Search in sources :

Example 1 with Client

use of org.xdi.oxauth.model.registration.Client in project oxAuth by GluuFederation.

the class AuthorizeAction method permissionGranted.

public void permissionGranted(SessionState session) {
    try {
        final User user = userService.getUserByDn(session.getUserDn());
        if (user == null) {
            log.error("Permission denied. Failed to find session user: userDn = " + session.getUserDn() + ".");
            permissionDenied();
            return;
        }
        if (clientId == null) {
            clientId = session.getSessionAttributes().get(AuthorizeRequestParam.CLIENT_ID);
        }
        final Client client = clientService.getClient(clientId);
        if (scope == null) {
            scope = session.getSessionAttributes().get(AuthorizeRequestParam.SCOPE);
        }
        // ldap database, and serve no purpose.
        if (client.getPersistClientAuthorizations() && !client.getTrustedClient()) {
            final Set<String> scopes = Sets.newHashSet(org.xdi.oxauth.model.util.StringUtils.spaceSeparatedToList(scope));
            clientAuthorizationsService.add(user.getAttribute("inum"), client.getClientId(), scopes);
        }
        session.addPermission(clientId, true);
        sessionStateService.updateSessionState(session);
        // OXAUTH-297 - set session_state cookie
        sessionStateService.createSessionStateCookie(sessionState);
        Map<String, String> sessionAttribute = authenticationService.getAllowedParameters(session.getSessionAttributes());
        if (sessionAttribute.containsKey(AuthorizeRequestParam.PROMPT)) {
            List<Prompt> prompts = Prompt.fromString(sessionAttribute.get(AuthorizeRequestParam.PROMPT), " ");
            prompts.remove(Prompt.CONSENT);
            sessionAttribute.put(AuthorizeRequestParam.PROMPT, org.xdi.oxauth.model.util.StringUtils.implodeEnum(prompts, " "));
        }
        final String parametersAsString = authenticationService.parametersAsString(sessionAttribute);
        final String uri = "seam/resource/restv1/oxauth/authorize?" + parametersAsString;
        log.trace("permissionGranted, redirectTo: {}", uri);
        facesService.redirectToExternalURL(uri);
    } catch (UnsupportedEncodingException e) {
        log.trace(e.getMessage(), e);
    }
}
Also used : User(org.xdi.oxauth.model.common.User) UnsupportedEncodingException(java.io.UnsupportedEncodingException) Prompt(org.xdi.oxauth.model.common.Prompt) Client(org.xdi.oxauth.model.registration.Client)

Example 2 with Client

use of org.xdi.oxauth.model.registration.Client in project oxAuth by GluuFederation.

the class RegisterRestWebServiceImpl method requestClientRead.

@Override
public Response requestClientRead(String clientId, String authorization, HttpServletRequest httpRequest, SecurityContext securityContext) {
    String accessToken = tokenService.getTokenFromAuthorizationParameter(authorization);
    log.debug("Attempting to read client: clientId = {}, registrationAccessToken = {} isSecure = {}", clientId, accessToken, securityContext.isSecure());
    Response.ResponseBuilder builder = Response.ok();
    OAuth2AuditLog oAuth2AuditLog = new OAuth2AuditLog(ServerUtil.getIpAddress(httpRequest), Action.CLIENT_READ);
    oAuth2AuditLog.setClientId(clientId);
    try {
        if (appConfiguration.getDynamicRegistrationEnabled()) {
            if (registerParamsValidator.validateParamsClientRead(clientId, accessToken)) {
                Client client = clientService.getClient(clientId, accessToken);
                if (client != null) {
                    oAuth2AuditLog.setScope(clientScopesToString(client));
                    oAuth2AuditLog.setSuccess(true);
                    builder.entity(clientAsEntity(client));
                } else {
                    log.trace("The Access Token is not valid for the Client ID, returns invalid_token error.");
                    builder = Response.status(Response.Status.BAD_REQUEST.getStatusCode());
                    builder.entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_TOKEN));
                }
            } else {
                log.trace("Client parameters are invalid.");
                builder = Response.status(Response.Status.BAD_REQUEST);
                builder.entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
            }
        } else {
            builder = Response.status(Response.Status.BAD_REQUEST);
            builder.entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.ACCESS_DENIED));
        }
    } catch (JSONException e) {
        builder = Response.status(500);
        builder.entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
        log.error(e.getMessage(), e);
    } catch (StringEncrypter.EncryptionException e) {
        builder = Response.status(500);
        builder.entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
        log.error(e.getMessage(), e);
    }
    CacheControl cacheControl = new CacheControl();
    cacheControl.setNoTransform(false);
    cacheControl.setNoStore(true);
    builder.cacheControl(cacheControl);
    builder.header("Pragma", "no-cache");
    applicationAuditLogger.sendMessage(oAuth2AuditLog);
    return builder.build();
}
Also used : Response(javax.ws.rs.core.Response) OAuth2AuditLog(org.xdi.oxauth.model.audit.OAuth2AuditLog) JSONException(org.codehaus.jettison.json.JSONException) CacheControl(javax.ws.rs.core.CacheControl) Client(org.xdi.oxauth.model.registration.Client) StringEncrypter(org.xdi.util.security.StringEncrypter)

