Search in sources :

Example 1 with OAuthResponse

use of org.apache.oltu.oauth2.common.message.OAuthResponse in project entando-core by entando.

the class TokenEndpointServlet method validateClientWithAuthorizationCode.

private OAuthResponse validateClientWithAuthorizationCode(HttpServletRequest request) throws Throwable {
    try {
        final OAuthTokenRequest oauthRequest = new OAuthTokenRequest(request);
        IOAuthConsumerManager consumerManager = (IOAuthConsumerManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH_CONSUMER_MANAGER, request);
        IApiOAuthorizationCodeManager codeManager = (IApiOAuthorizationCodeManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH2_AUTHORIZATION_CODE_MANAGER, request);
        if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.AUTHORIZATION_CODE.toString()) || oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.REFRESH_TOKEN.toString())) {
            final String clientId = oauthRequest.getClientId();
            final String oauthType = GrantType.AUTHORIZATION_CODE.toString();
            final String authCode = oauthRequest.getParam(OAuth.OAUTH_CODE);
            final String clientSecret = oauthRequest.getClientSecret();
            boolean checkVerifyAccess = codeManager.verifyAccess(clientId, clientSecret, consumerManager);
            if (!checkVerifyAccess) {
                _logger.error(ERROR_AUTHENTICATION_FAILED);
                return null;
            } else if (!codeManager.verifyCode(authCode, request.getRemoteAddr())) {
                _logger.error("OAuth2 authcode does not match or the source of client is different");
                return null;
            }
            return this.registerToken(request, clientId, oauthType, null);
        } else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.PASSWORD.toString())) {
            final String username = oauthRequest.getUsername();
            final String password = oauthRequest.getPassword();
            final String oauthType = GrantType.PASSWORD.toString();
            IUserManager userManager = (IUserManager) ApsWebApplicationUtils.getBean(SystemConstants.USER_MANAGER, request);
            UserDetails user = userManager.getUser(username, password);
            if (user == null) {
                _logger.error(ERROR_AUTHENTICATION_FAILED);
                return null;
            }
            return this.registerToken(request, username, oauthType, null);
        } else {
            return null;
        }
    } catch (OAuthSystemException e) {
        _logger.error("OAuthSystemException - {} ", e);
        return null;
    } catch (OAuthProblemException e) {
        _logger.error("OAuthProblemException - {} ", e.getError().concat(" ").concat(e.getDescription()));
        _logger.debug("OAuthProblemException - {} ", e);
        return null;
    }
}
Also used : OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException) UserDetails(com.agiletec.aps.system.services.user.UserDetails) IOAuthConsumerManager(org.entando.entando.aps.system.services.oauth2.IOAuthConsumerManager) IUserManager(com.agiletec.aps.system.services.user.IUserManager) IApiOAuthorizationCodeManager(org.entando.entando.aps.system.services.oauth2.IApiOAuthorizationCodeManager) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) OAuthTokenRequest(org.apache.oltu.oauth2.as.request.OAuthTokenRequest)

Example 2 with OAuthResponse

use of org.apache.oltu.oauth2.common.message.OAuthResponse in project entando-core by entando.

the class TokenEndpointServlet method registerToken.

private OAuthResponse registerToken(HttpServletRequest request, final String clientId, final String oauthType, final String localUser) throws OAuthSystemException, ApsSystemException {
    int expires = 3600;
    IApiOAuth2TokenManager tokenManager = (IApiOAuth2TokenManager) ApsWebApplicationUtils.getBean(IApiOAuth2TokenManager.BEAN_NAME, request);
    OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
    final String accessToken = oauthIssuerImpl.accessToken();
    final String refreshToken = oauthIssuerImpl.refreshToken();
    OAuth2Token oAuth2Token = new OAuth2Token();
    oAuth2Token.setAccessToken(accessToken);
    oAuth2Token.setRefreshToken(refreshToken);
    oAuth2Token.setClientId(clientId);
    // gets a calendar using the default time zone and locale.
    Calendar calendar = Calendar.getInstance();
    calendar.add(Calendar.SECOND, expires);
    oAuth2Token.setExpiresIn(calendar.getTime());
    oAuth2Token.setGrantType(oauthType);
    if (localUser == null) {
        tokenManager.addApiOAuth2Token(oAuth2Token, false);
    } else {
        oAuth2Token.setLocalUser(localUser);
        tokenManager.addApiOAuth2Token(oAuth2Token, true);
    }
    return OAuthASResponse.tokenResponse(HttpServletResponse.SC_OK).setAccessToken(accessToken).setExpiresIn(Long.toString(expires)).setRefreshToken(refreshToken).buildJSONMessage();
}
Also used : OAuthIssuerImpl(org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl) Calendar(java.util.Calendar) OAuth2Token(org.entando.entando.aps.system.services.oauth2.model.OAuth2Token) MD5Generator(org.apache.oltu.oauth2.as.issuer.MD5Generator) OAuthIssuer(org.apache.oltu.oauth2.as.issuer.OAuthIssuer) IApiOAuth2TokenManager(org.entando.entando.aps.system.services.oauth2.IApiOAuth2TokenManager)

Example 3 with OAuthResponse

use of org.apache.oltu.oauth2.common.message.OAuthResponse in project tesla by linking12.

the class OauthAuthorizeController method authorize.

