Example 1 with OAuthResponse
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project entando-core by entando.
the class TokenEndpointServlet method validateClientWithAuthorizationCode.
private OAuthResponse validateClientWithAuthorizationCode(HttpServletRequest request) throws Throwable {
try {
final OAuthTokenRequest oauthRequest = new OAuthTokenRequest(request);
IOAuthConsumerManager consumerManager = (IOAuthConsumerManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH_CONSUMER_MANAGER, request);
IApiOAuthorizationCodeManager codeManager = (IApiOAuthorizationCodeManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH2_AUTHORIZATION_CODE_MANAGER, request);
if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.AUTHORIZATION_CODE.toString()) || oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.REFRESH_TOKEN.toString())) {
final String clientId = oauthRequest.getClientId();
final String oauthType = GrantType.AUTHORIZATION_CODE.toString();
final String authCode = oauthRequest.getParam(OAuth.OAUTH_CODE);
final String clientSecret = oauthRequest.getClientSecret();
boolean checkVerifyAccess = codeManager.verifyAccess(clientId, clientSecret, consumerManager);
if (!checkVerifyAccess) {
_logger.error(ERROR_AUTHENTICATION_FAILED);
return null;
} else if (!codeManager.verifyCode(authCode, request.getRemoteAddr())) {
_logger.error("OAuth2 authcode does not match or the source of client is different");
return null;
}
return this.registerToken(request, clientId, oauthType, null);
} else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.PASSWORD.toString())) {
final String username = oauthRequest.getUsername();
final String password = oauthRequest.getPassword();
final String oauthType = GrantType.PASSWORD.toString();
IUserManager userManager = (IUserManager) ApsWebApplicationUtils.getBean(SystemConstants.USER_MANAGER, request);
UserDetails user = userManager.getUser(username, password);
if (user == null) {
_logger.error(ERROR_AUTHENTICATION_FAILED);
return null;
}
return this.registerToken(request, username, oauthType, null);
} else {
return null;
}
} catch (OAuthSystemException e) {
_logger.error("OAuthSystemException - {} ", e);
return null;
} catch (OAuthProblemException e) {
_logger.error("OAuthProblemException - {} ", e.getError().concat(" ").concat(e.getDescription()));
_logger.debug("OAuthProblemException - {} ", e);
return null;
}
}
Also used :
OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException)
UserDetails(com.agiletec.aps.system.services.user.UserDetails)
IOAuthConsumerManager(org.entando.entando.aps.system.services.oauth2.IOAuthConsumerManager)
IUserManager(com.agiletec.aps.system.services.user.IUserManager)
IApiOAuthorizationCodeManager(org.entando.entando.aps.system.services.oauth2.IApiOAuthorizationCodeManager)
OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException)
OAuthTokenRequest(org.apache.oltu.oauth2.as.request.OAuthTokenRequest)
Example 2 with OAuthResponse
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project entando-core by entando.
the class TokenEndpointServlet method registerToken.
private OAuthResponse registerToken(HttpServletRequest request, final String clientId, final String oauthType, final String localUser) throws OAuthSystemException, ApsSystemException {
int expires = 3600;
IApiOAuth2TokenManager tokenManager = (IApiOAuth2TokenManager) ApsWebApplicationUtils.getBean(IApiOAuth2TokenManager.BEAN_NAME, request);
OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
final String accessToken = oauthIssuerImpl.accessToken();
final String refreshToken = oauthIssuerImpl.refreshToken();
OAuth2Token oAuth2Token = new OAuth2Token();
oAuth2Token.setAccessToken(accessToken);
oAuth2Token.setRefreshToken(refreshToken);
oAuth2Token.setClientId(clientId);
// gets a calendar using the default time zone and locale.
Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.SECOND, expires);
oAuth2Token.setExpiresIn(calendar.getTime());
oAuth2Token.setGrantType(oauthType);
if (localUser == null) {
tokenManager.addApiOAuth2Token(oAuth2Token, false);
} else {
oAuth2Token.setLocalUser(localUser);
tokenManager.addApiOAuth2Token(oAuth2Token, true);
}
return OAuthASResponse.tokenResponse(HttpServletResponse.SC_OK).setAccessToken(accessToken).setExpiresIn(Long.toString(expires)).setRefreshToken(refreshToken).buildJSONMessage();
}
Also used :
OAuthIssuerImpl(org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl)
Calendar(java.util.Calendar)
OAuth2Token(org.entando.entando.aps.system.services.oauth2.model.OAuth2Token)
MD5Generator(org.apache.oltu.oauth2.as.issuer.MD5Generator)
OAuthIssuer(org.apache.oltu.oauth2.as.issuer.OAuthIssuer)
IApiOAuth2TokenManager(org.entando.entando.aps.system.services.oauth2.IApiOAuth2TokenManager)
Example 3 with OAuthResponse
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project tesla by linking12.
the class OauthAuthorizeController method authorize.