Example 3 with Client

use of org.xdi.oxauth.model.registration.Client in project oxAuth by GluuFederation.

the class AuthorizationGrantList method asGrant.

public AuthorizationGrant asGrant(TokenLdap tokenLdap) {
    if (tokenLdap != null) {
        final AuthorizationGrantType grantType = AuthorizationGrantType.fromString(tokenLdap.getGrantType());
        if (grantType != null) {
            final User user = userService.getUser(tokenLdap.getUserId());
            final Client client = clientService.getClient(extractClientIdFromTokenDn(tokenLdap.getDn()));
            final Date authenticationTime = tokenLdap.getAuthenticationTime();
            final String nonce = tokenLdap.getNonce();
            AuthorizationGrant result;
            switch(grantType) {
                case AUTHORIZATION_CODE:
                    AuthorizationCodeGrant authorizationCodeGrant = grantInstance.select(AuthorizationCodeGrant.class).get();
                    authorizationCodeGrant.init(user, client, authenticationTime);
                    result = authorizationCodeGrant;
                    break;
                case CLIENT_CREDENTIALS:
                    ClientCredentialsGrant clientCredentialsGrant = grantInstance.select(ClientCredentialsGrant.class).get();
                    clientCredentialsGrant.init(user, client);
                    result = clientCredentialsGrant;
                    break;
                case IMPLICIT:
                    ImplicitGrant implicitGrant = grantInstance.select(ImplicitGrant.class).get();
                    implicitGrant.init(user, client, authenticationTime);
                    result = implicitGrant;
                    break;
                case RESOURCE_OWNER_PASSWORD_CREDENTIALS:
                    ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant = grantInstance.select(ResourceOwnerPasswordCredentialsGrant.class).get();
                    resourceOwnerPasswordCredentialsGrant.init(user, client);
                    result = resourceOwnerPasswordCredentialsGrant;
                    break;
                default:
                    return null;
            }
            final String grantId = tokenLdap.getGrantId();
            final String jwtRequest = tokenLdap.getJwtRequest();
            final String authMode = tokenLdap.getAuthMode();
            final String sessionDn = tokenLdap.getSessionDn();
            result.setNonce(nonce);
            result.setTokenLdap(tokenLdap);
            if (StringUtils.isNotBlank(grantId)) {
                result.setGrantId(grantId);
            }
            result.setScopes(Util.splittedStringAsList(tokenLdap.getScope(), " "));
            result.setCodeChallenge(tokenLdap.getCodeChallenge());
            result.setCodeChallengeMethod(tokenLdap.getCodeChallengeMethod());
            if (StringUtils.isNotBlank(jwtRequest)) {
                try {
                    result.setJwtAuthorizationRequest(new JwtAuthorizationRequest(appConfiguration, jwtRequest, client));
                } catch (Exception e) {
                    log.trace(e.getMessage(), e);
                }
            }
            result.setAcrValues(authMode);
            result.setSessionDn(sessionDn);
            if (tokenLdap.getTokenTypeEnum() != null) {
                switch(tokenLdap.getTokenTypeEnum()) {
                    case AUTHORIZATION_CODE:
                        if (result instanceof AuthorizationCodeGrant) {
                            final AuthorizationCode code = new AuthorizationCode(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate());
                            final AuthorizationCodeGrant g = (AuthorizationCodeGrant) result;
                            g.setAuthorizationCode(code);
                        }
                        break;
                    case REFRESH_TOKEN:
                        final RefreshToken refreshToken = new RefreshToken(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate());
                        result.setRefreshTokens(Arrays.asList(refreshToken));
                        break;
                    case ACCESS_TOKEN:
                        final AccessToken accessToken = new AccessToken(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate());
                        result.setAccessTokens(Arrays.asList(accessToken));
                        break;
                    case ID_TOKEN:
                        final IdToken idToken = new IdToken(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate());
                        result.setIdToken(idToken);
                        break;
                    case LONG_LIVED_ACCESS_TOKEN:
                        final AccessToken longLivedAccessToken = new AccessToken(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate());
                        result.setLongLivedAccessToken(longLivedAccessToken);
                        break;
                }
            }
            return result;
        }
    }
    return null;
}
Also used : Date(java.util.Date) LDAPException(com.unboundid.ldap.sdk.LDAPException) JwtAuthorizationRequest(org.xdi.oxauth.model.authorize.JwtAuthorizationRequest) Client(org.xdi.oxauth.model.registration.Client)