@RequestMapping("authorize")
public void authorize(HttpServletRequest request, HttpServletResponse response) throws OAuthSystemException, ServletException, IOException {
    try {
        OAuthAuthxRequest oauthRequest = new OAuthAuthxRequest(request);
        if (oauthRequest.isCode()) {
            CodeAuthorizeHandler codeAuthorizeHandler = new CodeAuthorizeHandler(oauthRequest, response);
            LOG.debug("Go to  response_type = 'code' handler: {}", codeAuthorizeHandler);
            codeAuthorizeHandler.handle();
        } else if (oauthRequest.isToken()) {
            TokenAuthorizeHandler tokenAuthorizeHandler = new TokenAuthorizeHandler(oauthRequest, response);
            LOG.debug("Go to response_type = 'token' handler: {}", tokenAuthorizeHandler);
            tokenAuthorizeHandler.handle();
        } else {
            unsupportResponseType(oauthRequest, response);
        }
    } catch (OAuthProblemException e) {
        LOG.debug(e.getMessage(), e);
        OAuthResponse oAuthResponse = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND).location(e.getRedirectUri()).error(e).buildJSONMessage();
        WebUtils.writeOAuthJsonResponse(response, oAuthResponse);
    }
}
Also used : OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException) CodeAuthorizeHandler(io.github.tesla.authz.controller.oauth2.authorize.CodeAuthorizeHandler) TokenAuthorizeHandler(io.github.tesla.authz.controller.oauth2.authorize.TokenAuthorizeHandler) OAuthAuthxRequest(io.github.tesla.authz.controller.oauth2.OAuthAuthxRequest) OAuthResponse(org.apache.oltu.oauth2.common.message.OAuthResponse) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 4 with OAuthResponse

use of org.apache.oltu.oauth2.common.message.OAuthResponse in project tesla by linking12.

the class OAuthHandler method createTokenResponse.

protected OAuthResponse createTokenResponse(AccessToken accessToken, boolean queryOrJson) throws OAuthSystemException {
    final ClientDetails tempClientDetails = clientDetails();
    final OAuthASResponse.OAuthTokenResponseBuilder builder = OAuthASResponse.tokenResponse(HttpServletResponse.SC_OK).location(tempClientDetails.getRedirectUri()).setAccessToken(accessToken.tokenId()).setExpiresIn(String.valueOf(accessToken.currentTokenExpiredSeconds())).setTokenType(accessToken.tokenType());
    final String refreshToken = accessToken.refreshToken();
    if (StringUtils.isNotEmpty(refreshToken)) {
        builder.setRefreshToken(refreshToken);
    }
    return queryOrJson ? builder.buildQueryMessage() : builder.buildJSONMessage();
}
Also used : ClientDetails(io.github.tesla.authz.domain.ClientDetails) OAuthASResponse(org.apache.oltu.oauth2.as.response.OAuthASResponse)

Example 5 with OAuthResponse

use of org.apache.oltu.oauth2.common.message.OAuthResponse in project tesla by linking12.

the class TokenAuthorizeHandler method expiredTokenResponse.

private void expiredTokenResponse(AccessToken accessToken) throws OAuthSystemException {
    final ClientDetails clientDetails = clientDetails();
    LOG.debug("AccessToken {} is expired", accessToken);
    final OAuthResponse oAuthResponse = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND).setError(OAuthError.ResourceResponse.EXPIRED_TOKEN).setErrorDescription("access_token '" + accessToken.tokenId() + "' expired").setErrorUri(clientDetails.getRedirectUri()).buildJSONMessage();
    WebUtils.writeOAuthJsonResponse(response, oAuthResponse);
}
Also used : ClientDetails(io.github.tesla.authz.domain.ClientDetails) OAuthResponse(org.apache.oltu.oauth2.common.message.OAuthResponse)

Aggregations

OAuthResponse (org.apache.oltu.oauth2.common.message.OAuthResponse)22 OAuthProblemException (org.apache.oltu.oauth2.common.exception.OAuthProblemException)10 MD5Generator (org.apache.oltu.oauth2.as.issuer.MD5Generator)6 OAuthIssuerImpl (org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl)5 OAuthSystemException (org.apache.oltu.oauth2.common.exception.OAuthSystemException)5 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)5 AccessToken (io.github.tesla.authz.domain.AccessToken)4 IOException (java.io.IOException)4 OAuthASResponse (org.apache.oltu.oauth2.as.response.OAuthASResponse)4 ClientDetails (io.github.tesla.authz.domain.ClientDetails)3 URI (java.net.URI)3 ServletException (javax.servlet.ServletException)3 OAuthIssuer (org.apache.oltu.oauth2.as.issuer.OAuthIssuer)3 OAuthAuthzRequest (org.apache.oltu.oauth2.as.request.OAuthAuthzRequest)3 OAuthTokenRequest (org.apache.oltu.oauth2.as.request.OAuthTokenRequest)3 BimserverDatabaseException (org.bimserver.BimserverDatabaseException)3 DatabaseSession (org.bimserver.database.DatabaseSession)3 RunServiceAuthorization (org.bimserver.models.store.RunServiceAuthorization)3 AbstractClientDetailsValidator (io.github.tesla.authz.controller.oauth2.validator.AbstractClientDetailsValidator)2 PrintWriter (java.io.PrintWriter)2