Example 16 with ClientRegistration
use of org.forgerock.oauth2.core.ClientRegistration in project OpenAM by OpenRock.
the class DeviceCodeGrantTypeHandlerTest method setup.
@BeforeMethod
public void setup() throws Exception {
initMocks(this);
OAuth2ProviderSettingsFactory providerSettingsFactory = mock(OAuth2ProviderSettingsFactory.class);
when(providerSettingsFactory.get(request)).thenReturn(providerSettings);
when(providerSettings.getDeviceCodePollInterval()).thenReturn(5);
when(providerSettings.validateRequestedClaims(anyString())).thenAnswer(new Answer<String>() {
@Override
public String answer(InvocationOnMock invocation) throws Throwable {
return (String) invocation.getArguments()[0];
}
});
OAuth2UrisFactory oAuth2UrisFactory = mock(OAuth2UrisFactory.class);
when(oAuth2UrisFactory.get(request)).thenReturn(oAuth2Uris);
ClientAuthenticator clientAuthenticator = mock(ClientAuthenticator.class);
ClientRegistration clientRegistration = mock(ClientRegistration.class);
when(clientAuthenticator.authenticate(eq(request), anyString())).thenReturn(clientRegistration);
accessTokenGenerator = new GrantTypeAccessTokenGenerator(tokenStore);
when(tokenStore.createAccessToken(anyString(), anyString(), anyString(), anyString(), anyString(), anyString(), anySetOf(String.class), any(RefreshToken.class), anyString(), anyString(), any(OAuth2Request.class))).thenReturn(accessToken);
when(tokenStore.createRefreshToken(anyString(), anyString(), anyString(), anyString(), anySetOf(String.class), any(OAuth2Request.class), anyString())).thenReturn(refreshToken);
ClientAuthenticationFailureFactory failureFactory = mock(ClientAuthenticationFailureFactory.class);
InvalidClientException expectedResult = mock(InvalidClientException.class);
when(expectedResult.getError()).thenReturn("invalid_client");
when(failureFactory.getException()).thenReturn(expectedResult);
when(failureFactory.getException(anyString())).thenReturn(expectedResult);
when(failureFactory.getException(any(OAuth2Request.class), anyString())).thenReturn(expectedResult);
grantTypeHandler = new DeviceCodeGrantTypeHandler(providerSettingsFactory, clientAuthenticator, tokenStore, clientRegistrationStore, failureFactory, oAuth2UrisFactory, accessTokenGenerator);
}
Also used :
ClientAuthenticationFailureFactory(org.forgerock.oauth2.core.exceptions.ClientAuthenticationFailureFactory)
InvocationOnMock(org.mockito.invocation.InvocationOnMock)
InvalidClientException(org.forgerock.oauth2.core.exceptions.InvalidClientException)
BeforeMethod(org.testng.annotations.BeforeMethod)
Example 17 with ClientRegistration
use of org.forgerock.oauth2.core.ClientRegistration in project OpenAM by OpenRock.
the class OAuth2UserApplications method getResourceResponse.
private ResourceResponse getResourceResponse(Context context, String clientId, Iterable<JsonValue> tokens) throws NotFoundException, InvalidClientException, ServerException, InternalServerErrorException {
String realm = getAttributeValue(tokens.iterator().next(), REALM.getOAuthField());
OAuth2ProviderSettings oAuth2ProviderSettings = oAuth2ProviderSettingsFactory.get(context);
ClientRegistration clientRegistration = clientRegistrationStore.get(clientId, realm, context);
Map<String, String> scopeDescriptions = clientRegistration.getScopeDescriptions(getLocale(context));
Map<String, String> scopes = new HashMap<>();
for (JsonValue token : tokens) {
for (String scope : token.get(SCOPE.getOAuthField()).asSet(String.class)) {
if (scopeDescriptions.containsKey(scope)) {
scopes.put(scope, scopeDescriptions.get(scope));
} else {
scopes.put(scope, scope);
}
}
}
String displayName = clientRegistration.getDisplayName(getLocale(context));
String expiryDateTime = calculateExpiryDateTime(tokens, oAuth2ProviderSettings);
JsonValue content = json(object(field("_id", clientId), field("name", displayName), field("scopes", scopes), field("expiryDateTime", expiryDateTime)));
return Responses.newResourceResponse(clientId, String.valueOf(content.getObject().hashCode()), content);
}
Also used :
ClientRegistration(org.forgerock.oauth2.core.ClientRegistration)
HashMap(java.util.HashMap)
JsonValue(org.forgerock.json.JsonValue)
OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)
Example 18 with ClientRegistration
use of org.forgerock.oauth2.core.ClientRegistration in project OpenAM by OpenRock.
the class CheckSessionImpl method getClientSessionURI.
