Example 1 with RefreshToken
use of org.forgerock.oauth2.core.RefreshToken in project OpenAM by OpenRock.
the class TokenResource method getExpiryDate.
private String getExpiryDate(JsonValue token, Context context) throws CoreTokenException, InternalServerErrorException, NotFoundException {
OAuth2ProviderSettings oAuth2ProviderSettings;
final String realm = getAttributeValue(token, "realm");
try {
oAuth2ProviderSettings = oAuth2ProviderSettingsFactory.get(realm);
} catch (org.forgerock.oauth2.core.exceptions.NotFoundException e) {
throw new NotFoundException(e.getMessage());
}
try {
if (token.isDefined("refreshToken")) {
if (oAuth2ProviderSettings.issueRefreshTokensOnRefreshingToken()) {
return getIndefinitelyString(context);
} else {
//Use refresh token expiry
JsonValue refreshToken = tokenStore.read(getAttributeValue(token, "refreshToken"));
long expiryTimeInMilliseconds = Long.parseLong(getAttributeValue(refreshToken, EXPIRE_TIME_KEY));
if (expiryTimeInMilliseconds == -1) {
return getIndefinitelyString(context);
}
return getDateFormat(context).format(new Date(expiryTimeInMilliseconds));
}
} else {
//Use access token expiry
long expiryTimeInMilliseconds = Long.parseLong(getAttributeValue(token, EXPIRE_TIME_KEY));
return getDateFormat(context).format(new Date(expiryTimeInMilliseconds));
}
} catch (ServerException | SMSException | SSOException e) {
throw new InternalServerErrorException(e);
}
}
Also used :
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
SMSException(com.sun.identity.sm.SMSException)
JsonValue(org.forgerock.json.JsonValue)
NotFoundException(org.forgerock.json.resource.NotFoundException)
SSOException(com.iplanet.sso.SSOException)
Date(java.util.Date)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)
Example 2 with RefreshToken
use of org.forgerock.oauth2.core.RefreshToken in project OpenAM by OpenRock.
the class OpenAMTokenStore method readRefreshToken.
/**
* {@inheritDoc}
*/
public RefreshToken readRefreshToken(OAuth2Request request, String tokenId) throws ServerException, InvalidGrantException, NotFoundException {
RefreshToken loaded = request.getToken(RefreshToken.class);
if (loaded != null) {
return loaded;
}
logger.message("Read refresh token");
JsonValue token;
try {
token = tokenStore.read(tokenId);
} catch (CoreTokenException e) {
logger.error("Unable to read refresh token corresponding to id: " + tokenId, e);
throw new ServerException("Could not read token in CTS: " + e.getMessage());
}
if (token == null) {
logger.error("Unable to read refresh token corresponding to id: " + tokenId);
throw new InvalidGrantException("grant is invalid");
}
OpenAMRefreshToken refreshToken = new OpenAMRefreshToken(token);
validateTokenRealm(refreshToken.getRealm(), request);
request.setToken(RefreshToken.class, refreshToken);
return refreshToken;
}
Also used :
RefreshToken(org.forgerock.oauth2.core.RefreshToken)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
JsonValue(org.forgerock.json.JsonValue)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
InvalidGrantException(org.forgerock.oauth2.core.exceptions.InvalidGrantException)
Example 3 with RefreshToken
use of org.forgerock.oauth2.core.RefreshToken in project OpenAM by OpenRock.
the class OAuth2AuditRefreshTokenContextProvider method getTrackingIdFromRefreshTokenFromRequest.
private String getTrackingIdFromRefreshTokenFromRequest(Request request) {
String trackingId = null;
RefreshToken refreshToken = retrieveRefreshTokenFromRequest(request);
if (refreshToken != null) {
trackingId = getTrackingIdFromToken(refreshToken);
}
return trackingId;
}
Also used :
RefreshToken(org.forgerock.oauth2.core.RefreshToken)
Example 4 with RefreshToken
use of org.forgerock.oauth2.core.RefreshToken in project OpenAM by OpenRock.
the class OAuth2AuditRefreshTokenContextProvider method retrieveRefreshTokenFromRequest.
private RefreshToken retrieveRefreshTokenFromRequest(Request request) {
RefreshToken token;
token = requestFactory.create(request).getToken(RefreshToken.class);
return token;
}
Also used :
RefreshToken(org.forgerock.oauth2.core.RefreshToken)
Example 5 with RefreshToken
use of org.forgerock.oauth2.core.RefreshToken in project OpenAM by OpenRock.
the class OpenAMTokenStore method createRefreshToken.
