use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.
the class IdTokenClaimGathererTest method mockAuthorizationApiToken.
private AccessToken mockAuthorizationApiToken() {
AccessToken authorizationApiToken = mock(AccessToken.class);
given(authorizationApiToken.getClientId()).willReturn("CLIENT_ID");
return authorizationApiToken;
}
use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.
the class IdTokenClaimGathererTest method shouldGatherValidIdTokenClaimToken.
@Test
public void shouldGatherValidIdTokenClaimToken() {
//Given
AccessToken authorizationApiToken = mockAuthorizationApiToken();
JsonValue claimToken = mockIdTokenClaimToken("ISSUER");
setIdTokenAndOAuth2ProviderIssuers("ISSUER");
//When
String requestingPartyId = claimGatherer.getRequestingPartyId(oAuth2Request, authorizationApiToken, claimToken);
//Then
assertThat(requestingPartyId).isEqualTo("REQUESTING_PARTY_ID");
}
use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.
the class IdTokenClaimGathererTest method shouldNotGatherIdTokenClaimTokenWithIncorrectIssuer.
@Test
public void shouldNotGatherIdTokenClaimTokenWithIncorrectIssuer() {
//Given
AccessToken authorizationApiToken = mockAuthorizationApiToken();
JsonValue claimToken = mockIdTokenClaimToken("OTHER_ISSUER");
setIdTokenAndOAuth2ProviderIssuers("ISSUER");
//When
String requestingPartyId = claimGatherer.getRequestingPartyId(oAuth2Request, authorizationApiToken, claimToken);
//Then
assertThat(requestingPartyId).isNull();
}
use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.
the class TokenInfoServiceImpl method getTokenInfo.
/**
* {@inheritDoc}
*/
public JsonValue getTokenInfo(OAuth2Request request) throws InvalidTokenException, InvalidRequestException, ExpiredTokenException, ServerException, BadRequestException, InvalidGrantException, NotFoundException {
final AccessTokenVerifier.TokenState headerToken = headerTokenVerifier.verify(request);
final AccessTokenVerifier.TokenState queryToken = queryTokenVerifier.verify(request);
final Map<String, Object> response = new HashMap<String, Object>();
if (!headerToken.isValid() && !queryToken.isValid()) {
logger.error("Access Token not valid");
throw new InvalidRequestException("Access Token not valid");
} else if (headerToken.isValid() && queryToken.isValid()) {
logger.error("Access Token provided in both query and header in request");
throw new InvalidRequestException("Access Token cannot be provided in both query and header");
} else {
final AccessToken accessToken = request.getToken(AccessToken.class);
logger.trace("In Validator resource - got token = " + accessToken);
final OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
final Map<String, Object> scopeEvaluation = providerSettings.evaluateScope(accessToken);
response.putAll(accessToken.getTokenInfo());
response.putAll(scopeEvaluation);
return new JsonValue(response);
}
}
use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.
the class OAuth2AuditAccessTokenContextProvider method getTrackingIdFromAccessTokenFromRequest.
private String getTrackingIdFromAccessTokenFromRequest(Request request) {
String trackingId = null;
AccessToken accessToken = retrieveAccessTokenFromRequest(request);
if (accessToken != null) {
trackingId = getTrackingIdFromToken(accessToken);
}
return trackingId;
}
Aggregations