Example 4 with Client

use of org.xdi.oxauth.model.registration.Client in project oxAuth by GluuFederation.

the class AuthenticationFilter method processBasicAuth.

private void processBasicAuth(ClientService clientService, ErrorResponseFactory errorResponseFactory, HttpServletRequest servletRequest, HttpServletResponse servletResponse, FilterChain filterChain) {
    boolean requireAuth = true;
    try {
        String header = servletRequest.getHeader("Authorization");
        if (header != null && header.startsWith("Basic ")) {
            String base64Token = header.substring(6);
            String token = new String(Base64.decodeBase64(base64Token), Util.UTF8_STRING_ENCODING);
            String username = "";
            String password = "";
            int delim = token.indexOf(":");
            if (delim != -1) {
                username = token.substring(0, delim);
                password = token.substring(delim + 1);
            }
            requireAuth = !StringHelper.equals(username, identity.getCredentials().getUsername()) || !identity.isLoggedIn();
            // and user isn't authenticated
            if (requireAuth) {
                if (!username.equals(identity.getCredentials().getUsername()) || !identity.isLoggedIn()) {
                    if (servletRequest.getRequestURI().endsWith("/token")) {
                        Client client = clientService.getClient(username);
                        if (client == null || AuthenticationMethod.CLIENT_SECRET_BASIC != client.getAuthenticationMethod()) {
                            throw new Exception("The Token Authentication Method is not valid.");
                        }
                    }
                    identity.getCredentials().setUsername(username);
                    identity.getCredentials().setPassword(password);
                    requireAuth = !authenticator.authenticateWebService();
                }
            }
        }
        if (!requireAuth) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
    } catch (UnsupportedEncodingException ex) {
        log.info("Basic authentication failed", ex);
    } catch (ServletException ex) {
        log.info("Basic authentication failed", ex);
    } catch (IOException ex) {
        log.info("Basic authentication failed", ex);
    } catch (Exception ex) {
        log.info("Basic authentication failed", ex);
    }
    try {
        if (requireAuth && !identity.isLoggedIn()) {
            sendError(servletResponse);
        }
    } catch (IOException ex) {
        log.error(ex.getMessage(), ex);
    }
}
Also used : ServletException(javax.servlet.ServletException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) IOException(java.io.IOException) Client(org.xdi.oxauth.model.registration.Client) ServletException(javax.servlet.ServletException) InvalidJwtException(org.xdi.oxauth.model.exception.InvalidJwtException) IOException(java.io.IOException) UnsupportedEncodingException(java.io.UnsupportedEncodingException)

Example 5 with Client

use of org.xdi.oxauth.model.registration.Client in project oxAuth by GluuFederation.

the class TokenRestWebServiceImpl method requestAccessToken.

