);
    final ServerAccessToken at = getProvider().createAccessToken(atr);
    Runnable task = new Runnable() {

        @Override
        public void run() {
            getProvider().refreshAccessToken(c, at.getRefreshToken(), Collections.emptyList());
        }
    };
    Thread th1 = new Thread(task);
    Thread th2 = new Thread(task);
    Thread th3 = new Thread(task);
    th1.start();
    th2.start();
    th3.start();
    th1.join();
    th2.join();
    th3.join();
    assertNotNull(getProvider().getAccessToken(at.getTokenKey()));
    List<RefreshToken> rtl = getProvider().getRefreshTokens(c, null);
    assertNotNull(rtl);
    assertEquals(1, rtl.size());
    List<String> atl = rtl.get(0).getAccessTokens();
    assertNotNull(atl);
    assertEquals(4, atl.size());
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) RefreshToken(org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken) Client(org.apache.cxf.rs.security.oauth2.common.Client) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration) Test(org.junit.Test) JPAOAuthDataProviderTest(org.apache.cxf.rs.security.oauth2.provider.JPAOAuthDataProviderTest)

Aggregations

RefreshToken (org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)13 ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)10 Client (org.apache.cxf.rs.security.oauth2.common.Client)6 OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)5 ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)4 AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)3 Test (org.junit.Test)3 AccessToken (com.nimbusds.oauth2.sdk.token.AccessToken)2 BearerAccessToken (com.nimbusds.oauth2.sdk.token.BearerAccessToken)2 TypelessAccessToken (com.nimbusds.oauth2.sdk.token.TypelessAccessToken)2 ArrayList (java.util.ArrayList)2 WebClient (org.apache.cxf.jaxrs.client.WebClient)2 Consumer (org.apache.cxf.rs.security.oauth2.client.Consumer)2 AccessTokenGrant (org.apache.cxf.rs.security.oauth2.common.AccessTokenGrant)2 RefreshTokenGrant (org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrant)2 OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)2 OidcValidationException (org.codice.ddf.security.oidc.validator.OidcValidationException)2 File (java.io.File)1 InvocationTargetException (java.lang.reflect.InvocationTargetException)1 MalformedURLException (java.net.MalformedURLException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial