use of org.apache.oltu.oauth2.common.message.OAuthResponse in project entando-core by entando.
the class TokenEndpointServlet method validateClientWithAuthorizationCode.
private OAuthResponse validateClientWithAuthorizationCode(HttpServletRequest request) throws Throwable {
try {
final OAuthTokenRequest oauthRequest = new OAuthTokenRequest(request);
IOAuthConsumerManager consumerManager = (IOAuthConsumerManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH_CONSUMER_MANAGER, request);
IApiOAuthorizationCodeManager codeManager = (IApiOAuthorizationCodeManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH2_AUTHORIZATION_CODE_MANAGER, request);
if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.AUTHORIZATION_CODE.toString()) || oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.REFRESH_TOKEN.toString())) {
final String clientId = oauthRequest.getClientId();
final String oauthType = GrantType.AUTHORIZATION_CODE.toString();
final String authCode = oauthRequest.getParam(OAuth.OAUTH_CODE);
final String clientSecret = oauthRequest.getClientSecret();
boolean checkVerifyAccess = codeManager.verifyAccess(clientId, clientSecret, consumerManager);
if (!checkVerifyAccess) {
_logger.error(ERROR_AUTHENTICATION_FAILED);
return null;
} else if (!codeManager.verifyCode(authCode, request.getRemoteAddr())) {
_logger.error("OAuth2 authcode does not match or the source of client is different");
return null;
}
return this.registerToken(request, clientId, oauthType, null);
} else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.PASSWORD.toString())) {
final String username = oauthRequest.getUsername();
final String password = oauthRequest.getPassword();
final String oauthType = GrantType.PASSWORD.toString();
IUserManager userManager = (IUserManager) ApsWebApplicationUtils.getBean(SystemConstants.USER_MANAGER, request);
UserDetails user = userManager.getUser(username, password);
if (user == null) {
_logger.error(ERROR_AUTHENTICATION_FAILED);
return null;
}
return this.registerToken(request, username, oauthType, null);
} else {
return null;
}
} catch (OAuthSystemException e) {
_logger.error("OAuthSystemException - {} ", e);
return null;
} catch (OAuthProblemException e) {
_logger.error("OAuthProblemException - {} ", e.getError().concat(" ").concat(e.getDescription()));
_logger.debug("OAuthProblemException - {} ", e);
return null;
}
}
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project entando-core by entando.
the class TokenEndpointServlet method registerToken.
private OAuthResponse registerToken(HttpServletRequest request, final String clientId, final String oauthType, final String localUser) throws OAuthSystemException, ApsSystemException {
int expires = 3600;
IApiOAuth2TokenManager tokenManager = (IApiOAuth2TokenManager) ApsWebApplicationUtils.getBean(IApiOAuth2TokenManager.BEAN_NAME, request);
OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
final String accessToken = oauthIssuerImpl.accessToken();
final String refreshToken = oauthIssuerImpl.refreshToken();
OAuth2Token oAuth2Token = new OAuth2Token();
oAuth2Token.setAccessToken(accessToken);
oAuth2Token.setRefreshToken(refreshToken);
oAuth2Token.setClientId(clientId);
// gets a calendar using the default time zone and locale.
Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.SECOND, expires);
oAuth2Token.setExpiresIn(calendar.getTime());
oAuth2Token.setGrantType(oauthType);
if (localUser == null) {
tokenManager.addApiOAuth2Token(oAuth2Token, false);
} else {
oAuth2Token.setLocalUser(localUser);
tokenManager.addApiOAuth2Token(oAuth2Token, true);
}
return OAuthASResponse.tokenResponse(HttpServletResponse.SC_OK).setAccessToken(accessToken).setExpiresIn(Long.toString(expires)).setRefreshToken(refreshToken).buildJSONMessage();
}
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project tesla by linking12.
the class OauthAuthorizeController method authorize.
@RequestMapping("authorize")
public void authorize(HttpServletRequest request, HttpServletResponse response) throws OAuthSystemException, ServletException, IOException {
try {
OAuthAuthxRequest oauthRequest = new OAuthAuthxRequest(request);
if (oauthRequest.isCode()) {
CodeAuthorizeHandler codeAuthorizeHandler = new CodeAuthorizeHandler(oauthRequest, response);
LOG.debug("Go to response_type = 'code' handler: {}", codeAuthorizeHandler);
codeAuthorizeHandler.handle();
} else if (oauthRequest.isToken()) {
TokenAuthorizeHandler tokenAuthorizeHandler = new TokenAuthorizeHandler(oauthRequest, response);
LOG.debug("Go to response_type = 'token' handler: {}", tokenAuthorizeHandler);
tokenAuthorizeHandler.handle();
} else {
unsupportResponseType(oauthRequest, response);
}
} catch (OAuthProblemException e) {
LOG.debug(e.getMessage(), e);
OAuthResponse oAuthResponse = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND).location(e.getRedirectUri()).error(e).buildJSONMessage();
WebUtils.writeOAuthJsonResponse(response, oAuthResponse);
}
}
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project tesla by linking12.
the class OAuthHandler method createTokenResponse.
protected OAuthResponse createTokenResponse(AccessToken accessToken, boolean queryOrJson) throws OAuthSystemException {
final ClientDetails tempClientDetails = clientDetails();
final OAuthASResponse.OAuthTokenResponseBuilder builder = OAuthASResponse.tokenResponse(HttpServletResponse.SC_OK).location(tempClientDetails.getRedirectUri()).setAccessToken(accessToken.tokenId()).setExpiresIn(String.valueOf(accessToken.currentTokenExpiredSeconds())).setTokenType(accessToken.tokenType());
final String refreshToken = accessToken.refreshToken();
if (StringUtils.isNotEmpty(refreshToken)) {
builder.setRefreshToken(refreshToken);
}
return queryOrJson ? builder.buildQueryMessage() : builder.buildJSONMessage();
}
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project tesla by linking12.
the class TokenAuthorizeHandler method expiredTokenResponse.
private void expiredTokenResponse(AccessToken accessToken) throws OAuthSystemException {
final ClientDetails clientDetails = clientDetails();
LOG.debug("AccessToken {} is expired", accessToken);
final OAuthResponse oAuthResponse = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND).setError(OAuthError.ResourceResponse.EXPIRED_TOKEN).setErrorDescription("access_token '" + accessToken.tokenId() + "' expired").setErrorUri(clientDetails.getRedirectUri()).buildJSONMessage();
WebUtils.writeOAuthJsonResponse(response, oAuthResponse);
}
Aggregations