Examples with Request - org.restlet.Request

Example 51 with Request

use of org.restlet.Request in project OpenAM by OpenRock.

the class RestletHeaderAccessTokenVerifierTest method shouldCheckValid.

@Test
public void shouldCheckValid() throws Exception {
    // Given
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.CUSTOM, "foo", "bar");
    challengeResponse.setRawValue("freddy");
    Request request = new Request();
    request.setChallengeResponse(challengeResponse);
    OAuth2Request req = new RestletOAuth2Request(null, request);
    AccessToken token = new AccessToken(json(object()), "access_token", "freddy") {

        @Override
        public boolean isExpired() {
            return false;
        }
    };
    when(tokenStore.readAccessToken(req, "freddy")).thenReturn(token);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isTrue();
    assertThat(result.getTokenId()).isEqualTo("freddy");
    verify(tokenStore).readAccessToken(req, "freddy");
}

Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessToken(org.forgerock.oauth2.core.AccessToken) HttpRequest(org.restlet.engine.adapter.HttpRequest) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier) Test(org.testng.annotations.Test)

Example 52 with Request

use of org.restlet.Request in project OpenAM by OpenRock.

the class XacmlServiceTest method setup.

@BeforeMethod
public void setup() throws Exception {
    this.importExport = mock(XACMLExportImport.class);
    this.debug = mock(Debug.class);
    this.adminTokenAction = mock(AdminTokenAction.class);
    doAnswer(ssoTokenAnswer).when(adminTokenAction).run();
    this.service = new XacmlServiceTestWrapper(importExport, adminTokenAction, this.debug, null, null, jacksonRepresentationFactory);
    this.request = mock(Request.class);
    doReturn(REQUEST_ATTRIBUTES).when(request).getAttributes();
    this.response = mock(Response.class);
    service.setRequest(request);
    service.setResponse(response);
    query = new Form();
    service = spy(service);
    doReturn(query).when(service).getQuery();
}

Also used : Response(org.restlet.Response) Form(org.restlet.data.Form) AdminTokenAction(com.sun.identity.security.AdminTokenAction) Request(org.restlet.Request) XACMLExportImport(com.sun.identity.entitlement.xacml3.XACMLExportImport) Debug(com.sun.identity.shared.debug.Debug) BeforeMethod(org.testng.annotations.BeforeMethod)

Example 53 with Request

use of org.restlet.Request in project OpenAM by OpenRock.

the class DeviceCodeResource method issueCode.

@Post
public Representation issueCode(Representation body) throws OAuth2RestletException {
    final Request restletRequest = getRequest();
    OAuth2Request request = requestFactory.create(restletRequest);
    String state = request.getParameter(STATE);
    // Client ID, Response Type and Scope are required, all other parameters are optional
    String clientId = request.getParameter(CLIENT_ID);
    String scope = request.getParameter(SCOPE);
    String responseType = request.getParameter(RESPONSE_TYPE);
    try {
        if (isEmpty(clientId) || isEmpty(scope) || isEmpty(responseType)) {
            throw new OAuth2RestletException(400, "bad_request", "client_id, scope and response_type are required parameters", state);
        } else {
            // check client_id exists
            clientRegistrationStore.get(clientId, request);
        }
        if (scope == null) {
            scope = "";
        }
        final String maxAge = request.getParameter(MAX_AGE);
        DeviceCode code = tokenStore.createDeviceCode(oAuth2Utils.split(scope, " "), null, clientId, request.<String>getParameter(NONCE), request.<String>getParameter(RESPONSE_TYPE), request.<String>getParameter(STATE), request.<String>getParameter(ACR_VALUES), request.<String>getParameter(PROMPT), request.<String>getParameter(UI_LOCALES), request.<String>getParameter(LOGIN_HINT), maxAge == null ? null : Integer.valueOf(maxAge), request.<String>getParameter(CLAIMS), request, request.<String>getParameter(CODE_CHALLENGE), request.<String>getParameter(CODE_CHALLENGE_METHOD));
        Map<String, Object> result = new HashMap<>();
        OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
        result.put(DEVICE_CODE, code.getDeviceCode());
        result.put(USER_CODE, code.getUserCode());
        result.put(EXPIRES_IN, providerSettings.getDeviceCodeLifetime());
        result.put(INTERVAL, providerSettings.getDeviceCodePollInterval());
        String verificationUrl = providerSettings.getVerificationUrl();
        if (StringUtils.isBlank(verificationUrl)) {
            final HttpServletRequest servletRequest = ServletUtils.getRequest(restletRequest);
            final String realm = request.getParameter(OAuth2Constants.Custom.REALM);
            verificationUrl = baseURLProviderFactory.get(realm).getRootURL(servletRequest) + "/oauth2/device/user";
        }
        result.put(VERIFICATION_URL, verificationUrl);
        return jacksonRepresentationFactory.create(result);
    } catch (OAuth2Exception e) {
        throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), state);
    }
}

Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) HashMap(java.util.HashMap) HttpServletRequest(javax.servlet.http.HttpServletRequest) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) DeviceCode(org.forgerock.oauth2.core.OAuth2Constants.DeviceCode) DeviceCode(org.forgerock.oauth2.core.DeviceCode) OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings) OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception) Post(org.restlet.resource.Post)

Example 54 with Request

use of org.restlet.Request in project OpenAM by OpenRock.

the class DeviceCodeVerificationResource method verify.

