use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.
the class OpenAMTokenStore method generateAtHash.
/**
* For at_hash values, used when token and id_token exist in scope.
*/
private String generateAtHash(String algorithm, OAuth2Request request, OAuth2ProviderSettings providerSettings) throws ServerException {
final AccessToken accessToken = request.getToken(AccessToken.class);
if (accessToken == null) {
logger.message("at_hash generation requires an existing access_token.");
return null;
}
final String accessTokenValue = ((String) accessToken.getTokenInfo().get(OAuth2Constants.Params.ACCESS_TOKEN));
return generateHash(algorithm, accessTokenValue, providerSettings);
}
use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.
the class OpenAMTokenStore method readAccessToken.
/**
* {@inheritDoc}
*/
public AccessToken readAccessToken(OAuth2Request request, String tokenId) throws ServerException, InvalidGrantException, NotFoundException {
AccessToken loaded = request.getToken(AccessToken.class);
if (loaded != null) {
return loaded;
}
logger.message("Reading access token");
JsonValue token;
// Read from CTS
try {
token = tokenStore.read(tokenId);
} catch (CoreTokenException e) {
logger.error("Unable to read access token corresponding to id: " + tokenId, e);
throw new ServerException("Could not read token in CTS: " + e.getMessage());
}
if (token == null) {
logger.error("Unable to read access token corresponding to id: " + tokenId);
throw new InvalidGrantException("Could not read token in CTS");
}
OpenAMAccessToken accessToken = new OpenAMAccessToken(token);
validateTokenRealm(accessToken.getRealm(), request);
request.setToken(AccessToken.class, accessToken);
return accessToken;
}
use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.
the class PermissionRequestEndpointTest method setup.
@BeforeMethod
@SuppressWarnings("unchecked")
public void setup() throws ServerException, InvalidGrantException, NotFoundException {
resourceSetStore = mock(ResourceSetStore.class);
OAuth2RequestFactory<?, Request> requestFactory = mock(OAuth2RequestFactory.class);
umaTokenStore = mock(UmaTokenStore.class);
OAuth2ProviderSettingsFactory providerSettingFactory = mock(OAuth2ProviderSettingsFactory.class);
OAuth2ProviderSettings providerSettings = mock(OAuth2ProviderSettings.class);
given(providerSettingFactory.get(Matchers.<OAuth2Request>anyObject())).willReturn(providerSettings);
given(providerSettings.getResourceSetStore()).willReturn(resourceSetStore);
UmaProviderSettingsFactory umaProviderSettingsFactory = mock(UmaProviderSettingsFactory.class);
UmaProviderSettings umaProviderSettings = mock(UmaProviderSettings.class);
given(umaProviderSettingsFactory.get(any(Request.class))).willReturn(umaProviderSettings);
given(umaProviderSettings.getUmaTokenStore()).willReturn(umaTokenStore);
ExtensionFilterManager extensionFilterManager = mock(ExtensionFilterManager.class);
permissionRequestFilter = mock(PermissionRequestFilter.class);
given(extensionFilterManager.getFilters(PermissionRequestFilter.class)).willReturn(Collections.singleton(permissionRequestFilter));
UmaExceptionHandler exceptionHandler = mock(UmaExceptionHandler.class);
endpoint = spy(new PermissionRequestEndpoint(providerSettingFactory, requestFactory, umaProviderSettingsFactory, extensionFilterManager, exceptionHandler, jacksonRepresentationFactory));
response = mock(Response.class);
endpoint.setResponse(response);
Request request = mock(Request.class);
given(endpoint.getRequest()).willReturn(request);
AccessToken accessToken = mock(AccessToken.class);
given(accessToken.getClientId()).willReturn("CLIENT_ID");
given(accessToken.getResourceOwnerId()).willReturn("RESOURCE_OWNER_ID");
OAuth2Request oAuth2Request = mock(OAuth2Request.class);
given(requestFactory.create(request)).willReturn(oAuth2Request);
given(oAuth2Request.getToken(AccessToken.class)).willReturn(accessToken);
}
use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.
the class TokenInfoServiceImpl method getTokenInfo.
/**
* {@inheritDoc}
*/
public JsonValue getTokenInfo(OAuth2Request request) throws InvalidTokenException, InvalidRequestException, ExpiredTokenException, ServerException, BadRequestException, InvalidGrantException, NotFoundException {
final AccessTokenVerifier.TokenState headerToken = headerTokenVerifier.verify(request);
final AccessTokenVerifier.TokenState queryToken = queryTokenVerifier.verify(request);
final Map<String, Object> response = new HashMap<String, Object>();
if (!headerToken.isValid() && !queryToken.isValid()) {
logger.error("Access Token not valid");
throw new InvalidRequestException("Access Token not valid");
} else if (headerToken.isValid() && queryToken.isValid()) {
logger.error("Access Token provided in both query and header in request");
throw new InvalidRequestException("Access Token cannot be provided in both query and header");
} else {
final AccessToken accessToken = request.getToken(AccessToken.class);
logger.trace("In Validator resource - got token = " + accessToken);
final OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
final Map<String, Object> scopeEvaluation = providerSettings.evaluateScope(accessToken);
response.putAll(accessToken.getTokenInfo());
response.putAll(scopeEvaluation);
return new JsonValue(response);
}
}
use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.
the class OAuth2AuditAccessTokenContextProvider method getTrackingIdFromAccessTokenFromRequest.
private String getTrackingIdFromAccessTokenFromRequest(Request request) {
String trackingId = null;
AccessToken accessToken = retrieveAccessTokenFromRequest(request);
if (accessToken != null) {
trackingId = getTrackingIdFromToken(accessToken);
}
return trackingId;
}
Aggregations