@Override
public Response requestAccessToken(String grantType, String code, String redirectUri, String username, String password, String scope, String assertion, String refreshToken, String oxAuthExchangeToken, String clientId, String clientSecret, String codeVerifier, HttpServletRequest request, SecurityContext sec) {
    log.debug("Attempting to request access token: grantType = {}, code = {}, redirectUri = {}, username = {}, refreshToken = {}, " + "clientId = {}, ExtraParams = {}, isSecure = {}, codeVerifier = {}", grantType, code, redirectUri, username, refreshToken, clientId, request.getParameterMap(), sec.isSecure(), codeVerifier);
    OAuth2AuditLog oAuth2AuditLog = new OAuth2AuditLog(ServerUtil.getIpAddress(request), Action.TOKEN_REQUEST);
    oAuth2AuditLog.setClientId(clientId);
    oAuth2AuditLog.setUsername(username);
    oAuth2AuditLog.setScope(scope);
    // it may be encoded in uma case
    scope = ServerUtil.urlDecode(scope);
    ResponseBuilder builder = Response.ok();
    try {
        log.debug("Starting to validate request parameters");
        if (!TokenParamsValidator.validateParams(grantType, code, redirectUri, username, password, scope, assertion, refreshToken, oxAuthExchangeToken)) {
            log.trace("Failed to validate request parameters");
            builder = error(400, TokenErrorResponseType.INVALID_REQUEST);
        } else {
            log.trace("Request parameters are right");
            GrantType gt = GrantType.fromString(grantType);
            log.debug("Grant type: '{}'", gt);
            SessionClient sessionClient = identity.getSetSessionClient();
            Client client = null;
            if (sessionClient != null) {
                client = sessionClient.getClient();
                log.debug("Get sessionClient: '{}'", sessionClient);
            }
            if (client != null) {
                log.debug("Get client from session: '{}'", client.getClientId());
            }
            if (gt == GrantType.AUTHORIZATION_CODE) {
                if (client == null) {
                    return response(error(400, TokenErrorResponseType.INVALID_GRANT));
                }
                log.debug("Attempting to find authorizationCodeGrant by clinetId: '{}', code: '{}'", client.getClientId(), code);
                AuthorizationCodeGrant authorizationCodeGrant = authorizationGrantList.getAuthorizationCodeGrant(client.getClientId(), code);
                log.trace("AuthorizationCodeGrant : '{}'", authorizationCodeGrant);
                if (authorizationCodeGrant != null) {
                    validatePKCE(authorizationCodeGrant, codeVerifier);
                    authorizationCodeGrant.setIsCachedWithNoPersistence(false);
                    authorizationCodeGrant.save();
                    AccessToken accToken = authorizationCodeGrant.createAccessToken();
                    log.debug("Issuing access token: {}", accToken.getCode());
                    RefreshToken reToken = authorizationCodeGrant.createRefreshToken();
                    if (scope != null && !scope.isEmpty()) {
                        scope = authorizationCodeGrant.checkScopesPolicy(scope);
                    }
                    IdToken idToken = null;
                    if (authorizationCodeGrant.getScopes().contains("openid")) {
                        String nonce = authorizationCodeGrant.getNonce();
                        boolean includeIdTokenClaims = Boolean.TRUE.equals(appConfiguration.getLegacyIdTokenClaims());
                        idToken = authorizationCodeGrant.createIdToken(nonce, null, accToken, authorizationCodeGrant, includeIdTokenClaims);
                    }
                    builder.entity(getJSonResponse(accToken, accToken.getTokenType(), accToken.getExpiresIn(), reToken, scope, idToken));
                    oAuth2AuditLog.updateOAuth2AuditLog(authorizationCodeGrant, true);
                    grantService.removeByCode(authorizationCodeGrant.getAuthorizationCode().getCode(), authorizationCodeGrant.getClientId());
                } else {
                    log.debug("AuthorizationCodeGrant is empty by clinetId: '{}', code: '{}'", client.getClientId(), code);
                    // if authorization code is not found then code was already used = remove all grants with this auth code
                    grantService.removeAllByAuthorizationCode(code);
                    builder = error(400, TokenErrorResponseType.INVALID_GRANT);
                }
            } else if (gt == GrantType.REFRESH_TOKEN) {
                if (client == null) {
                    return response(error(401, TokenErrorResponseType.INVALID_GRANT));
                }
                AuthorizationGrant authorizationGrant = authorizationGrantList.getAuthorizationGrantByRefreshToken(client.getClientId(), refreshToken);
                if (authorizationGrant != null) {
                    AccessToken accToken = authorizationGrant.createAccessToken();
                    /*
                        The authorization server MAY issue a new refresh token, in which case
                        the client MUST discard the old refresh token and replace it with the
                        new refresh token.
                        */
                    RefreshToken reToken = authorizationGrant.createRefreshToken();
                    grantService.removeByCode(refreshToken, client.getClientId());
                    if (scope != null && !scope.isEmpty()) {
                        scope = authorizationGrant.checkScopesPolicy(scope);
                    }