@Override
public RefreshToken createRefreshToken(String grantType, String clientId, String resourceOwnerId, String redirectUri, Set<String> scope, OAuth2Request request, String validatedClaims) throws ServerException, NotFoundException {
final String realm = realmNormaliser.normalise(request.<String>getParameter(REALM));
logger.message("Create refresh token");
OpenIdConnectClientRegistration clientRegistration = getClientRegistration(clientId, request);
final OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
final String id = UUID.randomUUID().toString();
final String auditId = UUID.randomUUID().toString();
final long lifeTime;
if (clientRegistration == null) {
lifeTime = providerSettings.getRefreshTokenLifetime();
} else {
lifeTime = clientRegistration.getRefreshTokenLifeTime(providerSettings);
}
long expiryTime = lifeTime < 0 ? -1 : lifeTime + System.currentTimeMillis();
AuthorizationCode token = request.getToken(AuthorizationCode.class);
String authModules = null;
String acr = null;
if (token != null) {
authModules = token.getAuthModules();
acr = token.getAuthenticationContextClassReference();
}
RefreshToken currentRefreshToken = request.getToken(RefreshToken.class);
if (currentRefreshToken != null) {
authModules = currentRefreshToken.getAuthModules();
acr = currentRefreshToken.getAuthenticationContextClassReference();
}
OpenAMRefreshToken refreshToken = new OpenAMRefreshToken(id, resourceOwnerId, clientId, redirectUri, scope, expiryTime, OAuth2Constants.Bearer.BEARER, OAuth2Constants.Token.OAUTH_REFRESH_TOKEN, grantType, realm, authModules, acr, auditId);
if (!StringUtils.isBlank(validatedClaims)) {
refreshToken.setClaims(validatedClaims);
}
try {
tokenStore.create(refreshToken);
if (auditLogger.isAuditLogEnabled()) {
String[] obs = { "CREATED_REFRESH_TOKEN", refreshToken.toString() };
auditLogger.logAccessMessage("CREATED_REFRESH_TOKEN", obs, null);
}
} catch (CoreTokenException e) {
if (auditLogger.isAuditLogEnabled()) {
String[] obs = { "FAILED_CREATE_REFRESH_TOKEN", refreshToken.toString() };
auditLogger.logErrorMessage("FAILED_CREATE_REFRESH_TOKEN", obs, null);
}
logger.error("Unable to create refresh token: " + refreshToken.getTokenInfo(), e);
throw new ServerException("Could not create token in CTS: " + e.getMessage());
}
request.setToken(RefreshToken.class, refreshToken);
return refreshToken;
}
Also used :
AuthorizationCode(org.forgerock.oauth2.core.AuthorizationCode)
OpenIdConnectClientRegistration(org.forgerock.openidconnect.OpenIdConnectClientRegistration)
RefreshToken(org.forgerock.oauth2.core.RefreshToken)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)
Aggregations
RefreshToken (org.forgerock.oauth2.core.RefreshToken)8
ServerException (org.forgerock.oauth2.core.exceptions.ServerException)5
OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)3
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)3
JsonValue (org.forgerock.json.JsonValue)2
InvalidGrantException (org.forgerock.oauth2.core.exceptions.InvalidGrantException)2
OpenIdConnectClientRegistration (org.forgerock.openidconnect.OpenIdConnectClientRegistration)2
SSOException (com.iplanet.sso.SSOException)1
SMSException (com.sun.identity.sm.SMSException)1
Date (java.util.Date)1
InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)1
NotFoundException (org.forgerock.json.resource.NotFoundException)1
AccessToken (org.forgerock.oauth2.core.AccessToken)1
AuthorizationCode (org.forgerock.oauth2.core.AuthorizationCode)1
OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)1
ClientAuthenticationFailureFactory (org.forgerock.oauth2.core.exceptions.ClientAuthenticationFailureFactory)1
InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)1
NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)1
InvocationOnMock (org.mockito.invocation.InvocationOnMock)1
ChallengeResponse (org.restlet.data.ChallengeResponse)1
