use of org.restlet.representation.Representation in project OpenAM by OpenRock.
the class XacmlServiceTest method testDispositionOfSubRealmExport.
@Test
public void testDispositionOfSubRealmExport() throws Exception {
//given
query.add(XacmlService.QUERY_PARAM_STRING, "test1");
query.add(XacmlService.QUERY_PARAM_STRING, "test2");
PolicySet policySet = new PolicySet();
doReturn(policySet).when(importExport).exportXACML(eq("/"), any(Subject.class), any(List.class));
//when
Representation result = service.exportXACML("/sub");
Disposition disposition = result.getDisposition();
assertThat(disposition.getFilename()).isEqualTo("sub-realm-policies.xml");
assertThat(disposition.getType()).isEqualTo(disposition.TYPE_ATTACHMENT);
}
use of org.restlet.representation.Representation in project OpenAM by OpenRock.
the class XacmlServiceTest method testExportXACML.
@Test
public void testExportXACML() throws Exception {
//given
query.add(XacmlService.QUERY_PARAM_STRING, "test1");
query.add(XacmlService.QUERY_PARAM_STRING, "test2");
PolicySet policySet = new PolicySet();
doReturn(policySet).when(importExport).exportXACML(eq("/"), any(Subject.class), any(List.class));
//when
Representation result = service.exportXACML();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
result.write(baos);
String xml = new String(baos.toByteArray(), "UTF-8");
//then
assertThat(xml).contains("<ns2:PolicySet");
assertThat(xml).contains("xmlns:ns2=\"urn:oasis:names:tc:xacml:3.0:core:schema:wd-17\"");
verify(response).setStatus(Status.SUCCESS_OK);
ArgumentCaptor<List> listCaptor = ArgumentCaptor.forClass(List.class);
verify(importExport).exportXACML(eq("/"), any(Subject.class), listCaptor.capture());
assertThat(listCaptor.getValue()).containsExactly("test1", "test2");
}
use of org.restlet.representation.Representation in project OpenAM by OpenRock.
the class AuthorizeResource method authorize.
/**
* Handles GET requests to the OAuth2 authorize endpoint.
* <br/>
* This method will be called when a client has requested a resource owner grants it authorization to access a
* resource.
*
* @return The body to be sent in the response to the user agent.
* @throws OAuth2RestletException If a OAuth2 error occurs whilst processing the authorization request.
*/
@Get
public Representation authorize() throws OAuth2RestletException {
final OAuth2Request request = requestFactory.create(getRequest());
for (AuthorizeRequestHook hook : hooks) {
hook.beforeAuthorizeHandling(request, getRequest(), getResponse());
}
try {
final AuthorizationToken authorizationToken = authorizationService.authorize(request);
final String redirectUri = getQueryValue("redirect_uri");
Representation response = representation.toRepresentation(getContext(), getRequest(), getResponse(), authorizationToken, redirectUri);
for (AuthorizeRequestHook hook : hooks) {
hook.afterAuthorizeSuccess(request, getRequest(), getResponse());
}
return response;
} catch (IllegalArgumentException e) {
if (e.getMessage().contains("client_id")) {
throw new OAuth2RestletException(400, "invalid_request", e.getMessage(), request.<String>getParameter("state"));
}
throw new OAuth2RestletException(400, "invalid_request", e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"));
} catch (ResourceOwnerAuthenticationRequired e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), e.getRedirectUri().toString(), null);
} catch (ResourceOwnerConsentRequired e) {
return representation.getRepresentation(getContext(), request, "authorize.ftl", getDataModel(e, request));
} catch (InvalidClientException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (RedirectUriMismatchException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"), e.getParameterLocation());
}
}
use of org.restlet.representation.Representation in project OpenAM by OpenRock.
the class AuthorizeResource method authorize.
/**
* Handles POST requests to the OAuth2 authorize endpoint.
* <br/>
* This method will be called when a user has given their consent for an authorization request.
*
* @param entity The entity on the request.
* @return The body to be sent in the response to the user agent.
* @throws OAuth2RestletException If a OAuth2 error occurs whilst processing the authorization request.
*/
@Post
public Representation authorize(Representation entity) throws OAuth2RestletException {
final OAuth2Request request = requestFactory.create(getRequest());
for (AuthorizeRequestHook hook : hooks) {
hook.beforeAuthorizeHandling(request, getRequest(), getResponse());
}
final boolean consentGiven = "allow".equalsIgnoreCase(request.<String>getParameter("decision"));
final boolean saveConsent = "on".equalsIgnoreCase(request.<String>getParameter("save_consent"));
try {
final AuthorizationToken authorizationToken = authorizationService.authorize(request, consentGiven, saveConsent);
final String redirectUri = request.getParameter("redirect_uri");
Representation response = representation.toRepresentation(getContext(), getRequest(), getResponse(), authorizationToken, redirectUri);
for (AuthorizeRequestHook hook : hooks) {
hook.afterAuthorizeSuccess(request, getRequest(), getResponse());
}
return response;
} catch (ResourceOwnerAuthenticationRequired e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), e.getRedirectUri().toString(), null);
} catch (InvalidClientException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (RedirectUriMismatchException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"), e.getParameterLocation());
}
}
use of org.restlet.representation.Representation in project OpenAM by OpenRock.
the class OAuth2Representation method getRepresentation.
/**
* Gets the appropriate representation to send to the user agent based from the specified parameters.
*
* @param context The Restlet context.
* @param templateName The name of the template to display.
* @param dataModel The data model to display on the page.
* @return A representation of the page to send to the user agent.
*/
Representation getRepresentation(Context context, OAuth2Request request, String templateName, Map<String, Object> dataModel) {
final String display = request.getParameter("display");
OAuth2Constants.DisplayType displayType = OAuth2Constants.DisplayType.PAGE;
if (!isEmpty(display)) {
displayType = Enum.valueOf(OAuth2Constants.DisplayType.class, display.toUpperCase());
}
final Representation representation;
if (display != null && display.equalsIgnoreCase("popup")) {
Representation popup = getRepresentation(context, displayType.getFolder(), "authorize.ftl", dataModel);
try {
dataModel.put("htmlCode", popup.getText());
} catch (IOException e) {
logger.error("Server can not serve the content of authorization page");
throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Server can not serve the content of authorization page");
}
representation = getRepresentation(context, displayType.getFolder(), "popup.ftl", dataModel);
} else {
representation = getRepresentation(context, displayType.getFolder(), templateName, dataModel);
}
if (representation != null) {
return representation;
}
logger.error("Server can not serve the content of authorization page");
throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Server can not serve the content of authorization page");
}
Aggregations