use of org.apache.oltu.oauth2.common.message.OAuthResponse in project entando-core by entando.
the class AuthEndpointServlet method doGet.
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
OAuthAuthzRequest oauthRequest = null;
OAuthIssuerImpl oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
IApiOAuthorizationCodeManager codeManager = (IApiOAuthorizationCodeManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH2_AUTHORIZATION_CODE_MANAGER, request);
try {
oauthRequest = new OAuthAuthzRequest(request);
if (validateClient(oauthRequest, request, response)) {
// build response according to response_type
String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE) == null ? OAuth.OAUTH_RESPONSE_TYPE : oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE);
OAuthASResponse.OAuthAuthorizationResponseBuilder builder = OAuthASResponse.authorizationResponse(request, HttpServletResponse.SC_FOUND);
final String authorizationCode = oauthIssuerImpl.authorizationCode();
final int expires = 3;
AuthorizationCode authCode = new AuthorizationCode();
authCode.setAuthorizationCode(authorizationCode);
// gets a calendar using the default time zone and locale.
Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.SECOND, expires);
authCode.setExpires(calendar.getTimeInMillis());
authCode.setClientId(oauthRequest.getClientId());
authCode.setSource(request.getRemoteAddr());
codeManager.addAuthorizationCode(authCode);
if (responseType.equals(ResponseType.CODE.toString())) {
builder.setCode(authorizationCode);
}
if (responseType.equals(ResponseType.TOKEN.toString())) {
builder.setAccessToken(authorizationCode);
builder.setExpiresIn((long) expires);
}
String redirectURI = oauthRequest.getParam(OAuth.OAUTH_REDIRECT_URI);
final OAuthResponse resp = builder.location(redirectURI).buildQueryMessage();
final int status = resp.getResponseStatus();
response.setStatus(status);
response.sendRedirect(resp.getLocationUri());
} else {
logger.warn("OAuth2 authentication failed");
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
}
} catch (OAuthSystemException ex) {
logger.error("System exception {} ", ex.getMessage());
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
} catch (OAuthProblemException ex) {
logger.error("OAuth2 error {} ", ex.getMessage());
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
} catch (IOException e) {
logger.error("IOException {} ", e);
}
}
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project entando-core by entando.
the class TokenEndpointServlet method doPost.
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
try {
final OAuthResponse oAuthResponse = this.validateClientWithAuthorizationCode(request);
if (oAuthResponse != null) {
response.setStatus(oAuthResponse.getResponseStatus());
PrintWriter pw = response.getWriter();
pw.print(oAuthResponse.getBody());
pw.flush();
pw.close();
} else {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, ERROR_AUTHENTICATION_FAILED);
}
} catch (Throwable e) {
_logger.error("OAuthSystemException exception {} ", e.getMessage());
try {
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
} catch (IOException e1) {
_logger.error("IOException - IOException exception {} ", e1);
}
}
}
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project dq-easy-cloud by dq-open-cloud.
the class EcAuthorizeController method authorize.
@RequestMapping("/toAuthorize")
public Object authorize(Model model, HttpServletRequest request) throws URISyntaxException, OAuthSystemException {
// http://localhost:8100/authorize/toAuthorize?redirect_uri=https://www.baidu.com/&response_type=code&client_id=1&state=bb38108d1aaf567c72da0f1167e87142d0e20cb2bb24ec5a
try {
// 构建OAuth 授权请求
OAuthAuthzRequest oauthRequest = new OAuthAuthzRequest(request);
boolean checkClient = false;
// 检查传入的客户端id是否正确
if (checkClient) {
OAuthResponse response = OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST).setError(OAuthError.TokenResponse.INVALID_CLIENT).setErrorDescription("非法用户").buildJSONMessage();
return new ResponseEntity(response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));
}
Subject subject = SecurityUtils.getSubject();
// 如果用户没有登录,跳转到登陆页面
if (!subject.isAuthenticated()) {
if (!login(subject, request)) {
// model.addAttribute("client", clientService.findByClientId(oauthRequest.getClientId()));
return "oauth2login";
}
}
String username = (String) subject.getPrincipal();
// 生成授权码
String authorizationCode = null;
// responseType目前仅支持CODE,另外还有TOKEN
String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE);
if (responseType.equals(ResponseType.CODE.toString())) {
OAuthIssuerImpl oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
authorizationCode = oauthIssuerImpl.authorizationCode();
codeCache.put(authorizationCode, "zhangsan");
// oAuthService.addAuthCode(authorizationCode, username);
}
// 进行OAuth响应构建
OAuthASResponse.OAuthAuthorizationResponseBuilder builder = OAuthASResponse.authorizationResponse(request, HttpServletResponse.SC_FOUND);
// 设置授权码
builder.setCode(authorizationCode);
// 得到到客户端重定向地址
String redirectURI = oauthRequest.getParam(OAuth.OAUTH_REDIRECT_URI);
// 构建响应
final OAuthResponse response = builder.location(redirectURI).buildQueryMessage();
// 根据OAuthResponse返回ResponseEntity响应
HttpHeaders headers = new HttpHeaders();
headers.setLocation(new URI(response.getLocationUri()));
return new ResponseEntity(headers, HttpStatus.valueOf(response.getResponseStatus()));
} catch (OAuthProblemException e) {
logger.error(e.getMessage(), e);
// 出错处理
String redirectUri = e.getRedirectUri();
if (OAuthUtils.isEmpty(redirectUri)) {
// 告诉客户端没有传入redirectUri直接报错
return new ResponseEntity("OAuth callback url needs to be provided by client!!!", HttpStatus.NOT_FOUND);
}
// 返回错误消息(如?error=)
final OAuthResponse response = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND).error(e).location(redirectUri).buildQueryMessage();
HttpHeaders headers = new HttpHeaders();
headers.setLocation(new URI(response.getLocationUri()));
return new ResponseEntity(headers, HttpStatus.valueOf(response.getResponseStatus()));
}
}
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project dq-easy-cloud by dq-open-cloud.
