Examples with ConnectionBuilder org.apache.qpid.server.util.ConnectionBuilder used on opensource projects

Example 1 with ConnectionBuilder

use of org.apache.qpid.server.util.ConnectionBuilder in project qpid-broker-j by apache.

the class OAuth2AuthenticationProviderImpl method authenticateViaAuthorizationCode.

@Override
public AuthenticationResult authenticateViaAuthorizationCode(final String authorizationCode, final String redirectUri, NamedAddressSpace addressSpace) {
    URL tokenEndpoint;
    HttpURLConnection connection;
    byte[] body;
    try {
        tokenEndpoint = getTokenEndpointURI(addressSpace).toURL();
        ConnectionBuilder connectionBuilder = new ConnectionBuilder(tokenEndpoint);
        connectionBuilder.setConnectTimeout(_connectTimeout).setReadTimeout(_readTimeout);
        if (getTrustStore() != null) {
            try {
                connectionBuilder.setTrustMangers(getTrustStore().getTrustManagers());
            } catch (GeneralSecurityException e) {
                throw new ServerScopedRuntimeException("Cannot initialise TLS", e);
            }
        }
        connectionBuilder.setTlsProtocolWhiteList(getTlsProtocolWhiteList()).setTlsProtocolBlackList(getTlsProtocolBlackList()).setTlsCipherSuiteWhiteList(getTlsCipherSuiteWhiteList()).setTlsCipherSuiteBlackList(getTlsCipherSuiteBlackList());
        LOGGER.debug("About to call token endpoint '{}'", tokenEndpoint);
        connection = connectionBuilder.build();
        // makes sure to use POST
        connection.setDoOutput(true);
        connection.setRequestProperty("Accept-Charset", UTF_8.name());
        connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded;charset=" + UTF_8.name());
        connection.setRequestProperty("Accept", "application/json");
        if (getTokenEndpointNeedsAuth()) {
            String encoded = DatatypeConverter.printBase64Binary((getClientId() + ":" + getClientSecret()).getBytes(UTF_8));
            connection.setRequestProperty("Authorization", "Basic " + encoded);
        }
        Map<String, String> requestBody = new HashMap<>();
        requestBody.put("code", authorizationCode);
        requestBody.put("client_id", getClientId());
        requestBody.put("client_secret", getClientSecret());
        requestBody.put("redirect_uri", redirectUri);
        requestBody.put("grant_type", "authorization_code");
        requestBody.put("response_type", "token");
        body = OAuth2Utils.buildRequestQuery(requestBody).getBytes(UTF_8);
        connection.connect();
        try (OutputStream output = connection.getOutputStream()) {
            output.write(body);
        }
        try (InputStream input = OAuth2Utils.getResponseStream(connection)) {
            final int responseCode = connection.getResponseCode();
            LOGGER.debug("Call to token endpoint '{}' complete, response code : {}", tokenEndpoint, responseCode);
            Map<String, Object> responseMap = _objectMapper.readValue(input, Map.class);
            if (responseCode != 200 || responseMap.containsKey("error")) {
                IllegalStateException e = new IllegalStateException(String.format("Token endpoint failed, response code %d, error '%s', description '%s'", responseCode, responseMap.get("error"), responseMap.get("error_description")));
                LOGGER.error(e.getMessage());
                return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR, e);
            }
            Object accessTokenObject = responseMap.get("access_token");
            if (accessTokenObject == null) {
                IllegalStateException e = new IllegalStateException("Token endpoint response did not include 'access_token'");
                LOGGER.error("Unexpected token endpoint response", e);
                return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR, e);
            }
            String accessToken = String.valueOf(accessTokenObject);
            return authenticateViaAccessToken(accessToken, addressSpace);
        } catch (JsonProcessingException e) {
            IllegalStateException ise = new IllegalStateException(String.format("Token endpoint '%s' did not return json", tokenEndpoint), e);
            LOGGER.error("Unexpected token endpoint response", e);
            return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR, ise);
        }
    } catch (IOException e) {
        LOGGER.error("Call to token endpoint failed", e);
        return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR, e);
    }
}

Example 2 with ConnectionBuilder

use of org.apache.qpid.server.util.ConnectionBuilder in project qpid-broker-j by apache.

the class CloudFoundryOAuth2IdentityResolverService method getUserPrincipal.

