Examples with AccessToken org.forgerock.oauth2.core.AccessToken used on opensource projects

Example 46 with AccessToken

use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.

the class OAuth2AuditAccessTokenContextProvider method retrieveAccessTokenFromRequest.

private AccessToken retrieveAccessTokenFromRequest(Request request) {
    AccessToken token;
    token = requestFactory.create(request).getToken(AccessToken.class);
    return token;
}

Example 47 with AccessToken

use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.

the class OAuth2AuditAccessTokenContextProvider method getUserIdFromAccessTokenFromAuthorizationHeader.

private String getUserIdFromAccessTokenFromAuthorizationHeader(Request request) {
    String userId = null;
    AccessToken accessToken = retrieveAccessTokenFromChallengeResponse(request);
    if (accessToken != null) {
        userId = getUserIdFromToken(accessToken);
    }
    return userId;
}

Example 48 with AccessToken

use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.

the class OAuth2AuditAccessTokenContextProvider method retrieveAccessTokenFromChallengeResponse.

private AccessToken retrieveAccessTokenFromChallengeResponse(Request request) {
    AccessToken token;
    ChallengeResponse challengeResponse = request.getChallengeResponse();
    if (challengeResponse == null) {
        return null;
    }
    String bearerToken = challengeResponse.getRawValue();
    if ("undefined".equals(bearerToken)) {
        return null;
    }
    OAuth2Request oAuth2Request = requestFactory.create(request);
    try {
        token = tokenStore.readAccessToken(oAuth2Request, bearerToken);
    } catch (ServerException | InvalidGrantException | NotFoundException e) {
        return null;
    }
    return token;
}

Example 49 with AccessToken

use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.

the class IdTokenClaimGatherer method getRequestingPartyId.

@Override
public String getRequestingPartyId(OAuth2Request oAuth2Request, AccessToken authorizationApiToken, JsonValue claimToken) {
    try {
        SignedJwt idToken = jwtReconstruction.reconstructJwt(claimToken.asString(), SignedJwt.class);
        OAuth2ProviderSettings oAuth2ProviderSettings = oauth2ProviderSettingsFactory.get(oAuth2Request);
        OAuth2Uris oAuth2Uris = oAuth2UrisFactory.get(oAuth2Request);
        byte[] clientSecret = clientRegistrationStore.get(authorizationApiToken.getClientId(), oAuth2Request).getClientSecret().getBytes(Utils.CHARSET);
        KeyPair keyPair = oAuth2ProviderSettings.getServerKeyPair();
        if (!idToken.getClaimsSet().getIssuer().equals(oAuth2Uris.getIssuer())) {
            logger.warn("Issuer of id token, {0}, does not match issuer of authorization server, {1}.", idToken.getClaimsSet().getIssuer(), oAuth2Uris.getIssuer());
            return null;
        }
        if (!verify(clientSecret, keyPair, idToken)) {
            logger.warn("Signature of id token is invalid.");
            return null;
        }
        return idToken.getClaimsSet().getSubject();
    } catch (InvalidClientException e) {
        logger.error("Failed to find client", e);
        return null;
    } catch (NotFoundException | ServerException e) {
        logger.error("Failed to find OAuth2 settings", e);
        return null;
    }
}

Example 50 with AccessToken

use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.

the class AuthorizationRequestEndpointTest method setup.

