Search in sources :

Example 1 with OAuth2AccessTokenEntity

use of org.mitre.oauth2.model.OAuth2AccessTokenEntity in project OpenID-Connect-Java-Spring-Server by mitreid-connect.

the class MITREidDataService_1_3 method readAccessTokens.

/**
 * @param reader
 * @throws IOException
 */
/**
 * @param reader
 * @throws IOException
 */
private void readAccessTokens(JsonReader reader) throws IOException {
    reader.beginArray();
    while (reader.hasNext()) {
        OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();
        reader.beginObject();
        Long currentId = null;
        String clientId = null;
        Long authHolderId = null;
        Long refreshTokenId = null;
        while (reader.hasNext()) {
            switch(reader.peek()) {
                case END_OBJECT:
                    continue;
                case NAME:
                    String name = reader.nextName();
                    if (reader.peek() == JsonToken.NULL) {
                        reader.skipValue();
                    } else if (name.equals(ID)) {
                        currentId = reader.nextLong();
                    } else if (name.equals(EXPIRATION)) {
                        Date date = utcToDate(reader.nextString());
                        token.setExpiration(date);
                    } else if (name.equals(VALUE)) {
                        String value = reader.nextString();
                        try {
                            // all tokens are JWTs
                            token.setJwt(JWTParser.parse(value));
                        } catch (ParseException ex) {
                            logger.error("Unable to set refresh token value to {}", value, ex);
                        }
                    } else if (name.equals(CLIENT_ID)) {
                        clientId = reader.nextString();
                    } else if (name.equals(AUTHENTICATION_HOLDER_ID)) {
                        authHolderId = reader.nextLong();
                    } else if (name.equals(REFRESH_TOKEN_ID)) {
                        refreshTokenId = reader.nextLong();
                    } else if (name.equals(SCOPE)) {
                        Set<String> scope = readSet(reader);
                        token.setScope(scope);
                    } else if (name.equals(TYPE)) {
                        token.setTokenType(reader.nextString());
                    } else {
                        logger.debug("Found unexpected entry");
                        reader.skipValue();
                    }
                    break;
                default:
                    logger.debug("Found unexpected entry");
                    reader.skipValue();
                    continue;
            }
        }
        reader.endObject();
        Long newId = tokenRepository.saveAccessToken(token).getId();
        maps.getAccessTokenToClientRefs().put(currentId, clientId);
        maps.getAccessTokenToAuthHolderRefs().put(currentId, authHolderId);
        if (refreshTokenId != null) {
            maps.getAccessTokenToRefreshTokenRefs().put(currentId, refreshTokenId);
        }
        maps.getAccessTokenOldToNewIdMap().put(currentId, newId);
        logger.debug("Read access token {}", currentId);
    }
    reader.endArray();
    logger.info("Done reading access tokens");
}
Also used : JWKSet(com.nimbusds.jose.jwk.JWKSet) Set(java.util.Set) JsonUtils.readSet(org.mitre.util.JsonUtils.readSet) HashSet(java.util.HashSet) OAuth2AccessTokenEntity(org.mitre.oauth2.model.OAuth2AccessTokenEntity) ParseException(java.text.ParseException) Date(java.util.Date)

Example 2 with OAuth2AccessTokenEntity

use of org.mitre.oauth2.model.OAuth2AccessTokenEntity in project OpenID-Connect-Java-Spring-Server by mitreid-connect.

the class MITREidDataService_1_3 method writeAccessTokens.

/**
 * @param writer
 */
private void writeAccessTokens(JsonWriter writer) throws IOException {
    for (OAuth2AccessTokenEntity token : tokenRepository.getAllAccessTokens()) {
        writer.beginObject();
        writer.name(ID).value(token.getId());
        writer.name(EXPIRATION).value(toUTCString(token.getExpiration()));
        writer.name(CLIENT_ID).value((token.getClient() != null) ? token.getClient().getClientId() : null);
        writer.name(AUTHENTICATION_HOLDER_ID).value((token.getAuthenticationHolder() != null) ? token.getAuthenticationHolder().getId() : null);
        writer.name(REFRESH_TOKEN_ID).value((token.getRefreshToken() != null) ? token.getRefreshToken().getId() : null);
        writer.name(SCOPE);
        writer.beginArray();
        for (String s : token.getScope()) {
            writer.value(s);
        }
        writer.endArray();
        writer.name(TYPE).value(token.getTokenType());
        writer.name(VALUE).value(token.getValue());
        writer.endObject();
        logger.debug("Wrote access token {}", token.getId());
    }
    logger.info("Done writing access tokens");
}
Also used : OAuth2AccessTokenEntity(org.mitre.oauth2.model.OAuth2AccessTokenEntity)

