Examples with Token org.forgerock.oauth2.core.Token used on opensource projects

Example 66 with Token

use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.

the class OAuth2AuditAccessTokenContextProvider method retrieveAccessTokenFromRequest.

private AccessToken retrieveAccessTokenFromRequest(Request request) {
    AccessToken token;
    token = requestFactory.create(request).getToken(AccessToken.class);
    return token;
}

Example 67 with Token

use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.

the class OAuth2AuditAccessTokenContextProvider method retrieveAccessTokenFromChallengeResponse.

private AccessToken retrieveAccessTokenFromChallengeResponse(Request request) {
    AccessToken token;
    ChallengeResponse challengeResponse = request.getChallengeResponse();
    if (challengeResponse == null) {
        return null;
    }
    String bearerToken = challengeResponse.getRawValue();
    if ("undefined".equals(bearerToken)) {
        return null;
    }
    OAuth2Request oAuth2Request = requestFactory.create(request);
    try {
        token = tokenStore.readAccessToken(oAuth2Request, bearerToken);
    } catch (ServerException | InvalidGrantException | NotFoundException e) {
        return null;
    }
    return token;
}

Example 68 with Token

use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.

the class IdTokenClaimGatherer method getRequestingPartyId.

@Override
public String getRequestingPartyId(OAuth2Request oAuth2Request, AccessToken authorizationApiToken, JsonValue claimToken) {
    try {
        SignedJwt idToken = jwtReconstruction.reconstructJwt(claimToken.asString(), SignedJwt.class);
        OAuth2ProviderSettings oAuth2ProviderSettings = oauth2ProviderSettingsFactory.get(oAuth2Request);
        OAuth2Uris oAuth2Uris = oAuth2UrisFactory.get(oAuth2Request);
        byte[] clientSecret = clientRegistrationStore.get(authorizationApiToken.getClientId(), oAuth2Request).getClientSecret().getBytes(Utils.CHARSET);
        KeyPair keyPair = oAuth2ProviderSettings.getServerKeyPair();
        if (!idToken.getClaimsSet().getIssuer().equals(oAuth2Uris.getIssuer())) {
            logger.warn("Issuer of id token, {0}, does not match issuer of authorization server, {1}.", idToken.getClaimsSet().getIssuer(), oAuth2Uris.getIssuer());
            return null;
        }
        if (!verify(clientSecret, keyPair, idToken)) {
            logger.warn("Signature of id token is invalid.");
            return null;
        }
        return idToken.getClaimsSet().getSubject();
    } catch (InvalidClientException e) {
        logger.error("Failed to find client", e);
        return null;
    } catch (NotFoundException | ServerException e) {
        logger.error("Failed to find OAuth2 settings", e);
        return null;
    }
}

Example 69 with Token

use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.

the class UmaTokenStore method deleteRPT.

public void deleteRPT(String id) throws NotFoundException, ServerException {
    try {
        // check token is RPT
        readRPT(id);
        cts.delete(id);
    } catch (CoreTokenException e) {
        throw new ServerException("Could not delete token: " + id);
    }
}

Example 70 with Token

use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.

the class UmaTokenStore method readToken.

public UmaToken readToken(String ticketId, JavaBeanAdapter<? extends UmaToken> adapter) throws NotFoundException {
    try {
        Token token = cts.read(ticketId);
        if (token == null) {
            throw new NotFoundException("No valid ticket exists with ticketId");
        }
        UmaToken ticket = adapter.fromToken(token);
        if (!realm.equals(ticket.getRealm())) {
            throw new NotFoundException("No valid ticket exists with ticketId in the realm, " + realm);
        }
        return ticket;
    } catch (CoreTokenException e) {
        throw new NotFoundException("No valid ticket exists with ticketId");
    }
}