Example 91 with OAuth2Request
use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.
the class AuthorizeResource method authorize.
/**
* Handles GET requests to the OAuth2 authorize endpoint.
* <br/>
* This method will be called when a client has requested a resource owner grants it authorization to access a
* resource.
*
* @return The body to be sent in the response to the user agent.
* @throws OAuth2RestletException If a OAuth2 error occurs whilst processing the authorization request.
*/
@Get
public Representation authorize() throws OAuth2RestletException {
final OAuth2Request request = requestFactory.create(getRequest());
for (AuthorizeRequestHook hook : hooks) {
hook.beforeAuthorizeHandling(request, getRequest(), getResponse());
}
try {
final AuthorizationToken authorizationToken = authorizationService.authorize(request);
final String redirectUri = getQueryValue("redirect_uri");
Representation response = representation.toRepresentation(getContext(), getRequest(), getResponse(), authorizationToken, redirectUri);
for (AuthorizeRequestHook hook : hooks) {
hook.afterAuthorizeSuccess(request, getRequest(), getResponse());
}
return response;
} catch (IllegalArgumentException e) {
if (e.getMessage().contains("client_id")) {
throw new OAuth2RestletException(400, "invalid_request", e.getMessage(), request.<String>getParameter("state"));
}
throw new OAuth2RestletException(400, "invalid_request", e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"));
} catch (ResourceOwnerAuthenticationRequired e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), e.getRedirectUri().toString(), null);
} catch (ResourceOwnerConsentRequired e) {
return representation.getRepresentation(getContext(), request, "authorize.ftl", getDataModel(e, request));
} catch (InvalidClientException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (RedirectUriMismatchException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"), e.getParameterLocation());
}
}
Also used :
ResourceOwnerAuthenticationRequired(org.forgerock.oauth2.core.exceptions.ResourceOwnerAuthenticationRequired)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
AuthorizationToken(org.forgerock.oauth2.core.AuthorizationToken)
RedirectUriMismatchException(org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException)
ResourceOwnerConsentRequired(org.forgerock.oauth2.core.exceptions.ResourceOwnerConsentRequired)
InvalidClientException(org.forgerock.oauth2.core.exceptions.InvalidClientException)
Representation(org.restlet.representation.Representation)
OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception)
Get(org.restlet.resource.Get)
Example 92 with OAuth2Request
use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.
the class AuthorizeResource method authorize.
/**
* Handles POST requests to the OAuth2 authorize endpoint.
* <br/>
* This method will be called when a user has given their consent for an authorization request.
*
* @param entity The entity on the request.
* @return The body to be sent in the response to the user agent.
* @throws OAuth2RestletException If a OAuth2 error occurs whilst processing the authorization request.
*/
@Post
public Representation authorize(Representation entity) throws OAuth2RestletException {
final OAuth2Request request = requestFactory.create(getRequest());
for (AuthorizeRequestHook hook : hooks) {
hook.beforeAuthorizeHandling(request, getRequest(), getResponse());
}
final boolean consentGiven = "allow".equalsIgnoreCase(request.<String>getParameter("decision"));
final boolean saveConsent = "on".equalsIgnoreCase(request.<String>getParameter("save_consent"));
try {
final AuthorizationToken authorizationToken = authorizationService.authorize(request, consentGiven, saveConsent);
final String redirectUri = request.getParameter("redirect_uri");
Representation response = representation.toRepresentation(getContext(), getRequest(), getResponse(), authorizationToken, redirectUri);
for (AuthorizeRequestHook hook : hooks) {
hook.afterAuthorizeSuccess(request, getRequest(), getResponse());
}
return response;
} catch (ResourceOwnerAuthenticationRequired e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), e.getRedirectUri().toString(), null);
} catch (InvalidClientException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (RedirectUriMismatchException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"), e.getParameterLocation());
}
}
Also used :
ResourceOwnerAuthenticationRequired(org.forgerock.oauth2.core.exceptions.ResourceOwnerAuthenticationRequired)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
AuthorizationToken(org.forgerock.oauth2.core.AuthorizationToken)
RedirectUriMismatchException(org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException)
InvalidClientException(org.forgerock.oauth2.core.exceptions.InvalidClientException)
Representation(org.restlet.representation.Representation)
OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception)
Post(org.restlet.resource.Post)
Example 93 with OAuth2Request
use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.
the class OAuth2Representation method getRepresentation.
/**
* Gets the appropriate representation to send to the user agent based from the specified parameters.
*
* @param context The Restlet context.
* @param templateName The name of the template to display.
* @param dataModel The data model to display on the page.
* @return A representation of the page to send to the user agent.