@Override
public Principal getUserPrincipal(final OAuth2AuthenticationProvider<?> authenticationProvider, final String accessToken, final NamedAddressSpace addressSpace) throws IOException, IdentityResolverException {
    URL checkTokenEndpoint = authenticationProvider.getIdentityResolverEndpointURI(addressSpace).toURL();
    TrustStore trustStore = authenticationProvider.getTrustStore();
    String clientId = authenticationProvider.getClientId();
    String clientSecret = authenticationProvider.getClientSecret();
    ConnectionBuilder connectionBuilder = new ConnectionBuilder(checkTokenEndpoint);
    connectionBuilder.setConnectTimeout(authenticationProvider.getConnectTimeout()).setReadTimeout(authenticationProvider.getReadTimeout());
    if (trustStore != null) {
        try {
            connectionBuilder.setTrustMangers(trustStore.getTrustManagers());
        } catch (GeneralSecurityException e) {
            throw new ServerScopedRuntimeException("Cannot initialise TLS", e);
        }
    }
    connectionBuilder.setTlsProtocolWhiteList(authenticationProvider.getTlsProtocolWhiteList()).setTlsProtocolBlackList(authenticationProvider.getTlsProtocolBlackList()).setTlsCipherSuiteWhiteList(authenticationProvider.getTlsCipherSuiteWhiteList()).setTlsCipherSuiteBlackList(authenticationProvider.getTlsCipherSuiteBlackList());
    LOGGER.debug("About to call identity service '{}'", checkTokenEndpoint);
    HttpURLConnection connection = connectionBuilder.build();
    // makes sure to use POST
    connection.setDoOutput(true);
    connection.setRequestProperty("Accept-Charset", UTF_8.name());
    connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded;charset=" + UTF_8.name());
    connection.setRequestProperty("Accept", "application/json");
    String encoded = DatatypeConverter.printBase64Binary((clientId + ":" + clientSecret).getBytes(UTF_8));
    connection.setRequestProperty("Authorization", "Basic " + encoded);
    final Map<String, String> requestParameters = Collections.singletonMap("token", accessToken);
    connection.connect();
    try (OutputStream output = connection.getOutputStream()) {
        output.write(OAuth2Utils.buildRequestQuery(requestParameters).getBytes(UTF_8));
        output.close();
        try (InputStream input = OAuth2Utils.getResponseStream(connection)) {
            int responseCode = connection.getResponseCode();
            LOGGER.debug("Call to identity service '{}' complete, response code : {}", checkTokenEndpoint, responseCode);
            Map<String, String> responseMap = null;
            try {
                responseMap = _objectMapper.readValue(input, Map.class);
            } catch (JsonProcessingException e) {
                throw new IOException(String.format("Identity resolver '%s' did not return json", checkTokenEndpoint), e);
            }
            if (responseCode != 200) {
                throw new IdentityResolverException(String.format("Identity resolver '%s' failed, response code %d, error '%s', description '%s'", checkTokenEndpoint, responseCode, responseMap.get("error"), responseMap.get("error_description")));
            }
            final String userName = responseMap.get("user_name");
            if (userName == null) {
                throw new IdentityResolverException(String.format("Identity resolver '%s' failed, response did not include 'user_name'", checkTokenEndpoint));
            }
            return new UsernamePrincipal(userName, authenticationProvider);
        }
    }
}

Example 3 with ConnectionBuilder

use of org.apache.qpid.server.util.ConnectionBuilder in project qpid-broker-j by apache.

the class GitHubOAuth2IdentityResolverService method getUserPrincipal.

