Examples with OAuthAuthzRequest org.apache.oltu.oauth2.as.request.OAuthAuthzRequest used on opensource projects

Search in sources :

Example 1 with OAuthAuthzRequest

use of org.apache.oltu.oauth2.as.request.OAuthAuthzRequest in project BIMserver by opensourceBIM.

the class OAuthAuthorizationServlet method service.

@Override
public void service(HttpServletRequest request, HttpServletResponse httpServletResponse) throws ServletException, IOException {
    OAuthAuthzRequest oauthRequest = null;
    String authType = request.getParameter("auth_type");
    if (request.getParameter("token") == null) {
        String location = "/apps/bimviews/?page=OAuth&auth_type=" + authType + "&client_id=" + request.getParameter("client_id") + "&response_type=" + request.getParameter("response_type") + "&redirect_uri=" + request.getParameter("redirect_uri");
        if (request.getParameter("state") != null) {
            String state = request.getParameter("state");
            LOGGER.info("Incoming state: " + state);
            String encodedState = UrlEscapers.urlFragmentEscaper().escape(state);
            LOGGER.info("Encoded state: " + encodedState);
            location += "&state=" + encodedState;
        }
        LOGGER.info("Redirecting to " + location);
        httpServletResponse.sendRedirect(location);
        return;
    }
    OAuthAuthorizationCode oauthCode = null;
    String token = request.getParameter("token");
    try (DatabaseSession session = getBimServer().getDatabase().createSession()) {
        OAuthServer oAuthServer = session.querySingle(StorePackage.eINSTANCE.getOAuthServer_ClientId(), request.getParameter("client_id"));
        org.bimserver.webservices.authorization.Authorization realAuth = org.bimserver.webservices.authorization.Authorization.fromToken(getBimServer().getEncryptionKey(), token);
        long uoid = realAuth.getUoid();
        User user = session.get(uoid, OldQuery.getDefault());
        for (OAuthAuthorizationCode oAuthAuthorizationCode : user.getOAuthIssuedAuthorizationCodes()) {
            if (oAuthAuthorizationCode.getOauthServer() == oAuthServer) {
                if (oAuthAuthorizationCode.getAuthorization() != null) {
                    oauthCode = oAuthAuthorizationCode;
                }
            }
        }
        try {
            if (oauthCode == null) {
                throw new ServletException("No auth found for token " + token);
            }
            oauthRequest = new OAuthAuthzRequest(request);
            String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE);
            OAuthASResponse.OAuthAuthorizationResponseBuilder builder = OAuthASResponse.authorizationResponse(request, HttpServletResponse.SC_FOUND);
            if (responseType.equals(ResponseType.CODE.toString())) {
                builder.setCode(oauthCode.getCode());
            // } else if (responseType.equals(ResponseType.TOKEN))) {
            // builder.setAccessToken(oauthCode.get)
            }
            // if (responseType.equals(ResponseType.TOKEN.toString())) {
            // builder.setAccessToken(oauthIssuerImpl.accessToken());
            // // builder.setTokenType(OAuth.DEFAULT_TOKEN_TYPE.toString());
            // builder.setExpiresIn(3600l);
            // }
            String redirectURI = oauthRequest.getParam(OAuth.OAUTH_REDIRECT_URI);
            if (redirectURI != null && !redirectURI.equals("")) {
                URI uri = makeUrl(redirectURI, oauthCode, builder);
                LOGGER.info("Redirecting to " + uri);
                httpServletResponse.sendRedirect(uri.toString());
            } else {
                URI uri = makeUrl("http://fakeaddress", oauthCode, builder);
                httpServletResponse.getWriter().println("No redirectURI provided");
                httpServletResponse.getWriter().println("Would have redirected to: " + uri);
            }
        } catch (OAuthProblemException e) {
            final Response.ResponseBuilder responseBuilder = Response.status(HttpServletResponse.SC_FOUND);
            String redirectUri = e.getRedirectUri();
            if (OAuthUtils.isEmpty(redirectUri)) {
                throw new WebApplicationException(responseBuilder.entity("OAuth callback url needs to be provided by client!!!").build());
            }
            try {
                OAuthResponse response = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND).error(e).location(redirectUri).buildQueryMessage();
                // final URI location = new URI(response.getLocationUri());
                httpServletResponse.sendRedirect(response.getLocationUri());
            } catch (OAuthSystemException e1) {
                e1.printStackTrace();
            }
        }
    } catch (OAuthSystemException e) {
        e.printStackTrace();
    } catch (URISyntaxException e) {
        e.printStackTrace();
    } catch (BimserverLockConflictException e2) {
        e2.printStackTrace();
    } catch (BimserverDatabaseException e2) {
        e2.printStackTrace();
    } catch (AuthenticationException e2) {
        e2.printStackTrace();
    }
}
Also used : User(org.bimserver.models.store.User) WebApplicationException(javax.ws.rs.WebApplicationException) DatabaseSession(org.bimserver.database.DatabaseSession) AuthenticationException(org.bimserver.webservices.authorization.AuthenticationException) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) URISyntaxException(java.net.URISyntaxException) OAuthServer(org.bimserver.models.store.OAuthServer) OAuthAuthorizationResponseBuilder(org.apache.oltu.oauth2.as.response.OAuthASResponse.OAuthAuthorizationResponseBuilder) URI(java.net.URI) OAuthResponse(org.apache.oltu.oauth2.common.message.OAuthResponse) ServletException(javax.servlet.ServletException) OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException) BimserverDatabaseException(org.bimserver.BimserverDatabaseException) OAuthAuthzRequest(org.apache.oltu.oauth2.as.request.OAuthAuthzRequest) OAuthASResponse(org.apache.oltu.oauth2.as.response.OAuthASResponse) OAuthAuthorizationResponseBuilder(org.apache.oltu.oauth2.as.response.OAuthASResponse.OAuthAuthorizationResponseBuilder) BimserverLockConflictException(org.bimserver.database.BimserverLockConflictException) OAuthAuthorizationCode(org.bimserver.models.store.OAuthAuthorizationCode)