the class EcAuthorizeController method userInfo.
@RequestMapping("/userInfo")
public HttpEntity userInfo(HttpServletRequest request) throws OAuthSystemException {
try {
// 构建OAuth资源请求
OAuthAccessResourceRequest oauthRequest = new OAuthAccessResourceRequest(request, ParameterStyle.QUERY);
// 获取Access Token
String accessToken = oauthRequest.getAccessToken();
// 验证Access Token
boolean accessTokenFlag = false;
// if (!oAuthService.checkAccessToken(accessToken)) {
if (accessTokenFlag) {
// 如果不存在/过期了,返回未验证错误,需重新验证
OAuthResponse oauthResponse = OAuthRSResponse.errorResponse(HttpServletResponse.SC_UNAUTHORIZED).setRealm("过期了").setError(OAuthError.ResourceResponse.INVALID_TOKEN).buildHeaderMessage();
HttpHeaders headers = new HttpHeaders();
headers.add(OAuth.HeaderType.WWW_AUTHENTICATE, oauthResponse.getHeader(OAuth.HeaderType.WWW_AUTHENTICATE));
return new ResponseEntity(headers, HttpStatus.UNAUTHORIZED);
}
// 返回用户名
// String username = oAuthService.getUsernameByAccessToken(accessToken);
Object username = tokenCache.get(accessToken);
return new ResponseEntity(username, HttpStatus.OK);
} catch (OAuthProblemException e) {
// 检查是否设置了错误码
String errorCode = e.getError();
if (OAuthUtils.isEmpty(errorCode)) {
OAuthResponse oauthResponse = OAuthRSResponse.errorResponse(HttpServletResponse.SC_UNAUTHORIZED).setRealm("server").buildHeaderMessage();
HttpHeaders headers = new HttpHeaders();
headers.add(OAuth.HeaderType.WWW_AUTHENTICATE, oauthResponse.getHeader(OAuth.HeaderType.WWW_AUTHENTICATE));
return new ResponseEntity(headers, HttpStatus.UNAUTHORIZED);
}
OAuthResponse oauthResponse = OAuthRSResponse.errorResponse(HttpServletResponse.SC_UNAUTHORIZED).setRealm("server").setError(e.getError()).setErrorDescription(e.getDescription()).setErrorUri(e.getUri()).buildHeaderMessage();
HttpHeaders headers = new HttpHeaders();
headers.add(OAuth.HeaderType.WWW_AUTHENTICATE, oauthResponse.getHeader(OAuth.HeaderType.WWW_AUTHENTICATE));
return new ResponseEntity(HttpStatus.BAD_REQUEST);
}
}
use of org.apache.oltu.oauth2.common.message.OAuthResponse in project BIMserver by opensourceBIM.
the class OAuthAuthorizationServlet method makeUrl.
private URI makeUrl(String redirectURI, OAuthAuthorizationCode oauthCode, OAuthAuthorizationResponseBuilder builder) throws OAuthSystemException, URISyntaxException {
String siteAddress = getBimServer().getServerSettingsCache().getServerSettings().getSiteAddress();
OAuthAuthorizationResponseBuilder build = builder.location(redirectURI).setParam("address", siteAddress + "/json");
build.setParam("serviceaddress", siteAddress + "/services");
build.setParam("websocketUrl", siteAddress.replace("http://", "ws://").replace("https://", "wss://") + "/stream");
if (oauthCode.getAuthorization() instanceof SingleProjectAuthorization) {
SingleProjectAuthorization singleProjectAuthorization = (SingleProjectAuthorization) oauthCode.getAuthorization();
build.setParam("poid", "" + singleProjectAuthorization.getProject().getOid());
} else if (oauthCode.getAuthorization() instanceof RunServiceAuthorization) {
RunServiceAuthorization auth = (RunServiceAuthorization) oauthCode.getAuthorization();
build.setParam("soid", "" + auth.getService().getOid());
}
final OAuthResponse response = build.buildQueryMessage();
String locationUri = response.getLocationUri();
URI url = new URI(locationUri);
return url;
}
Aggregations