@BeforeMethod
@SuppressWarnings("unchecked")
public void setup() throws ServerException, InvalidGrantException, NotFoundException, EntitlementException, JSONException {
    requestFactory = mock(OAuth2RequestFactory.class);
    OAuth2Request oAuth2Request = mock(OAuth2Request.class);
    given(requestFactory.create(any(Request.class))).willReturn(oAuth2Request);
    given(oAuth2Request.getParameter("realm")).willReturn("REALM");
    accessToken = mock(AccessToken.class);
    oauth2TokenStore = mock(TokenStore.class);
    given(oauth2TokenStore.readAccessToken(Matchers.<OAuth2Request>anyObject(), anyString())).willReturn(accessToken);
    given(accessToken.getClientId()).willReturn(RS_CLIENT_ID);
    given(accessToken.getResourceOwnerId()).willReturn(REQUESTING_PARTY_ID);
    umaAuditLogger = mock(UmaAuditLogger.class);
    umaTokenStore = mock(UmaTokenStore.class);
    rpt = mock(RequestingPartyToken.class);
    given(rpt.getId()).willReturn("1");
    permissionTicket = mock(PermissionTicket.class);
    given(permissionTicket.getExpiryTime()).willReturn(System.currentTimeMillis() + 10000);
    given(permissionTicket.getResourceSetId()).willReturn(RS_ID);
    given(permissionTicket.getResourceServerClientId()).willReturn(RS_CLIENT_ID);
    given(permissionTicket.getRealm()).willReturn("REALM");
    given(umaTokenStore.readPermissionTicket(anyString())).willReturn(permissionTicket);
    given(umaTokenStore.createRPT(Matchers.<PermissionTicket>anyObject())).willReturn(rpt);
    resourceSetStore = mock(ResourceSetStore.class);
    ResourceSetDescription resourceSet = new ResourceSetDescription();
    resourceSet.setId(RS_DESCRIPTION_ID);
    resourceSet.setResourceOwnerId(RESOURCE_OWNER_ID);
    given(resourceSetStore.query(QueryFilter.equalTo(ResourceSetTokenField.RESOURCE_SET_ID, RS_ID))).willReturn(Collections.singleton(resourceSet));
    umaProviderSettings = mock(UmaProviderSettings.class);
    policyEvaluator = mock(Evaluator.class);
    given(umaProviderSettings.getPolicyEvaluator(any(Subject.class), eq(RS_CLIENT_ID.toLowerCase()))).willReturn(policyEvaluator);
    given(umaProviderSettings.getUmaTokenStore()).willReturn(umaTokenStore);
    umaProviderSettingsFactory = mock(UmaProviderSettingsFactory.class);
    given(umaProviderSettingsFactory.get(Matchers.<Request>anyObject())).willReturn(umaProviderSettings);
    given(umaProviderSettings.getUmaTokenStore()).willReturn(umaTokenStore);
    OAuth2ProviderSettingsFactory oauth2ProviderSettingsFactory = mock(OAuth2ProviderSettingsFactory.class);
    OAuth2ProviderSettings oauth2ProviderSettings = mock(OAuth2ProviderSettings.class);
    given(oauth2ProviderSettingsFactory.get(any(OAuth2Request.class))).willReturn(oauth2ProviderSettings);
    given(oauth2ProviderSettings.getResourceSetStore()).willReturn(resourceSetStore);
    OAuth2UrisFactory<RealmInfo> oauth2UrisFactory = mock(OAuth2UrisFactory.class);
    OAuth2Uris oauth2Uris = mock(OAuth2Uris.class);
    given(oauth2UrisFactory.get(any(OAuth2Request.class))).willReturn(oauth2Uris);
    given(oauth2Uris.getIssuer()).willReturn("ISSUER");
    pendingRequestsService = mock(PendingRequestsService.class);
    Map<String, ClaimGatherer> claimGatherers = new HashMap<>();
    idTokenClaimGatherer = mock(IdTokenClaimGatherer.class);
    claimGatherers.put(IdTokenClaimGatherer.FORMAT, idTokenClaimGatherer);
    ExtensionFilterManager extensionFilterManager = mock(ExtensionFilterManager.class);
    requestAuthorizationFilter = mock(RequestAuthorizationFilter.class);
    given(extensionFilterManager.getFilters(RequestAuthorizationFilter.class)).willReturn(Collections.singletonList(requestAuthorizationFilter));
    UmaExceptionHandler exceptionHandler = mock(UmaExceptionHandler.class);
    endpoint = spy(new AuthorizationRequestEndpoint2(umaProviderSettingsFactory, oauth2TokenStore, requestFactory, oauth2ProviderSettingsFactory, oauth2UrisFactory, umaAuditLogger, pendingRequestsService, claimGatherers, extensionFilterManager, exceptionHandler, jacksonRepresentationFactory));
    request = mock(Request.class);
    given(endpoint.getRequest()).willReturn(request);
    response = mock(Response.class);
    endpoint.setResponse(response);
    requestBody = mock(JSONObject.class);
    given(requestBody.toString()).willReturn("{\"ticket\": \"016f84e8-f9b9-11e0-bd6f-0021cc6004de\"}");
    entity = mock(JsonRepresentation.class);
    given(entity.getJsonObject()).willReturn(requestBody);
}