use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.
the class OAuth2AuditAccessTokenContextProvider method retrieveAccessTokenFromRequest.
private AccessToken retrieveAccessTokenFromRequest(Request request) {
AccessToken token;
token = requestFactory.create(request).getToken(AccessToken.class);
return token;
}
use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.
the class OAuth2AuditAccessTokenContextProvider method retrieveAccessTokenFromChallengeResponse.
private AccessToken retrieveAccessTokenFromChallengeResponse(Request request) {
AccessToken token;
ChallengeResponse challengeResponse = request.getChallengeResponse();
if (challengeResponse == null) {
return null;
}
String bearerToken = challengeResponse.getRawValue();
if ("undefined".equals(bearerToken)) {
return null;
}
OAuth2Request oAuth2Request = requestFactory.create(request);
try {
token = tokenStore.readAccessToken(oAuth2Request, bearerToken);
} catch (ServerException | InvalidGrantException | NotFoundException e) {
return null;
}
return token;
}
use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.
the class IdTokenClaimGatherer method getRequestingPartyId.
@Override
public String getRequestingPartyId(OAuth2Request oAuth2Request, AccessToken authorizationApiToken, JsonValue claimToken) {
try {
SignedJwt idToken = jwtReconstruction.reconstructJwt(claimToken.asString(), SignedJwt.class);
OAuth2ProviderSettings oAuth2ProviderSettings = oauth2ProviderSettingsFactory.get(oAuth2Request);
OAuth2Uris oAuth2Uris = oAuth2UrisFactory.get(oAuth2Request);
byte[] clientSecret = clientRegistrationStore.get(authorizationApiToken.getClientId(), oAuth2Request).getClientSecret().getBytes(Utils.CHARSET);
KeyPair keyPair = oAuth2ProviderSettings.getServerKeyPair();
if (!idToken.getClaimsSet().getIssuer().equals(oAuth2Uris.getIssuer())) {
logger.warn("Issuer of id token, {0}, does not match issuer of authorization server, {1}.", idToken.getClaimsSet().getIssuer(), oAuth2Uris.getIssuer());
return null;
}
if (!verify(clientSecret, keyPair, idToken)) {
logger.warn("Signature of id token is invalid.");
return null;
}
return idToken.getClaimsSet().getSubject();
} catch (InvalidClientException e) {
logger.error("Failed to find client", e);
return null;
} catch (NotFoundException | ServerException e) {
logger.error("Failed to find OAuth2 settings", e);
return null;
}
}
use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.
the class UmaTokenStore method deleteRPT.
public void deleteRPT(String id) throws NotFoundException, ServerException {
try {
// check token is RPT
readRPT(id);
cts.delete(id);
} catch (CoreTokenException e) {
throw new ServerException("Could not delete token: " + id);
}
}
use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.
the class UmaTokenStore method readToken.
public UmaToken readToken(String ticketId, JavaBeanAdapter<? extends UmaToken> adapter) throws NotFoundException {
try {
Token token = cts.read(ticketId);
if (token == null) {
throw new NotFoundException("No valid ticket exists with ticketId");
}
UmaToken ticket = adapter.fromToken(token);
if (!realm.equals(ticket.getRealm())) {
throw new NotFoundException("No valid ticket exists with ticketId in the realm, " + realm);
}
return ticket;
} catch (CoreTokenException e) {
throw new NotFoundException("No valid ticket exists with ticketId");
}
}
Aggregations