@RequestMapping("authorize")
public void authorize(HttpServletRequest request, HttpServletResponse response) throws OAuthSystemException, ServletException, IOException {
try {
OAuthAuthxRequest oauthRequest = new OAuthAuthxRequest(request);
if (oauthRequest.isCode()) {
CodeAuthorizeHandler codeAuthorizeHandler = new CodeAuthorizeHandler(oauthRequest, response);
LOG.debug("Go to response_type = 'code' handler: {}", codeAuthorizeHandler);
codeAuthorizeHandler.handle();
} else if (oauthRequest.isToken()) {
TokenAuthorizeHandler tokenAuthorizeHandler = new TokenAuthorizeHandler(oauthRequest, response);
LOG.debug("Go to response_type = 'token' handler: {}", tokenAuthorizeHandler);
tokenAuthorizeHandler.handle();
} else {
unsupportResponseType(oauthRequest, response);
}
} catch (OAuthProblemException e) {
LOG.debug(e.getMessage(), e);
OAuthResponse oAuthResponse = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND).location(e.getRedirectUri()).error(e).buildJSONMessage();
WebUtils.writeOAuthJsonResponse(response, oAuthResponse);
}
}
Also used :
OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException)
CodeAuthorizeHandler(io.github.tesla.authz.controller.oauth2.authorize.CodeAuthorizeHandler)
TokenAuthorizeHandler(io.github.tesla.authz.controller.oauth2.authorize.TokenAuthorizeHandler)
OAuthAuthxRequest(io.github.tesla.authz.controller.oauth2.OAuthAuthxRequest)
OAuthResponse(org.apache.oltu.oauth2.common.message.OAuthResponse)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 4 with OAuthResponse
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project tesla by linking12.
the class OAuthHandler method createTokenResponse.
protected OAuthResponse createTokenResponse(AccessToken accessToken, boolean queryOrJson) throws OAuthSystemException {
final ClientDetails tempClientDetails = clientDetails();
final OAuthASResponse.OAuthTokenResponseBuilder builder = OAuthASResponse.tokenResponse(HttpServletResponse.SC_OK).location(tempClientDetails.getRedirectUri()).setAccessToken(accessToken.tokenId()).setExpiresIn(String.valueOf(accessToken.currentTokenExpiredSeconds())).setTokenType(accessToken.tokenType());
final String refreshToken = accessToken.refreshToken();
if (StringUtils.isNotEmpty(refreshToken)) {
builder.setRefreshToken(refreshToken);
}
return queryOrJson ? builder.buildQueryMessage() : builder.buildJSONMessage();
}
Also used :
ClientDetails(io.github.tesla.authz.domain.ClientDetails)
OAuthASResponse(org.apache.oltu.oauth2.as.response.OAuthASResponse)
Example 5 with OAuthResponse
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project tesla by linking12.
the class TokenAuthorizeHandler method expiredTokenResponse.
private void expiredTokenResponse(AccessToken accessToken) throws OAuthSystemException {
final ClientDetails clientDetails = clientDetails();
LOG.debug("AccessToken {} is expired", accessToken);
final OAuthResponse oAuthResponse = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND).setError(OAuthError.ResourceResponse.EXPIRED_TOKEN).setErrorDescription("access_token '" + accessToken.tokenId() + "' expired").setErrorUri(clientDetails.getRedirectUri()).buildJSONMessage();
WebUtils.writeOAuthJsonResponse(response, oAuthResponse);
}
Also used :
ClientDetails(io.github.tesla.authz.domain.ClientDetails)
OAuthResponse(org.apache.oltu.oauth2.common.message.OAuthResponse)
Aggregations
OAuthResponse (org.apache.oltu.oauth2.common.message.OAuthResponse)22
OAuthProblemException (org.apache.oltu.oauth2.common.exception.OAuthProblemException)10
MD5Generator (org.apache.oltu.oauth2.as.issuer.MD5Generator)6
OAuthIssuerImpl (org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl)5
OAuthSystemException (org.apache.oltu.oauth2.common.exception.OAuthSystemException)5
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)5
AccessToken (io.github.tesla.authz.domain.AccessToken)4
IOException (java.io.IOException)4
OAuthASResponse (org.apache.oltu.oauth2.as.response.OAuthASResponse)4
ClientDetails (io.github.tesla.authz.domain.ClientDetails)3
URI (java.net.URI)3
ServletException (javax.servlet.ServletException)3
OAuthIssuer (org.apache.oltu.oauth2.as.issuer.OAuthIssuer)3
OAuthAuthzRequest (org.apache.oltu.oauth2.as.request.OAuthAuthzRequest)3
OAuthTokenRequest (org.apache.oltu.oauth2.as.request.OAuthTokenRequest)3
BimserverDatabaseException (org.bimserver.BimserverDatabaseException)3
DatabaseSession (org.bimserver.database.DatabaseSession)3
RunServiceAuthorization (org.bimserver.models.store.RunServiceAuthorization)3
AbstractClientDetailsValidator (io.github.tesla.authz.controller.oauth2.validator.AbstractClientDetailsValidator)2
PrintWriter (java.io.PrintWriter)2