Example 3 with OAuth2AccessTokenEntity

use of org.mitre.oauth2.model.OAuth2AccessTokenEntity in project OpenID-Connect-Java-Spring-Server by mitreid-connect.

the class MITREidDataService_1_3 method fixObjectReferences.

private void fixObjectReferences() {
    logger.info("Fixing object references...");
    for (Long oldRefreshTokenId : maps.getRefreshTokenToClientRefs().keySet()) {
        String clientRef = maps.getRefreshTokenToClientRefs().get(oldRefreshTokenId);
        ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
        Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
        OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
        refreshToken.setClient(client);
        tokenRepository.saveRefreshToken(refreshToken);
    }
    for (Long oldRefreshTokenId : maps.getRefreshTokenToAuthHolderRefs().keySet()) {
        Long oldAuthHolderId = maps.getRefreshTokenToAuthHolderRefs().get(oldRefreshTokenId);
        Long newAuthHolderId = maps.getAuthHolderOldToNewIdMap().get(oldAuthHolderId);
        AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
        Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
        OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
        refreshToken.setAuthenticationHolder(authHolder);
        tokenRepository.saveRefreshToken(refreshToken);
    }
    for (Long oldAccessTokenId : maps.getAccessTokenToClientRefs().keySet()) {
        String clientRef = maps.getAccessTokenToClientRefs().get(oldAccessTokenId);
        ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
        Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
        OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
        accessToken.setClient(client);
        tokenRepository.saveAccessToken(accessToken);
    }
    for (Long oldAccessTokenId : maps.getAccessTokenToAuthHolderRefs().keySet()) {
        Long oldAuthHolderId = maps.getAccessTokenToAuthHolderRefs().get(oldAccessTokenId);
        Long newAuthHolderId = maps.getAuthHolderOldToNewIdMap().get(oldAuthHolderId);
        AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
        Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
        OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
        accessToken.setAuthenticationHolder(authHolder);
        tokenRepository.saveAccessToken(accessToken);
    }
    for (Long oldAccessTokenId : maps.getAccessTokenToRefreshTokenRefs().keySet()) {
        Long oldRefreshTokenId = maps.getAccessTokenToRefreshTokenRefs().get(oldAccessTokenId);
        Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
        OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
        Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
        OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
        accessToken.setRefreshToken(refreshToken);
        tokenRepository.saveAccessToken(accessToken);
    }
    for (Long oldGrantId : maps.getGrantToAccessTokensRefs().keySet()) {
        Set<Long> oldAccessTokenIds = maps.getGrantToAccessTokensRefs().get(oldGrantId);
        Long newGrantId = maps.getGrantOldToNewIdMap().get(oldGrantId);
        ApprovedSite site = approvedSiteRepository.getById(newGrantId);
        for (Long oldTokenId : oldAccessTokenIds) {
            Long newTokenId = maps.getAccessTokenOldToNewIdMap().get(oldTokenId);
            OAuth2AccessTokenEntity token = tokenRepository.getAccessTokenById(newTokenId);
            token.setApprovedSite(site);
            tokenRepository.saveAccessToken(token);
        }
        approvedSiteRepository.save(site);
    }
    /*
		refreshTokenToClientRefs.clear();
		refreshTokenToAuthHolderRefs.clear();
		accessTokenToClientRefs.clear();
		accessTokenToAuthHolderRefs.clear();
		accessTokenToRefreshTokenRefs.clear();
		refreshTokenOldToNewIdMap.clear();
		accessTokenOldToNewIdMap.clear();
		grantOldToNewIdMap.clear();
		 */
    logger.info("Done fixing object references.");
}
Also used : ClientDetailsEntity(org.mitre.oauth2.model.ClientDetailsEntity) OAuth2RefreshTokenEntity(org.mitre.oauth2.model.OAuth2RefreshTokenEntity) ApprovedSite(org.mitre.openid.connect.model.ApprovedSite) OAuth2AccessTokenEntity(org.mitre.oauth2.model.OAuth2AccessTokenEntity) AuthenticationHolderEntity(org.mitre.oauth2.model.AuthenticationHolderEntity)