*/
Representation getRepresentation(Context context, OAuth2Request request, String templateName, Map<String, Object> dataModel) {
final String display = request.getParameter("display");
OAuth2Constants.DisplayType displayType = OAuth2Constants.DisplayType.PAGE;
if (!isEmpty(display)) {
displayType = Enum.valueOf(OAuth2Constants.DisplayType.class, display.toUpperCase());
}
final Representation representation;
if (display != null && display.equalsIgnoreCase("popup")) {
Representation popup = getRepresentation(context, displayType.getFolder(), "authorize.ftl", dataModel);
try {
dataModel.put("htmlCode", popup.getText());
} catch (IOException e) {
logger.error("Server can not serve the content of authorization page");
throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Server can not serve the content of authorization page");
}
representation = getRepresentation(context, displayType.getFolder(), "popup.ftl", dataModel);
} else {
representation = getRepresentation(context, displayType.getFolder(), templateName, dataModel);
}
if (representation != null) {
return representation;
}
logger.error("Server can not serve the content of authorization page");
throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Server can not serve the content of authorization page");
}
Also used :
OAuth2Constants(org.forgerock.oauth2.core.OAuth2Constants)
TemplateRepresentation(org.restlet.ext.freemarker.TemplateRepresentation)
Representation(org.restlet.representation.Representation)
ResourceException(org.restlet.resource.ResourceException)
IOException(java.io.IOException)
Example 94 with OAuth2Request
use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.
the class RestletFormBodyAccessTokenVerifier method obtainTokenId.
/**
* {@inheritDoc}
*/
protected String obtainTokenId(OAuth2Request request) {
final Request req = request.getRequest();
final Representation body = req.getEntity();
if (body == null || !MediaType.APPLICATION_WWW_FORM.equals(body.getMediaType())) {
logger.debug("Request does not contain form.");
return null;
}
Form formBody = new Form(body);
if (!formBody.getNames().contains(OAuth2Constants.Params.ACCESS_TOKEN)) {
logger.debug("Request form does not contain access_token.");
return null;
}
return formBody.getFirstValue(OAuth2Constants.Params.ACCESS_TOKEN);
}
Also used :
Form(org.restlet.data.Form)
Request(org.restlet.Request)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
Representation(org.restlet.representation.Representation)
Example 95 with OAuth2Request
use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.
the class OAuth2FlowFinder method create.
/**
* Creates a new instance of the handler for the correct OAuth2 endpoint based from the grant type specified in
* the requests query parameters.
*
* @param request {@inheritDoc}
* @param response {@inheritDoc}
* @return {@inheritDoc}
*/
public ServerResource create(Request request, Response response) {
final OAuth2Request oAuth2Request = requestFactory.create(request);
final String grantType = oAuth2Request.getParameter("grant_type");
if (isEmpty(grantType)) {
logger.error("Type is not set");
return new ErrorResource(exceptionHandler, new InvalidRequestException("Grant type is not set"));
}
Finder finder = endpointClasses.get(grantType);
if (finder == null) {
logger.error("Unsupported grant type: Type is not supported: " + grantType);
return new ErrorResource(exceptionHandler, new UnsupportedGrantTypeException("Grant type is not supported: " + grantType));
}
try {
return finder.create(request, response);
} catch (Exception e) {
logger.warn("Exception while instantiating the target server resource.", e);
return new ErrorResource(exceptionHandler, new ServerException(e.getMessage()));
}
}
Also used :
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
Finder(org.restlet.resource.Finder)
InvalidRequestException(org.forgerock.oauth2.core.exceptions.InvalidRequestException)
UnsupportedGrantTypeException(org.forgerock.oauth2.core.exceptions.UnsupportedGrantTypeException)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
InvalidRequestException(org.forgerock.oauth2.core.exceptions.InvalidRequestException)
UnsupportedGrantTypeException(org.forgerock.oauth2.core.exceptions.UnsupportedGrantTypeException)
Aggregations
OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)73
Test (org.testng.annotations.Test)45
OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)32
Request (org.restlet.Request)31
AccessToken (org.forgerock.oauth2.core.AccessToken)27
ServerException (org.forgerock.oauth2.core.exceptions.ServerException)27
JsonValue (org.forgerock.json.JsonValue)24
ChallengeResponse (org.restlet.data.ChallengeResponse)17
AccessTokenVerifier (org.forgerock.oauth2.core.AccessTokenVerifier)13
NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)11
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)11
HashMap (java.util.HashMap)10
HashSet (java.util.HashSet)10
InvalidGrantException (org.forgerock.oauth2.core.exceptions.InvalidGrantException)10
UnauthorizedClientException (org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)10
Response (org.restlet.Response)10
ClientRegistration (org.forgerock.oauth2.core.ClientRegistration)9
OAuth2Exception (org.forgerock.oauth2.core.exceptions.OAuth2Exception)9
DeviceCode (org.forgerock.oauth2.core.DeviceCode)8
InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)8