Example 2 with OAuthAuthzRequest

use of org.apache.oltu.oauth2.as.request.OAuthAuthzRequest in project entando-core by entando.

the class AuthEndpointServlet method doGet.

@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    OAuthAuthzRequest oauthRequest = null;
    OAuthIssuerImpl oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
    IApiOAuthorizationCodeManager codeManager = (IApiOAuthorizationCodeManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH2_AUTHORIZATION_CODE_MANAGER, request);
    try {
        oauthRequest = new OAuthAuthzRequest(request);
        if (validateClient(oauthRequest, request, response)) {
            // build response according to response_type
            String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE) == null ? OAuth.OAUTH_RESPONSE_TYPE : oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE);
            OAuthASResponse.OAuthAuthorizationResponseBuilder builder = OAuthASResponse.authorizationResponse(request, HttpServletResponse.SC_FOUND);
            final String authorizationCode = oauthIssuerImpl.authorizationCode();
            final int expires = 3;
            AuthorizationCode authCode = new AuthorizationCode();
            authCode.setAuthorizationCode(authorizationCode);
            // gets a calendar using the default time zone and locale.
            Calendar calendar = Calendar.getInstance();
            calendar.add(Calendar.SECOND, expires);
            authCode.setExpires(calendar.getTimeInMillis());
            authCode.setClientId(oauthRequest.getClientId());
            authCode.setSource(request.getRemoteAddr());
            codeManager.addAuthorizationCode(authCode);
            if (responseType.equals(ResponseType.CODE.toString())) {
                builder.setCode(authorizationCode);
            }
            if (responseType.equals(ResponseType.TOKEN.toString())) {
                builder.setAccessToken(authorizationCode);
                builder.setExpiresIn((long) expires);
            }
            String redirectURI = oauthRequest.getParam(OAuth.OAUTH_REDIRECT_URI);
            final OAuthResponse resp = builder.location(redirectURI).buildQueryMessage();
            final int status = resp.getResponseStatus();
            response.setStatus(status);
            response.sendRedirect(resp.getLocationUri());
        } else {
            logger.warn("OAuth2 authentication failed");
            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
        }
    } catch (OAuthSystemException ex) {
        logger.error("System exception {} ", ex.getMessage());
        response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
    } catch (OAuthProblemException ex) {
        logger.error("OAuth2 error {} ", ex.getMessage());
        response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
    } catch (IOException e) {
        logger.error("IOException {} ", e);
    }
}
Also used : AuthorizationCode(org.entando.entando.aps.system.services.oauth2.model.AuthorizationCode) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) Calendar(java.util.Calendar) IOException(java.io.IOException) OAuthResponse(org.apache.oltu.oauth2.common.message.OAuthResponse) OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException) OAuthIssuerImpl(org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl) OAuthAuthzRequest(org.apache.oltu.oauth2.as.request.OAuthAuthzRequest) IApiOAuthorizationCodeManager(org.entando.entando.aps.system.services.oauth2.IApiOAuthorizationCodeManager) MD5Generator(org.apache.oltu.oauth2.as.issuer.MD5Generator) OAuthASResponse(org.apache.oltu.oauth2.as.response.OAuthASResponse)

Aggregations

OAuthAuthzRequest (org.apache.oltu.oauth2.as.request.OAuthAuthzRequest)2 OAuthASResponse (org.apache.oltu.oauth2.as.response.OAuthASResponse)2 OAuthProblemException (org.apache.oltu.oauth2.common.exception.OAuthProblemException)2 OAuthSystemException (org.apache.oltu.oauth2.common.exception.OAuthSystemException)2 OAuthResponse (org.apache.oltu.oauth2.common.message.OAuthResponse)2 IOException (java.io.IOException)1 URI (java.net.URI)1 URISyntaxException (java.net.URISyntaxException)1 Calendar (java.util.Calendar)1 ServletException (javax.servlet.ServletException)1 WebApplicationException (javax.ws.rs.WebApplicationException)1 MD5Generator (org.apache.oltu.oauth2.as.issuer.MD5Generator)1 OAuthIssuerImpl (org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl)1 OAuthAuthorizationResponseBuilder (org.apache.oltu.oauth2.as.response.OAuthASResponse.OAuthAuthorizationResponseBuilder)1 BimserverDatabaseException (org.bimserver.BimserverDatabaseException)1 BimserverLockConflictException (org.bimserver.database.BimserverLockConflictException)1 DatabaseSession (org.bimserver.database.DatabaseSession)1 OAuthAuthorizationCode (org.bimserver.models.store.OAuthAuthorizationCode)1 OAuthServer (org.bimserver.models.store.OAuthServer)1 User (org.bimserver.models.store.User)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial