use of org.apache.oltu.oauth2.as.request.OAuthTokenRequest in project BIMserver by opensourceBIM.
the class OAuthAccessTokenServlet method service.
@Override
public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
OAuthTokenRequest oauthRequest = null;
OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
if (!request.getContentType().equals("application/x-www-form-urlencoded")) {
response.setStatus(405);
PrintWriter pw = response.getWriter();
pw.print("ContentType must be application/x-www-form-urlencoded");
pw.flush();
pw.close();
return;
}
try {
oauthRequest = new OAuthTokenRequest(request);
OAuthAuthorizationCode code = null;
try (DatabaseSession session = getBimServer().getDatabase().createSession()) {
String codeAsString = oauthRequest.getCode();
code = session.querySingle(StorePackage.eINSTANCE.getOAuthAuthorizationCode_Code(), codeAsString);
validateClient(oauthRequest);
String resourceUrl = "";
Authorization auth = code.getAuthorization();
org.bimserver.webservices.authorization.Authorization authorization = null;
if (auth instanceof SingleProjectAuthorization) {
SingleProjectAuthorization singleProjectAuthorization = (SingleProjectAuthorization) auth;
authorization = new org.bimserver.webservices.authorization.SingleProjectAuthorization(getBimServer(), code.getUser().getOid(), singleProjectAuthorization.getProject().getOid());
} else if (auth instanceof RunServiceAuthorization) {
RunServiceAuthorization runServiceAuthorization = (RunServiceAuthorization) auth;
authorization = new org.bimserver.webservices.authorization.RunServiceAuthorization(getBimServer(), code.getUser().getOid(), runServiceAuthorization.getService().getOid());
resourceUrl = getBimServer().getServerSettingsCache().getServerSettings().getSiteAddress() + "/services/" + runServiceAuthorization.getService().getOid();
} else {
throw new Exception("Unknown auth");
}
String accessToken = authorization.asHexToken(getBimServer().getEncryptionKey());
String refreshToken = oauthIssuerImpl.refreshToken();
OAuthTokenResponseBuilder builder = OAuthASResponse.tokenResponse(HttpServletResponse.SC_OK).setAccessToken(accessToken).setExpiresIn("3600").setRefreshToken(refreshToken);
builder.setParam("resource_url", resourceUrl);
if (auth instanceof SingleProjectAuthorization) {
builder.setParam("poid", "" + ((SingleProjectAuthorization) code.getAuthorization()).getProject().getOid());
} else if (auth instanceof RunServiceAuthorization) {
builder.setParam("soid", "" + ((RunServiceAuthorization) code.getAuthorization()).getService().getOid());
}
OAuthResponse r = builder.buildJSONMessage();
response.setStatus(r.getResponseStatus());
response.setContentType("application/json");
PrintWriter pw = response.getWriter();
pw.print(r.getBody());
pw.flush();
pw.close();
} catch (BimserverDatabaseException e) {
LOGGER.error("", e);
}
} catch (OAuthProblemException ex) {
LOGGER.error("", ex);
try {
OAuthResponse r = OAuthResponse.errorResponse(401).error(ex).buildJSONMessage();
response.setStatus(r.getResponseStatus());
PrintWriter pw = response.getWriter();
pw.print(r.getBody());
pw.flush();
pw.close();
} catch (OAuthSystemException e) {
LOGGER.error("", ex);
}
} catch (Exception e) {
LOGGER.error("", e);
}
}
use of org.apache.oltu.oauth2.as.request.OAuthTokenRequest in project entando-core by entando.
the class TokenEndpointServlet method validateClientWithAuthorizationCode.
private OAuthResponse validateClientWithAuthorizationCode(HttpServletRequest request) throws Throwable {
try {
final OAuthTokenRequest oauthRequest = new OAuthTokenRequest(request);
IOAuthConsumerManager consumerManager = (IOAuthConsumerManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH_CONSUMER_MANAGER, request);
IApiOAuthorizationCodeManager codeManager = (IApiOAuthorizationCodeManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH2_AUTHORIZATION_CODE_MANAGER, request);
if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.AUTHORIZATION_CODE.toString()) || oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.REFRESH_TOKEN.toString())) {
final String clientId = oauthRequest.getClientId();
final String oauthType = GrantType.AUTHORIZATION_CODE.toString();
final String authCode = oauthRequest.getParam(OAuth.OAUTH_CODE);
final String clientSecret = oauthRequest.getClientSecret();
boolean checkVerifyAccess = codeManager.verifyAccess(clientId, clientSecret, consumerManager);
if (!checkVerifyAccess) {
_logger.error(ERROR_AUTHENTICATION_FAILED);
return null;
} else if (!codeManager.verifyCode(authCode, request.getRemoteAddr())) {
_logger.error("OAuth2 authcode does not match or the source of client is different");
return null;
}
return this.registerToken(request, clientId, oauthType, null);
} else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.PASSWORD.toString())) {
final String username = oauthRequest.getUsername();
final String password = oauthRequest.getPassword();
final String oauthType = GrantType.PASSWORD.toString();
IUserManager userManager = (IUserManager) ApsWebApplicationUtils.getBean(SystemConstants.USER_MANAGER, request);
UserDetails user = userManager.getUser(username, password);
if (user == null) {
_logger.error(ERROR_AUTHENTICATION_FAILED);
return null;
}
return this.registerToken(request, username, oauthType, null);
} else {
return null;
}
} catch (OAuthSystemException e) {
_logger.error("OAuthSystemException - {} ", e);
return null;
} catch (OAuthProblemException e) {
_logger.error("OAuthProblemException - {} ", e.getError().concat(" ").concat(e.getDescription()));
_logger.debug("OAuthProblemException - {} ", e);
return null;
}
}
Aggregations