Example 6 with UmaPermission
use of org.gluu.oxauth.model.uma.persistence.UmaPermission in project oxAuth by GluuFederation.
the class UmaPermissionService method changeTicket.
public String changeTicket(List<UmaPermission> permissions, Map<String, String> attributes) {
String newTicket = generateNewTicket();
for (UmaPermission permission : permissions) {
ldapEntryManager.remove(permission);
String dn = String.format("oxTicket=%s,%s", newTicket, StringUtils.substringAfter(permission.getDn(), ","));
permission.setTicket(newTicket);
permission.setDn(dn);
permission.setAttributes(attributes);
ldapEntryManager.persist(permission);
log.trace("New ticket: " + newTicket + ", old permission: " + dn);
}
return newTicket;
}
Also used :
UmaPermission(org.gluu.oxauth.model.uma.persistence.UmaPermission)
Example 7 with UmaPermission
use of org.gluu.oxauth.model.uma.persistence.UmaPermission in project oxAuth by GluuFederation.
the class CleanerTimerTest method umaPermission_whichIsExpiredAndDeletable_MustBeRemoved.
@Test
public void umaPermission_whichIsExpiredAndDeletable_MustBeRemoved() throws StringEncrypter.EncryptionException {
final Client client = createClient();
clientService.persist(client);
final String ticket = UUID.randomUUID().toString();
// 1. create permission
UmaPermission permission = new UmaPermission();
permission.setTicket(ticket);
permission.setConfigurationCode(UUID.randomUUID().toString());
permission.setResourceId(UUID.randomUUID().toString());
umaPermissionService.addPermission(permission, client.getDn());
// 2. permission exists
assertNotNull(umaPermissionService.getPermissionsByTicket(ticket).get(0));
// 3. clean up
cleanerTimer.processImpl();
cacheService.clear();
// 4. permission exists
assertNotNull(umaPermissionService.getPermissionsByTicket(ticket).get(0));
final Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.MINUTE, -10);
permission.setExpirationDate(calendar.getTime());
umaPermissionService.merge(permission);
// 5. clean up
cleanerTimer.processImpl();
cacheService.clear();
// 6. no permission in persistence
final List<UmaPermission> permissionsByTicket = umaPermissionService.getPermissionsByTicket(ticket);
assertTrue(permissionsByTicket.isEmpty());
}
Also used :
UmaPermission(org.gluu.oxauth.model.uma.persistence.UmaPermission)
Client(org.gluu.oxauth.model.registration.Client)
Test(org.testng.annotations.Test)
BaseComponentTest(org.gluu.oxauth.BaseComponentTest)
Example 8 with UmaPermission
use of org.gluu.oxauth.model.uma.persistence.UmaPermission in project oxAuth by GluuFederation.
the class UmaTokenService method addPctToPermissions.
private void addPctToPermissions(List<UmaPermission> permissions, UmaPCT pct) {
for (UmaPermission p : permissions) {
p.getAttributes().put(UmaPermission.PCT, pct.getCode());
permissionService.mergeSilently(p);
}
}
Also used :
UmaPermission(org.gluu.oxauth.model.uma.persistence.UmaPermission)
Example 9 with UmaPermission
use of org.gluu.oxauth.model.uma.persistence.UmaPermission in project oxAuth by GluuFederation.
the class UmaTokenService method updatePermissionsWithClientRequestedScope.
private void updatePermissionsWithClientRequestedScope(List<UmaPermission> permissions, Map<Scope, Boolean> scopes) {
log.trace("Updating permissions with requested scopes ...");
for (UmaPermission permission : permissions) {
Set<String> scopeDns = new HashSet<>(permission.getScopeDns());
for (Map.Entry<Scope, Boolean> entry : scopes.entrySet()) {
log.trace("Updating permissions with scope: " + entry.getKey().getId() + ", isRequestedScope: " + entry.getValue() + ", permisson: " + permission.getDn());
scopeDns.add(entry.getKey().getDn());
}
permission.setScopeDns(new ArrayList<>(scopeDns));
}
}
Also used :
Scope(org.oxauth.persistence.model.Scope)
UmaPermission(org.gluu.oxauth.model.uma.persistence.UmaPermission)
Example 10 with UmaPermission
use of org.gluu.oxauth.model.uma.persistence.UmaPermission in project oxAuth by GluuFederation.
the class UmaRptService method buildPermissionsJSONObject.
public JSONArray buildPermissionsJSONObject(List<UmaPermission> permissions) throws IOException, JSONException {
List<org.gluu.oxauth.model.uma.UmaPermission> result = new ArrayList<>();
for (UmaPermission permission : permissions) {
permission.checkExpired();
permission.isValid();
if (permission.isValid()) {
final org.gluu.oxauth.model.uma.UmaPermission toAdd = ServerUtil.convert(permission, umaScopeService);
if (toAdd != null) {
result.add(toAdd);
}
} else {
log.debug("Ignore permission, skip it in response because permission is not valid. Permission dn: {}", permission.getDn());
}
}
final String json = ServerUtil.asJson(result);
return new JSONArray(json);
}
Also used :
JSONArray(org.json.JSONArray)
UmaPermission(org.gluu.oxauth.model.uma.persistence.UmaPermission)
Aggregations
UmaPermission (org.gluu.oxauth.model.uma.persistence.UmaPermission)10
Scope (org.oxauth.persistence.model.Scope)3
Client (org.gluu.oxauth.model.registration.Client)2
URI (java.net.URI)1
WebApplicationException (javax.ws.rs.WebApplicationException)1
CustomScriptConfiguration (org.gluu.model.custom.script.conf.CustomScriptConfiguration)1
BaseComponentTest (org.gluu.oxauth.BaseComponentTest)1
ExecutionContext (org.gluu.oxauth.model.common.ExecutionContext)1
SessionId (org.gluu.oxauth.model.common.SessionId)1
Jwt (org.gluu.oxauth.model.jwt.Jwt)1
RptIntrospectionResponse (org.gluu.oxauth.model.uma.RptIntrospectionResponse)1
UmaTokenResponse (org.gluu.oxauth.model.uma.UmaTokenResponse)1
ExternalUmaRptClaimsContext (org.gluu.oxauth.service.external.context.ExternalUmaRptClaimsContext)1
UmaGatherContext (org.gluu.oxauth.uma.authorization.UmaGatherContext)1
UmaPCT (org.gluu.oxauth.uma.authorization.UmaPCT)1
UmaRPT (org.gluu.oxauth.uma.authorization.UmaRPT)1
UmaWebException (org.gluu.oxauth.uma.authorization.UmaWebException)1
JSONArray (org.json.JSONArray)1
JSONObject (org.json.JSONObject)1
Function (org.python.google.common.base.Function)1