/**
     * Handles POST requests to the OAuth2 device/user endpoint.
     */
@Post
public Representation verify(Representation body) throws ServerException, NotFoundException, InvalidGrantException, OAuth2RestletException {
    final Request restletRequest = getRequest();
    OAuth2Request request = requestFactory.create(restletRequest);
    DeviceCode deviceCode;
    try {
        deviceCode = tokenStore.readDeviceCode(request.<String>getParameter(OAuth2Constants.DeviceCode.USER_CODE), request);
    } catch (InvalidGrantException e) {
        return getTemplateRepresentation(FORM, request, "not_found");
    }
    if (deviceCode == null || deviceCode.isIssued()) {
        return getTemplateRepresentation(FORM, request, "not_found");
    }
    addRequestParamsFromDeviceCode(restletRequest, deviceCode);
    try {
        final String decision = request.getParameter("decision");
        if (StringUtils.isNotEmpty(decision)) {
            final boolean consentGiven = "allow".equalsIgnoreCase(decision);
            final boolean saveConsent = "on".equalsIgnoreCase(request.<String>getParameter("save_consent"));
            if (saveConsent) {
                saveConsent(request);
            }
            if (consentGiven) {
                ResourceOwner resourceOwner = resourceOwnerSessionValidator.validate(request);
                deviceCode.setResourceOwnerId(resourceOwner.getId());
                deviceCode.setAuthorized(true);
                tokenStore.updateDeviceCode(deviceCode, request);
            } else {
                tokenStore.deleteDeviceCode(deviceCode.getClientId(), deviceCode.getDeviceCode(), request);
            }
        } else {
            authorizationService.authorize(request);
        }
    } catch (IllegalArgumentException e) {
        if (e.getMessage().contains("client_id")) {
            throw new OAuth2RestletException(400, "invalid_request", e.getMessage(), request.<String>getParameter("state"));
        }
        throw new OAuth2RestletException(400, "invalid_request", e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"));
    } catch (ResourceOwnerAuthenticationRequired e) {
        throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), e.getRedirectUri().toString(), null);
    } catch (ResourceOwnerConsentRequired e) {
        return representation.getRepresentation(getContext(), request, "authorize.ftl", getDataModel(e, request));
    } catch (InvalidClientException | RedirectUriMismatchException e) {
        throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
    } catch (OAuth2Exception e) {
        throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"), e.getParameterLocation());
    }
    return getTemplateRepresentation(THANKS_PAGE, request, null);
}

Also used : ResourceOwnerAuthenticationRequired(org.forgerock.oauth2.core.exceptions.ResourceOwnerAuthenticationRequired) RedirectUriMismatchException(org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException) ResourceOwner(org.forgerock.oauth2.core.ResourceOwner) ResourceOwnerConsentRequired(org.forgerock.oauth2.core.exceptions.ResourceOwnerConsentRequired) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) Request(org.restlet.Request) InvalidGrantException(org.forgerock.oauth2.core.exceptions.InvalidGrantException) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) InvalidClientException(org.forgerock.oauth2.core.exceptions.InvalidClientException) DeviceCode(org.forgerock.oauth2.core.DeviceCode) OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception) Post(org.restlet.resource.Post)

Example 55 with Request

use of org.restlet.Request in project OpenAM by OpenRock.

the class RestletFormBodyAccessTokenVerifier method obtainTokenId.

/**
     * {@inheritDoc}
     */
protected String obtainTokenId(OAuth2Request request) {
    final Request req = request.getRequest();
    final Representation body = req.getEntity();
    if (body == null || !MediaType.APPLICATION_WWW_FORM.equals(body.getMediaType())) {
        logger.debug("Request does not contain form.");
        return null;
    }
    Form formBody = new Form(body);
    if (!formBody.getNames().contains(OAuth2Constants.Params.ACCESS_TOKEN)) {
        logger.debug("Request form does not contain access_token.");
        return null;
    }
    return formBody.getFirstValue(OAuth2Constants.Params.ACCESS_TOKEN);
}

Also used : Form(org.restlet.data.Form) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) Representation(org.restlet.representation.Representation)

Aggregations

Request (org.restlet.Request)79 Response (org.restlet.Response)44 OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)37 Test (org.testng.annotations.Test)36 ChallengeResponse (org.restlet.data.ChallengeResponse)18 Status (org.restlet.data.Status)15 HttpServletRequest (javax.servlet.http.HttpServletRequest)12 AccessToken (org.forgerock.oauth2.core.AccessToken)11 AccessTokenVerifier (org.forgerock.oauth2.core.AccessTokenVerifier)11 HttpRequest (org.restlet.engine.adapter.HttpRequest)9 Representation (org.restlet.representation.Representation)9 OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)8 Form (org.restlet.data.Form)8 Reference (org.restlet.data.Reference)8 BeforeMethod (org.testng.annotations.BeforeMethod)8 Map (java.util.Map)7 OAuth2ProviderSettingsFactory (org.forgerock.oauth2.core.OAuth2ProviderSettingsFactory)6 Test (org.junit.Test)6 Client (org.restlet.Client)6 URI (java.net.URI)4