/**
* {@inheritDoc}
*/
public String getClientSessionURI(HttpServletRequest request) throws UnauthorizedClientException, InvalidClientException, NotFoundException {
SignedJwt jwt = getIDToken(request);
if (jwt == null) {
return "";
}
final ClientRegistration clientRegistration = getClientRegistration(jwt);
if (clientRegistration != null && !isJwtValid(jwt, clientRegistration)) {
return "";
}
return clientRegistration.getClientSessionURI();
}
Also used :
ClientRegistration(org.forgerock.oauth2.core.ClientRegistration)
SignedJwt(org.forgerock.json.jose.jws.SignedJwt)
Example 19 with ClientRegistration
use of org.forgerock.oauth2.core.ClientRegistration in project OpenAM by OpenRock.
the class CheckSessionImpl method getValidSession.
/**
* {@inheritDoc}
*/
public boolean getValidSession(HttpServletRequest request) {
SignedJwt jwt = getIDToken(request);
if (jwt == null) {
return false;
}
try {
final ClientRegistration clientRegistration = getClientRegistration(jwt);
if (clientRegistration != null && !isJwtValid(jwt, clientRegistration)) {
return false;
}
String opsId = (String) jwt.getClaimsSet().getClaim(OPS);
if (opsId == null) {
opsId = (String) jwt.getClaimsSet().getClaim(LEGACY_OPS);
}
JsonValue idTokenUserSessionToken = tokenAdapter.fromToken(cts.read(opsId));
String sessionId = idTokenUserSessionToken.get(LEGACY_OPS).asString();
SSOToken ssoToken = ssoTokenManager.createSSOToken(sessionId);
return ssoTokenManager.isValidToken(ssoToken);
} catch (Exception e) {
logger.error("Unable to get the SSO token", e);
return false;
}
}
Also used :
ClientRegistration(org.forgerock.oauth2.core.ClientRegistration)
SSOToken(com.iplanet.sso.SSOToken)
JsonValue(org.forgerock.json.JsonValue)
SignedJwt(org.forgerock.json.jose.jws.SignedJwt)
InvalidClientException(org.forgerock.oauth2.core.exceptions.InvalidClientException)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
UnauthorizedClientException(org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)
Example 20 with ClientRegistration
use of org.forgerock.oauth2.core.ClientRegistration in project OpenAM by OpenRock.
the class CheckSessionImpl method getClientRegistration.
/**
* Gets the Client's registration based from the audience set in the JWT.
*
* @param jwt The JWT.
* @return The Client's registration.
* @throws InvalidClientException If the client's registration is not found.
*/
private ClientRegistration getClientRegistration(Jwt jwt) throws InvalidClientException, NotFoundException {
List<String> clients = jwt.getClaimsSet().getAudience();
final String realm = (String) jwt.getClaimsSet().getClaim(REALM);
if (clients != null && !clients.isEmpty()) {
String client = clients.iterator().next();
ClientRegistration clientRegistration = clientRegistrationStore.get(client, new OAuth2Request() {
public <T> T getRequest() {
throw new UnsupportedOperationException();
}
public <T> T getParameter(String name) {
if (REALM.equals(name)) {
return (T) realm;
}
throw new UnsupportedOperationException();
}
public JsonValue getBody() {
throw new UnsupportedOperationException();
}
public Locale getLocale() {
throw new UnsupportedOperationException();
}
});
return clientRegistration;
}
return null;
}
Also used :
Locale(java.util.Locale)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
ClientRegistration(org.forgerock.oauth2.core.ClientRegistration)
JsonValue(org.forgerock.json.JsonValue)
Aggregations
ClientRegistration (org.forgerock.oauth2.core.ClientRegistration)11
OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)9
ServerException (org.forgerock.oauth2.core.exceptions.ServerException)6
OpenIdConnectClientRegistration (org.forgerock.openidconnect.OpenIdConnectClientRegistration)6
JsonValue (org.forgerock.json.JsonValue)4
Locale (java.util.Locale)3
SignedJwt (org.forgerock.json.jose.jws.SignedJwt)3
InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)3
NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)3
UnauthorizedClientException (org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)3
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)3
BeforeMethod (org.testng.annotations.BeforeMethod)3
SSOToken (com.iplanet.sso.SSOToken)2
HashMap (java.util.HashMap)2
AccessToken (org.forgerock.oauth2.core.AccessToken)2
ClientRegistrationStore (org.forgerock.oauth2.core.ClientRegistrationStore)2
ClientAuthenticationFailureFactory (org.forgerock.oauth2.core.exceptions.ClientAuthenticationFailureFactory)2
InvalidRequestException (org.forgerock.oauth2.core.exceptions.InvalidRequestException)2
AMHashMap (com.iplanet.am.sdk.AMHashMap)1
SSOException (com.iplanet.sso.SSOException)1
