Examples with Token org.forgerock.oauth2.core.Token used on opensource projects

Example 36 with Token

use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.

the class UmaTokenStore method deleteRPT.

public void deleteRPT(String id) throws NotFoundException, ServerException {
    try {
        // check token is RPT
        readRPT(id);
        cts.delete(id);
    } catch (CoreTokenException e) {
        throw new ServerException("Could not delete token: " + id);
    }
}

Example 37 with Token

use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.

the class UmaTokenStore method readToken.

public UmaToken readToken(String ticketId, JavaBeanAdapter<? extends UmaToken> adapter) throws NotFoundException {
    try {
        Token token = cts.read(ticketId);
        if (token == null) {
            throw new NotFoundException("No valid ticket exists with ticketId");
        }
        UmaToken ticket = adapter.fromToken(token);
        if (!realm.equals(ticket.getRealm())) {
            throw new NotFoundException("No valid ticket exists with ticketId in the realm, " + realm);
        }
        return ticket;
    } catch (CoreTokenException e) {
        throw new NotFoundException("No valid ticket exists with ticketId");
    }
}

Example 38 with Token

use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.

the class RestletHeaderAccessTokenVerifierTest method shouldCheckExpired.

@Test
public void shouldCheckExpired() throws Exception {
    // Given
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.CUSTOM, "foo", "bar");
    challengeResponse.setRawValue("freddy");
    Request request = new Request();
    request.setChallengeResponse(challengeResponse);
    OAuth2Request req = new RestletOAuth2Request(null, request);
    AccessToken token = new AccessToken(json(object()), "access_token", "freddy") {

        @Override
        public boolean isExpired() {
            return true;
        }
    };
    when(tokenStore.readAccessToken(req, "freddy")).thenReturn(token);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isFalse();
    verify(tokenStore).readAccessToken(req, "freddy");
}

Example 39 with Token

use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.

the class RestletHeaderAccessTokenVerifierTest method shouldCheckValid.

@Test
public void shouldCheckValid() throws Exception {
    // Given
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.CUSTOM, "foo", "bar");
    challengeResponse.setRawValue("freddy");
    Request request = new Request();
    request.setChallengeResponse(challengeResponse);
    OAuth2Request req = new RestletOAuth2Request(null, request);
    AccessToken token = new AccessToken(json(object()), "access_token", "freddy") {

        @Override
        public boolean isExpired() {
            return false;
        }
    };
    when(tokenStore.readAccessToken(req, "freddy")).thenReturn(token);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isTrue();
    assertThat(result.getTokenId()).isEqualTo("freddy");
    verify(tokenStore).readAccessToken(req, "freddy");
}

Example 40 with Token

use of org.forgerock.oauth2.core.Token in project OpenAM by OpenRock.

the class OAuth2RouterProvider method get.

@Override
public Router get() {
    final Router router = new RestletRealmRouter(realmValidator, coreWrapper);
    // Standard OAuth2 endpoints
    router.attach("/authorize", auditWithOAuthFilter(new AuthorizeEndpointFilter(wrap(AuthorizeResource.class), jacksonRepresentationFactory)));
    router.attach("/access_token", auditWithOAuthFilter(new TokenEndpointFilter(new AccessTokenFlowFinder(), jacksonRepresentationFactory), formAuditor(RESPONSE_TYPE, GRANT_TYPE, CLIENT_ID, USERNAME, SCOPE, REDIRECT_URI), jacksonAuditor(SCOPE, TOKEN_TYPE)));
    router.attach("/tokeninfo", auditWithOAuthFilter(wrap(ValidationServerResource.class), noBodyAuditor(), jacksonAuditor(SCOPE, TOKEN_TYPE)));
    // OAuth 2.0 Token Introspection Endpoint
    router.attach("/introspect", auditWithOAuthFilter(wrap(TokenIntrospectionResource.class), formAuditor(TOKEN_TYPE_HINT), jsonAuditor(SCOPE, TOKEN_TYPE, CLIENT_ID, USERNAME, ACTIVE)));
    // OpenID Connect endpoints
    router.attach("/connect/register", auditWithOAuthFilter(wrap(ConnectClientRegistration.class), jsonAuditor(CLIENT_NAME.getType(), APPLICATION_TYPE.getType(), REDIRECT_URIS.getType()), jacksonAuditor(CLIENT_ID, CLIENT_NAME.getType(), APPLICATION_TYPE.getType(), REDIRECT_URIS.getType())));
    router.attach("/userinfo", auditWithOAuthFilter(wrap(UserInfo.class)));
    router.attach("/connect/endSession", auditWithOAuthFilter(wrap(EndSession.class)));
    router.attach("/connect/jwk_uri", auditWithOAuthFilter(wrap(OpenIDConnectJWKEndpoint.class)));
    // Resource Set Registration
    Restlet resourceSetRegistrationEndpoint = auditWithOAuthFilter(getRestlet(OAuth2Constants.Custom.RSR_ENDPOINT), jsonAuditor(NAME, SCOPES), jacksonAuditor("_id"));
    router.attach("/resource_set/{rsid}", resourceSetRegistrationEndpoint);
    router.attach("/resource_set", resourceSetRegistrationEndpoint);
    router.attach("/resource_set/", resourceSetRegistrationEndpoint);
    // OpenID Connect Discovery
    router.attach("/.well-known/openid-configuration", auditWithOAuthFilter(wrap(OpenIDConnectConfiguration.class)));
    // OAuth 2 Device Flow
    router.attach("/device/user", auditWithOAuthFilter(wrap(DeviceCodeVerificationResource.class)));
    router.attach("/device/code", auditWithOAuthFilter(wrap(DeviceCodeResource.class), formAuditor(RESPONSE_TYPE, GRANT_TYPE, CLIENT_ID, SCOPE), noBodyAuditor()));
    return router;
}