Search in sources :

Example 1 with Function

use of org.python.google.common.base.Function in project oxAuth by GluuFederation.

the class UmaValidationService method validateScopes.

/**
 * @param scope scope string from token request
 * @param permissions permissions
 * @return map of loaded scope and boolean, true - if client requested scope and false if it is permission ticket scope
 */
public Map<Scope, Boolean> validateScopes(String scope, List<UmaPermission> permissions, Client client) {
    scope = ServerUtil.urlDecode(scope);
    final String[] scopesRequested = StringUtils.isNotBlank(scope) ? scope.split(" ") : new String[0];
    final Map<Scope, Boolean> result = new HashMap<Scope, Boolean>();
    if (ArrayUtils.isNotEmpty(scopesRequested)) {
        final Set<String> resourceScopes = resourceService.getResourceScopes(permissions.stream().map(UmaPermission::getResourceId).collect(Collectors.toSet()));
        for (String scopeId : scopesRequested) {
            final Scope ldapScope = umaScopeService.getOrCreate(client, scopeId, resourceScopes);
            if (ldapScope != null) {
                result.put(ldapScope, true);
            } else {
                log.trace("Skip requested scope because it's not allowed, scope: " + scopeId);
            }
        }
    }
    for (UmaPermission permission : permissions) {
        for (Scope s : umaScopeService.getScopesByDns(permission.getScopeDns())) {
            result.put(s, false);
        }
    }
    if (result.isEmpty()) {
        log.error("There are no any scopes requested in the request.");
        throw errorResponseFactory.createWebApplicationException(BAD_REQUEST, UmaErrorResponseType.INVALID_SCOPE, "There are no any scopes requested in give request.");
    }
    log.trace("CandidateGrantedScopes: " + Joiner.on(", ").join(Iterables.transform(result.keySet(), new Function<Scope, String>() {

        @Override
        public String apply(Scope scope) {
            return scope.getId();
        }
    })));
    return result;
}
Also used : Function(org.python.google.common.base.Function) Scope(org.oxauth.persistence.model.Scope) UmaPermission(org.gluu.oxauth.model.uma.persistence.UmaPermission)

Aggregations

UmaPermission (org.gluu.oxauth.model.uma.persistence.UmaPermission)1 Scope (org.oxauth.persistence.model.Scope)1 Function (org.python.google.common.base.Function)1