Examples with ClientDetailsEntity org.orcid.persistence.jpa.entities.ClientDetailsEntity used on opensource projects

Example 11 with ClientDetailsEntity

use of org.orcid.persistence.jpa.entities.ClientDetailsEntity in project ORCID-Source by ORCID.

the class OrcidClientGroupManagerImpl method createAndPersistClientProfile.

/**
     * Creates a new client and set the group orcid as the owner of that client
     * 
     * @param groupOrcid
     *            The group owner for this client
     * @param client
     *            The new client
     * @return the new OrcidClient
     */
public OrcidClient createAndPersistClientProfile(String groupOrcid, OrcidClient client) throws OrcidClientGroupManagementException {
    if (!isAllowedToAddNewClient(groupOrcid))
        throw new OrcidClientGroupManagementException("Your contract allows you to have only 1 client.");
    ProfileEntity groupProfileEntity = profileDao.find(groupOrcid);
    checkAndSetClientType(client, groupProfileEntity.getGroupType());
    // Use the client details service to create the client details
    ClientDetailsEntity clientDetailsEntity = createClientDetails(groupOrcid, client, client.getType());
    // Link the client to the copy of the profile cached in
    // memory by Hibernate
    SortedSet<ClientDetailsEntity> clientProfileEntities = groupProfileEntity.getClients();
    if (clientProfileEntities == null) {
        clientProfileEntities = new TreeSet<>(new OrcidEntityIdComparator<String>());
        groupProfileEntity.setClients(clientProfileEntities);
    }
    clientProfileEntities.add(clientDetailsEntity);
    return adapter.toOrcidClient(clientDetailsEntity);
}

Example 12 with ClientDetailsEntity

use of org.orcid.persistence.jpa.entities.ClientDetailsEntity in project ORCID-Source by ORCID.

the class OrcidClientGroupManagerImpl method createClientDetails.

private ClientDetailsEntity createClientDetails(String groupOrcid, OrcidClient orcidClient, ClientType clientType) {
    Set<String> clientResourceIds = new HashSet<String>();
    clientResourceIds.add("orcid");
    Set<String> clientAuthorizedGrantTypes = new HashSet<String>();
    clientAuthorizedGrantTypes.add("client_credentials");
    clientAuthorizedGrantTypes.add("authorization_code");
    clientAuthorizedGrantTypes.add("refresh_token");
    Set<RedirectUri> redirectUrisToAdd = new HashSet<RedirectUri>();
    if (orcidClient.getRedirectUris() != null) {
        redirectUrisToAdd.addAll(orcidClient.getRedirectUris().getRedirectUri());
    }
    List<String> clientGrantedAuthorities = new ArrayList<String>();
    clientGrantedAuthorities.add("ROLE_CLIENT");
    String name = orcidClient.getDisplayName();
    String description = orcidClient.getShortDescription();
    String website = orcidClient.getWebsite();
    String idp = orcidClient.getIdp();
    Boolean allowAutoDeprecate = orcidClient.getAllowAutoDeprecate();
    ClientDetailsEntity clientDetails = clientDetailsManager.createClientDetails(groupOrcid, name, description, idp, website, clientType, createScopes(clientType), clientResourceIds, clientAuthorizedGrantTypes, redirectUrisToAdd, clientGrantedAuthorities, allowAutoDeprecate);
    return clientDetails;
}

Example 13 with ClientDetailsEntity

use of org.orcid.persistence.jpa.entities.ClientDetailsEntity in project ORCID-Source by ORCID.

the class MembersManagerImpl method getClient.

@Override
public Client getClient(String clientId) {
    Client result = new Client();
    ClientDetailsEntity clientDetailsEntity = clientDetailsManager.findByClientId(clientId);
    if (clientDetailsEntity != null) {
        result = Client.valueOf(clientDetailsEntity);
        //Set member name
        result.setMemberName(Text.valueOf(clientDetailsManager.getMemberName(clientId)));
        //Set client secret
        if (clientDetailsEntity.getClientSecrets() != null) {
            for (ClientSecretEntity secret : clientDetailsEntity.getClientSecrets()) {
                if (secret.isPrimary()) {
                    result.setClientSecret(Text.valueOf(encryptionManager.decryptForInternalUse(secret.getClientSecret())));
                }
            }
        }
    } else {
        result.getErrors().add(getMessage("admin.edit_client.invalid_orcid"));
    }
    return result;
}

