Example 1 with TokenEndpointFilter
use of org.forgerock.oauth2.restlet.TokenEndpointFilter in project OpenAM by OpenRock.
the class OAuth2RouterProvider method get.
@Override
public Router get() {
final Router router = new RestletRealmRouter(realmValidator, coreWrapper);
// Standard OAuth2 endpoints
router.attach("/authorize", auditWithOAuthFilter(new AuthorizeEndpointFilter(wrap(AuthorizeResource.class), jacksonRepresentationFactory)));
router.attach("/access_token", auditWithOAuthFilter(new TokenEndpointFilter(new AccessTokenFlowFinder(), jacksonRepresentationFactory), formAuditor(RESPONSE_TYPE, GRANT_TYPE, CLIENT_ID, USERNAME, SCOPE, REDIRECT_URI), jacksonAuditor(SCOPE, TOKEN_TYPE)));
router.attach("/tokeninfo", auditWithOAuthFilter(wrap(ValidationServerResource.class), noBodyAuditor(), jacksonAuditor(SCOPE, TOKEN_TYPE)));
// OAuth 2.0 Token Introspection Endpoint
router.attach("/introspect", auditWithOAuthFilter(wrap(TokenIntrospectionResource.class), formAuditor(TOKEN_TYPE_HINT), jsonAuditor(SCOPE, TOKEN_TYPE, CLIENT_ID, USERNAME, ACTIVE)));
// OpenID Connect endpoints
router.attach("/connect/register", auditWithOAuthFilter(wrap(ConnectClientRegistration.class), jsonAuditor(CLIENT_NAME.getType(), APPLICATION_TYPE.getType(), REDIRECT_URIS.getType()), jacksonAuditor(CLIENT_ID, CLIENT_NAME.getType(), APPLICATION_TYPE.getType(), REDIRECT_URIS.getType())));
router.attach("/userinfo", auditWithOAuthFilter(wrap(UserInfo.class)));
router.attach("/connect/endSession", auditWithOAuthFilter(wrap(EndSession.class)));
router.attach("/connect/jwk_uri", auditWithOAuthFilter(wrap(OpenIDConnectJWKEndpoint.class)));
// Resource Set Registration
Restlet resourceSetRegistrationEndpoint = auditWithOAuthFilter(getRestlet(OAuth2Constants.Custom.RSR_ENDPOINT), jsonAuditor(NAME, SCOPES), jacksonAuditor("_id"));
router.attach("/resource_set/{rsid}", resourceSetRegistrationEndpoint);
router.attach("/resource_set", resourceSetRegistrationEndpoint);
router.attach("/resource_set/", resourceSetRegistrationEndpoint);
// OpenID Connect Discovery
router.attach("/.well-known/openid-configuration", auditWithOAuthFilter(wrap(OpenIDConnectConfiguration.class)));
// OAuth 2 Device Flow
router.attach("/device/user", auditWithOAuthFilter(wrap(DeviceCodeVerificationResource.class)));
router.attach("/device/code", auditWithOAuthFilter(wrap(DeviceCodeResource.class), formAuditor(RESPONSE_TYPE, GRANT_TYPE, CLIENT_ID, SCOPE), noBodyAuditor()));
return router;
}
Also used :
RestletRealmRouter(org.forgerock.openam.rest.service.RestletRealmRouter)
Restlet(org.restlet.Restlet)
AuthorizeResource(org.forgerock.oauth2.restlet.AuthorizeResource)
AuthorizeEndpointFilter(org.forgerock.oauth2.restlet.AuthorizeEndpointFilter)
RestletRealmRouter(org.forgerock.openam.rest.service.RestletRealmRouter)
Router(org.restlet.routing.Router)
TokenEndpointFilter(org.forgerock.oauth2.restlet.TokenEndpointFilter)
AccessTokenFlowFinder(org.forgerock.oauth2.restlet.AccessTokenFlowFinder)
Aggregations
AccessTokenFlowFinder (org.forgerock.oauth2.restlet.AccessTokenFlowFinder)1
AuthorizeEndpointFilter (org.forgerock.oauth2.restlet.AuthorizeEndpointFilter)1
AuthorizeResource (org.forgerock.oauth2.restlet.AuthorizeResource)1
TokenEndpointFilter (org.forgerock.oauth2.restlet.TokenEndpointFilter)1
RestletRealmRouter (org.forgerock.openam.rest.service.RestletRealmRouter)1
Restlet (org.restlet.Restlet)1
Router (org.restlet.routing.Router)1