@Override
public Principal getUserPrincipal(final OAuth2AuthenticationProvider<?> authenticationProvider, String accessToken, final NamedAddressSpace addressSpace) throws IOException, IdentityResolverException {
    URL userInfoEndpoint = authenticationProvider.getIdentityResolverEndpointURI(addressSpace).toURL();
    TrustStore trustStore = authenticationProvider.getTrustStore();
    ConnectionBuilder connectionBuilder = new ConnectionBuilder(userInfoEndpoint);
    connectionBuilder.setConnectTimeout(authenticationProvider.getConnectTimeout()).setReadTimeout(authenticationProvider.getReadTimeout());
    if (trustStore != null) {
        try {
            connectionBuilder.setTrustMangers(trustStore.getTrustManagers());
        } catch (GeneralSecurityException e) {
            throw new ServerScopedRuntimeException("Cannot initialise TLS", e);
        }
    }
    connectionBuilder.setTlsProtocolWhiteList(authenticationProvider.getTlsProtocolWhiteList()).setTlsProtocolBlackList(authenticationProvider.getTlsProtocolBlackList()).setTlsCipherSuiteWhiteList(authenticationProvider.getTlsCipherSuiteWhiteList()).setTlsCipherSuiteBlackList(authenticationProvider.getTlsCipherSuiteBlackList());
    LOGGER.debug("About to call identity service '{}'", userInfoEndpoint);
    HttpURLConnection connection = connectionBuilder.build();
    connection.setRequestProperty("Accept-Charset", UTF8);
    connection.setRequestProperty("Accept", "application/vnd.github.v3+json");
    connection.setRequestProperty("Authorization", "token " + accessToken);
    connection.connect();
    try (InputStream input = OAuth2Utils.getResponseStream(connection)) {
        int responseCode = connection.getResponseCode();
        LOGGER.debug("Call to identity service '{}' complete, response code : {}", userInfoEndpoint, responseCode);
        Map<String, String> responseMap;
        try {
            responseMap = _objectMapper.readValue(input, Map.class);
        } catch (JsonProcessingException e) {
            throw new IOException(String.format("Identity resolver '%s' did not return json", userInfoEndpoint), e);
        }
        if (responseCode != 200) {
            throw new IdentityResolverException(String.format("Identity resolver '%s' failed, response code %d", userInfoEndpoint, responseCode));
        }
        final String githubId = responseMap.get("login");
        if (githubId == null) {
            throw new IdentityResolverException(String.format("Identity resolver '%s' failed, response did not include 'login'", userInfoEndpoint));
        }
        return new UsernamePrincipal(githubId, authenticationProvider);
    }
}

Example 4 with ConnectionBuilder

use of org.apache.qpid.server.util.ConnectionBuilder in project qpid-broker-j by apache.

the class MicrosoftLiveOAuth2IdentityResolverService method getUserPrincipal.

@Override
public Principal getUserPrincipal(final OAuth2AuthenticationProvider<?> authenticationProvider, String accessToken, final NamedAddressSpace addressSpace) throws IOException, IdentityResolverException {
    URL userInfoEndpoint = authenticationProvider.getIdentityResolverEndpointURI(addressSpace).toURL();
    TrustStore trustStore = authenticationProvider.getTrustStore();
    ConnectionBuilder connectionBuilder = new ConnectionBuilder(userInfoEndpoint);
    connectionBuilder.setConnectTimeout(authenticationProvider.getConnectTimeout()).setReadTimeout(authenticationProvider.getReadTimeout());
    if (trustStore != null) {
        try {
            connectionBuilder.setTrustMangers(trustStore.getTrustManagers());
        } catch (GeneralSecurityException e) {
            throw new ServerScopedRuntimeException("Cannot initialise TLS", e);
        }
    }
    connectionBuilder.setTlsProtocolWhiteList(authenticationProvider.getTlsProtocolWhiteList()).setTlsProtocolBlackList(authenticationProvider.getTlsProtocolBlackList()).setTlsCipherSuiteWhiteList(authenticationProvider.getTlsCipherSuiteWhiteList()).setTlsCipherSuiteBlackList(authenticationProvider.getTlsCipherSuiteBlackList());
    LOGGER.debug("About to call identity service '{}'", userInfoEndpoint);
    HttpURLConnection connection = connectionBuilder.build();
    connection.setRequestProperty("Accept-Charset", UTF8);
    connection.setRequestProperty("Accept", "application/json");
    connection.setRequestProperty("Authorization", "Bearer " + accessToken);
    connection.connect();
    try (InputStream input = OAuth2Utils.getResponseStream(connection)) {
        int responseCode = connection.getResponseCode();
        LOGGER.debug("Call to identity service '{}' complete, response code : {}", userInfoEndpoint, responseCode);
        Map<String, String> responseMap;
        try {
            responseMap = _objectMapper.readValue(input, Map.class);
        } catch (JsonProcessingException e) {
            throw new IOException(String.format("Identity resolver '%s' did not return json", userInfoEndpoint), e);
        }
        if (responseCode != 200) {
            throw new IdentityResolverException(String.format("Identity resolver '%s' failed, response code %d", userInfoEndpoint, responseCode));
        }
        final String liveId = responseMap.get("id");
        if (liveId == null) {
            throw new IdentityResolverException(String.format("Identity resolver '%s' failed, response did not include 'id'", userInfoEndpoint));
        }
        return new UsernamePrincipal(liveId, authenticationProvider);
    }
}

