use of org.glassfish.jersey.client.oauth1.AccessToken in project vertx-auth by vert-x3.
the class ClientImpl method getToken.
/**
* Returns the Access Token object.
*
* @param params - scope: A String that represents the application privileges.
* @param handler - The handler returning the results.
*/
@Override
public void getToken(JsonObject params, Handler<AsyncResult<AccessToken>> handler) {
getToken("client_credentials", params, res -> {
if (res.failed()) {
handler.handle(Future.failedFuture(res.cause()));
return;
}
AccessToken token;
try {
token = new OAuth2TokenImpl(provider, res.result());
} catch (RuntimeException e) {
handler.handle(Future.failedFuture(e));
return;
}
handler.handle(Future.succeededFuture(token));
});
}
use of org.glassfish.jersey.client.oauth1.AccessToken in project vertx-auth by vert-x3.
the class OAuth2AccessTokenTest method shouldRevokeAToken.
@Test
public void shouldRevokeAToken() {
config = oauthConfig;
oauth2.authenticate(tokenConfig, res -> {
if (res.failed()) {
fail(res.cause().getMessage());
} else {
AccessToken token = (AccessToken) res.result();
// refresh the token
config = revokeConfig;
token.revoke("refresh_token", v -> {
if (v.failed()) {
fail(v.cause().getMessage());
} else {
testComplete();
}
});
}
});
await();
}
use of org.glassfish.jersey.client.oauth1.AccessToken in project vertx-auth by vert-x3.
the class OAuth2AccessTokenTest method whenRefreshingTokenShouldGetNewAccessToken.
@Test
public void whenRefreshingTokenShouldGetNewAccessToken() {
config = oauthConfig;
oauth2.authenticate(tokenConfig, res -> {
if (res.failed()) {
fail(res.cause().getMessage());
} else {
AccessToken token = (AccessToken) res.result();
final long origTTl = token.principal().getLong("expires_at");
// refresh the token
config = refreshConfig;
token.refresh(v -> {
if (v.failed()) {
fail(v.cause().getMessage());
} else {
assertTrue(origTTl < token.principal().getLong("expires_at"));
testComplete();
}
});
}
});
await();
}
use of org.glassfish.jersey.client.oauth1.AccessToken in project workbench by all-of-us.
the class DelegatedUserCredentials method refreshAccessToken.
@Override
public AccessToken refreshAccessToken() throws IOException {
// The first step is to call the IamCredentials API to generate a signed JWT with the
// appropriate claims. This call is authorized with application default credentials (ADCs). The
// ADC service account may be different from `serviceAccountEmail` if the ADC account has the
// roles/iam.serviceAccountTokenCreator role on the `serviceAccountEmail` account.
SignJwtRequest jwtRequest = SignJwtRequest.newBuilder().setName(String.format(SERVICE_ACCOUNT_NAME_FORMAT, serviceAccountEmail)).setPayload(JSON_FACTORY.toString(createJwtPayload())).build();
String jwt = credentialsClient.signJwt(jwtRequest).getSignedJwt();
// With the signed JWT in hand, we call Google's OAuth2 token server to exchange the JWT for
// an access token.
TokenRequest tokenRequest = new TokenRequest(httpTransport, JSON_FACTORY, new GenericUrl(GoogleOAuthConstants.TOKEN_SERVER_URL), JWT_BEARER_GRANT_TYPE);
tokenRequest.put("assertion", jwt);
TokenResponse tokenResponse = tokenRequest.execute();
return new AccessToken(tokenResponse.getAccessToken(), Date.from(Instant.now(clock).plusSeconds(tokenResponse.getExpiresInSeconds())));
}
use of org.glassfish.jersey.client.oauth1.AccessToken in project spring-cloud-config by spring-cloud.
the class GoogleSecretManagerV1AccessStrategy method checkRemotePermissions.
@Override
public Boolean checkRemotePermissions() {
CloudResourceManager service = null;
try {
AccessToken accessToken = new AccessToken(getAccessToken(), null);
GoogleCredentials credential = new GoogleCredentials(accessToken);
HttpRequestInitializer requestInitializer = new HttpCredentialsAdapter(credential);
service = new CloudResourceManager.Builder(GoogleNetHttpTransport.newTrustedTransport(), JacksonFactory.getDefaultInstance(), requestInitializer).setApplicationName(APPLICATION_NAME).build();
List<String> permissionsList = Arrays.asList(ACCESS_SECRET_PERMISSION);
TestIamPermissionsRequest requestBody = new TestIamPermissionsRequest().setPermissions(permissionsList);
TestIamPermissionsResponse testIamPermissionsResponse = service.projects().testIamPermissions(getProjectId(), requestBody).execute();
if (testIamPermissionsResponse.getPermissions() != null && testIamPermissionsResponse.size() >= 1) {
return Boolean.TRUE;
} else {
logger.warn("Access token has no permissions to access secrets in project");
return Boolean.FALSE;
}
} catch (Exception e) {
logger.info("Unable to check token permissions", e);
return Boolean.FALSE;
}
}
Aggregations