Example 4 with OAuth2AccessTokenEntity

use of org.mitre.oauth2.model.OAuth2AccessTokenEntity in project OpenID-Connect-Java-Spring-Server by mitreid-connect.

the class MITREidDataService_1_0 method fixObjectReferences.

private void fixObjectReferences() {
    for (Long oldRefreshTokenId : maps.getRefreshTokenToClientRefs().keySet()) {
        String clientRef = maps.getRefreshTokenToClientRefs().get(oldRefreshTokenId);
        ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
        Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
        OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
        refreshToken.setClient(client);
        tokenRepository.saveRefreshToken(refreshToken);
    }
    for (Long oldRefreshTokenId : maps.getRefreshTokenToAuthHolderRefs().keySet()) {
        Long oldAuthHolderId = maps.getRefreshTokenToAuthHolderRefs().get(oldRefreshTokenId);
        Long newAuthHolderId = maps.getAuthHolderOldToNewIdMap().get(oldAuthHolderId);
        AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
        Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
        OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
        refreshToken.setAuthenticationHolder(authHolder);
        tokenRepository.saveRefreshToken(refreshToken);
    }
    for (Long oldAccessTokenId : maps.getAccessTokenToClientRefs().keySet()) {
        String clientRef = maps.getAccessTokenToClientRefs().get(oldAccessTokenId);
        ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
        Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
        OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
        accessToken.setClient(client);
        tokenRepository.saveAccessToken(accessToken);
    }
    for (Long oldAccessTokenId : maps.getAccessTokenToAuthHolderRefs().keySet()) {
        Long oldAuthHolderId = maps.getAccessTokenToAuthHolderRefs().get(oldAccessTokenId);
        Long newAuthHolderId = maps.getAuthHolderOldToNewIdMap().get(oldAuthHolderId);
        AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
        Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
        OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
        accessToken.setAuthenticationHolder(authHolder);
        tokenRepository.saveAccessToken(accessToken);
    }
    maps.getAccessTokenToAuthHolderRefs().clear();
    for (Long oldAccessTokenId : maps.getAccessTokenToRefreshTokenRefs().keySet()) {
        Long oldRefreshTokenId = maps.getAccessTokenToRefreshTokenRefs().get(oldAccessTokenId);
        Long newRefreshTokenId = maps.getRefreshTokenOldToNewIdMap().get(oldRefreshTokenId);
        OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
        Long newAccessTokenId = maps.getAccessTokenOldToNewIdMap().get(oldAccessTokenId);
        OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
        accessToken.setRefreshToken(refreshToken);
        tokenRepository.saveAccessToken(accessToken);
    }
    for (Long oldGrantId : maps.getGrantToAccessTokensRefs().keySet()) {
        Set<Long> oldAccessTokenIds = maps.getGrantToAccessTokensRefs().get(oldGrantId);
        Long newGrantId = maps.getGrantOldToNewIdMap().get(oldGrantId);
        ApprovedSite site = approvedSiteRepository.getById(newGrantId);
        for (Long oldTokenId : oldAccessTokenIds) {
            Long newTokenId = maps.getAccessTokenOldToNewIdMap().get(oldTokenId);
            OAuth2AccessTokenEntity token = tokenRepository.getAccessTokenById(newTokenId);
            token.setApprovedSite(site);
            tokenRepository.saveAccessToken(token);
        }
        approvedSiteRepository.save(site);
    }
}
Also used : ClientDetailsEntity(org.mitre.oauth2.model.ClientDetailsEntity) OAuth2RefreshTokenEntity(org.mitre.oauth2.model.OAuth2RefreshTokenEntity) ApprovedSite(org.mitre.openid.connect.model.ApprovedSite) OAuth2AccessTokenEntity(org.mitre.oauth2.model.OAuth2AccessTokenEntity) AuthenticationHolderEntity(org.mitre.oauth2.model.AuthenticationHolderEntity)

Example 5 with OAuth2AccessTokenEntity

use of org.mitre.oauth2.model.OAuth2AccessTokenEntity in project OpenID-Connect-Java-Spring-Server by mitreid-connect.

the class MITREidDataService_1_2 method readAccessTokens.