Example 5 with ConnectionBuilder

use of org.apache.qpid.server.util.ConnectionBuilder in project qpid-broker-j by apache.

the class CloudFoundryDashboardManagementGroupProviderImpl method mayManageServiceInstance.

private boolean mayManageServiceInstance(final String serviceInstanceId, final String accessToken) {
    HttpURLConnection connection;
    String cloudFoundryEndpoint = String.format("%s/v2/service_instances/%s/permissions", getCloudFoundryEndpointURI().toString(), serviceInstanceId);
    try {
        ConnectionBuilder connectionBuilder = new ConnectionBuilder(new URL(cloudFoundryEndpoint));
        connectionBuilder.setConnectTimeout(_connectTimeout).setReadTimeout(_readTimeout);
        if (_trustStore != null) {
            try {
                connectionBuilder.setTrustMangers(_trustStore.getTrustManagers());
            } catch (GeneralSecurityException e) {
                throw new ServerScopedRuntimeException("Cannot initialise TLS", e);
            }
        }
        connectionBuilder.setTlsProtocolWhiteList(_tlsProtocolWhiteList).setTlsProtocolBlackList(_tlsProtocolBlackList).setTlsCipherSuiteWhiteList(_tlsCipherSuiteWhiteList).setTlsCipherSuiteBlackList(_tlsCipherSuiteBlackList);
        LOGGER.debug("About to call CloudFoundryDashboardManagementEndpoint '{}'", cloudFoundryEndpoint);
        connection = connectionBuilder.build();
        connection.setRequestProperty("Accept-Charset", UTF8);
        connection.setRequestProperty("Accept", "application/json");
        connection.setRequestProperty("Authorization", "Bearer " + accessToken);
        connection.connect();
    } catch (SocketTimeoutException e) {
        throw new ExternalServiceTimeoutException(String.format("Timed out trying to connect to CloudFoundryDashboardManagementEndpoint '%s'.", cloudFoundryEndpoint), e);
    } catch (IOException e) {
        throw new ExternalServiceException(String.format("Could not connect to CloudFoundryDashboardManagementEndpoint '%s'.", cloudFoundryEndpoint), e);
    }
    try (InputStream input = connection.getInputStream()) {
        final int responseCode = connection.getResponseCode();
        LOGGER.debug("Call to CloudFoundryDashboardManagementEndpoint '{}' complete, response code : {}", cloudFoundryEndpoint, responseCode);
        Map<String, Object> responseMap = _objectMapper.readValue(input, Map.class);
        Object mayManageObject = responseMap.get("manage");
        if (mayManageObject == null || !(mayManageObject instanceof Boolean)) {
            throw new ExternalServiceException("CloudFoundryDashboardManagementEndpoint response did not contain \"manage\" entry.");
        }
        return (boolean) mayManageObject;
    } catch (JsonProcessingException e) {
        throw new ExternalServiceException(String.format("CloudFoundryDashboardManagementEndpoint '%s' did not return json.", cloudFoundryEndpoint), e);
    } catch (SocketTimeoutException e) {
        throw new ExternalServiceTimeoutException(String.format("Timed out reading from CloudFoundryDashboardManagementEndpoint '%s'.", cloudFoundryEndpoint), e);
    } catch (IOException e) {
        throw new ExternalServiceException(String.format("Connection to CloudFoundryDashboardManagementEndpoint '%s' failed.", cloudFoundryEndpoint), e);
    }
}