Example 14 with ClientDetailsEntity

use of org.orcid.persistence.jpa.entities.ClientDetailsEntity in project ORCID-Source by ORCID.

the class OrcidRefreshTokenChecker method validateRequest.

public void validateRequest(String grantType, TokenRequest tokenRequest, Long requestTimeInMillis) {
    String authorization = tokenRequest.getRequestParameters().get(OrcidOauth2Constants.AUTHORIZATION);
    String clientId = tokenRequest.getClientId();
    String scopes = tokenRequest.getRequestParameters().get(OAuth2Utils.SCOPE);
    Long expireIn = tokenRequest.getRequestParameters().containsKey(OrcidOauth2Constants.EXPIRES_IN) ? Long.valueOf(tokenRequest.getRequestParameters().get(OrcidOauth2Constants.EXPIRES_IN)) : 0L;
    String refreshToken = tokenRequest.getRequestParameters().get(OrcidOauth2Constants.REFRESH_TOKEN);
    OrcidOauth2TokenDetail token = orcidOauth2TokenDetailDao.findByTokenValue(authorization);
    // Verify the token belongs to this client
    if (!clientId.equals(token.getClientDetailsId())) {
        throw new IllegalArgumentException("This token doesnt belong to the given client");
    }
    // Verify client is enabled
    ClientDetailsEntity clientDetails = clientDetailsEntityCacheManager.retrieve(clientId);
    orcidOAuth2RequestValidator.validateClientIsEnabled(clientDetails);
    // Verify the token is not expired
    if (token.getTokenExpiration() != null) {
        if (token.getTokenExpiration().before(new Date())) {
            throw new InvalidTokenException("Access token expired: " + authorization);
        }
    }
    // Verify access token and refresh token are linked
    if (!refreshToken.equals(token.getRefreshTokenValue())) {
        throw new InvalidTokenException("Token and refresh token does not match");
    }
    // Verify the token is not disabled
    if (token.getTokenDisabled() != null && token.getTokenDisabled()) {
        throw new InvalidTokenException("Parent token is disabled");
    }
    // Verify scopes are not wider than the token scopes
    if (PojoUtil.isEmpty(scopes)) {
        scopes = token.getScope();
    } else {
        Set<ScopePathType> requiredScopes = ScopePathType.getScopesFromSpaceSeparatedString(scopes);
        Set<ScopePathType> simpleTokenScopes = ScopePathType.getScopesFromSpaceSeparatedString(token.getScope());
        // This collection contains all tokens that should be allowed given
        // the scopes that the parent token contains
        Set<ScopePathType> combinedTokenScopes = new HashSet<ScopePathType>();
        for (ScopePathType scope : simpleTokenScopes) {
            combinedTokenScopes.addAll(scope.combined());
        }
        // combinedTokenScopes
        for (ScopePathType scope : requiredScopes) {
            if (!combinedTokenScopes.contains(scope)) {
                throw new InvalidScopeException("The given scope '" + scope.value() + "' is not allowed for the parent token");
            }
        }
    }
    // Validate the expiration for the new token is no later than the parent
    // token expiration.
    long parentTokenExpiration = token.getTokenExpiration() == null ? System.currentTimeMillis() : token.getTokenExpiration().getTime();
    if (expireIn > parentTokenExpiration) {
        throw new IllegalArgumentException("Token expiration can't be after " + token.getTokenExpiration());
    }
}

Example 15 with ClientDetailsEntity

use of org.orcid.persistence.jpa.entities.ClientDetailsEntity in project ORCID-Source by ORCID.

the class ClientDetailsManagerReadOnlyImpl method getClient.

@Override
public Client getClient(String clientId) {
    Date lastModified = clientDetailsDao.getLastModified(clientId);
    ClientDetailsEntity clientDetailsEntity = clientDetailsDao.findByClientId(clientId, lastModified.getTime());
    return jpaJaxbClientAdapter.toClient(clientDetailsEntity);
}