/**
 * @param reader
 * @throws IOException
 */
/**
 * @param reader
 * @throws IOException
 */
private void readAccessTokens(JsonReader reader) throws IOException {
    reader.beginArray();
    while (reader.hasNext()) {
        OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();
        reader.beginObject();
        Long currentId = null;
        String clientId = null;
        Long authHolderId = null;
        Long refreshTokenId = null;
        while (reader.hasNext()) {
            switch(reader.peek()) {
                case END_OBJECT:
                    continue;
                case NAME:
                    String name = reader.nextName();
                    if (reader.peek() == JsonToken.NULL) {
                        reader.skipValue();
                    } else if (name.equals(ID)) {
                        currentId = reader.nextLong();
                    } else if (name.equals(EXPIRATION)) {
                        Date date = utcToDate(reader.nextString());
                        token.setExpiration(date);
                    } else if (name.equals(VALUE)) {
                        String value = reader.nextString();
                        try {
                            // all tokens are JWTs
                            token.setJwt(JWTParser.parse(value));
                        } catch (ParseException ex) {
                            logger.error("Unable to set refresh token value to {}", value, ex);
                        }
                    } else if (name.equals(CLIENT_ID)) {
                        clientId = reader.nextString();
                    } else if (name.equals(AUTHENTICATION_HOLDER_ID)) {
                        authHolderId = reader.nextLong();
                    } else if (name.equals(REFRESH_TOKEN_ID)) {
                        refreshTokenId = reader.nextLong();
                    } else if (name.equals(SCOPE)) {
                        Set<String> scope = readSet(reader);
                        token.setScope(scope);
                    } else if (name.equals(TYPE)) {
                        token.setTokenType(reader.nextString());
                    } else {
                        logger.debug("Found unexpected entry");
                        reader.skipValue();
                    }
                    break;
                default:
                    logger.debug("Found unexpected entry");
                    reader.skipValue();
                    continue;
            }
        }
        reader.endObject();
        Long newId = tokenRepository.saveAccessToken(token).getId();
        maps.getAccessTokenToClientRefs().put(currentId, clientId);
        maps.getAccessTokenToAuthHolderRefs().put(currentId, authHolderId);
        if (refreshTokenId != null) {
            maps.getAccessTokenToRefreshTokenRefs().put(currentId, refreshTokenId);
        }
        maps.getAccessTokenOldToNewIdMap().put(currentId, newId);
        logger.debug("Read access token {}", currentId);
    }
    reader.endArray();
    logger.info("Done reading access tokens");
}
Also used : JWKSet(com.nimbusds.jose.jwk.JWKSet) HashSet(java.util.HashSet) Set(java.util.Set) JsonUtils.readSet(org.mitre.util.JsonUtils.readSet) OAuth2AccessTokenEntity(org.mitre.oauth2.model.OAuth2AccessTokenEntity) ParseException(java.text.ParseException) Date(java.util.Date)

Aggregations

OAuth2AccessTokenEntity (org.mitre.oauth2.model.OAuth2AccessTokenEntity)82 Test (org.junit.Test)37 ClientDetailsEntity (org.mitre.oauth2.model.ClientDetailsEntity)33 Date (java.util.Date)30 AuthenticationHolderEntity (org.mitre.oauth2.model.AuthenticationHolderEntity)24 OAuth2RefreshTokenEntity (org.mitre.oauth2.model.OAuth2RefreshTokenEntity)24 ApprovedSite (org.mitre.openid.connect.model.ApprovedSite)18 HashSet (java.util.HashSet)16 Matchers.anyString (org.mockito.Matchers.anyString)14 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)14 WhitelistedSite (org.mitre.openid.connect.model.WhitelistedSite)12 SystemScope (org.mitre.oauth2.model.SystemScope)11 JsonObject (com.google.gson.JsonObject)10 JsonArray (com.google.gson.JsonArray)9 JsonElement (com.google.gson.JsonElement)9 JsonParser (com.google.gson.JsonParser)9 ArrayList (java.util.ArrayList)9 JsonReader (com.google.gson.stream.JsonReader)8 JsonWriter (com.google.gson.stream.JsonWriter)8 StringReader (java.io.StringReader)8