                    builder.entity(getJSonResponse(accToken, accToken.getTokenType(), accToken.getExpiresIn(), reToken, scope, null));
                    oAuth2AuditLog.updateOAuth2AuditLog(authorizationGrant, true);
                } else {
                    builder = error(401, TokenErrorResponseType.INVALID_GRANT);
                }
            } else if (gt == GrantType.CLIENT_CREDENTIALS) {
                if (client == null) {
                    return response(error(401, TokenErrorResponseType.INVALID_GRANT));
                }
                // TODO: fix the user arg
                ClientCredentialsGrant clientCredentialsGrant = authorizationGrantList.createClientCredentialsGrant(new User(), client);
                AccessToken accessToken = clientCredentialsGrant.createAccessToken();
                if (scope != null && !scope.isEmpty()) {
                    scope = clientCredentialsGrant.checkScopesPolicy(scope);
                }
                IdToken idToken = null;
                if (clientCredentialsGrant.getScopes().contains("openid")) {
                    boolean includeIdTokenClaims = Boolean.TRUE.equals(appConfiguration.getLegacyIdTokenClaims());
                    idToken = clientCredentialsGrant.createIdToken(null, null, null, clientCredentialsGrant, includeIdTokenClaims);
                }
                oAuth2AuditLog.updateOAuth2AuditLog(clientCredentialsGrant, true);
                builder.entity(getJSonResponse(accessToken, accessToken.getTokenType(), accessToken.getExpiresIn(), null, scope, idToken));
            } else if (gt == GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS) {
                if (client == null) {
                    log.error("Invalid client", new RuntimeException("Client is empty"));
                    return response(error(401, TokenErrorResponseType.INVALID_CLIENT));
                }
                User user = null;
                if (authenticationFilterService.isEnabled()) {
                    String userDn = authenticationFilterService.processAuthenticationFilters(request.getParameterMap());
                    if (StringHelper.isNotEmpty(userDn)) {
                        user = userService.getUserByDn(userDn);
                    }
                }
                if (user == null) {
                    boolean authenticated = authenticationService.authenticate(username, password);
                    if (authenticated) {
                        user = authenticationService.getAuthenticatedUser();
                    }
                }
                if (user != null) {
                    ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant = authorizationGrantList.createResourceOwnerPasswordCredentialsGrant(user, client);
                    AccessToken accessToken = resourceOwnerPasswordCredentialsGrant.createAccessToken();
                    RefreshToken reToken = resourceOwnerPasswordCredentialsGrant.createRefreshToken();
                    if (scope != null && !scope.isEmpty()) {
                        scope = resourceOwnerPasswordCredentialsGrant.checkScopesPolicy(scope);
                    }
                    IdToken idToken = null;
                    if (resourceOwnerPasswordCredentialsGrant.getScopes().contains("openid")) {
                        boolean includeIdTokenClaims = Boolean.TRUE.equals(appConfiguration.getLegacyIdTokenClaims());
                        idToken = resourceOwnerPasswordCredentialsGrant.createIdToken(null, null, null, resourceOwnerPasswordCredentialsGrant, includeIdTokenClaims);
                    }
                    oAuth2AuditLog.updateOAuth2AuditLog(resourceOwnerPasswordCredentialsGrant, true);
                    builder.entity(getJSonResponse(accessToken, accessToken.getTokenType(), accessToken.getExpiresIn(), reToken, scope, idToken));
                } else {
                    log.error("Invalid user", new RuntimeException("User is empty"));
                    builder = error(401, TokenErrorResponseType.INVALID_CLIENT);
                }
            } else if (gt == GrantType.EXTENSION) {
                builder = error(501, TokenErrorResponseType.INVALID_GRANT);
            } else if (gt == GrantType.OXAUTH_EXCHANGE_TOKEN) {
                AuthorizationGrant authorizationGrant = authorizationGrantList.getAuthorizationGrantByAccessToken(oxAuthExchangeToken);
                if (authorizationGrant != null) {
                    final AccessToken accessToken = authorizationGrant.createLongLivedAccessToken();
                    oAuth2AuditLog.updateOAuth2AuditLog(authorizationGrant, true);
                    builder.entity(getJSonResponse(accessToken, accessToken.getTokenType(), accessToken.getExpiresIn(), null, null, null));
                } else {
                    builder = error(401, TokenErrorResponseType.INVALID_GRANT);
                }
            }
        }
    } catch (WebApplicationException e) {
        throw e;
    } catch (SignatureException e) {
        builder = Response.status(500);
        log.error(e.getMessage(), e);
    } catch (StringEncrypter.EncryptionException e) {
        builder = Response.status(500);
        log.error(e.getMessage(), e);
    } catch (InvalidJwtException e) {
        builder = Response.status(500);
        log.error(e.getMessage(), e);
    } catch (InvalidJweException e) {
        builder = Response.status(500);
        log.error(e.getMessage(), e);
    } catch (Exception e) {
        builder = Response.status(500);
        log.error(e.getMessage(), e);
    }
    applicationAuditLogger.sendMessage(oAuth2AuditLog);
    return response(builder);
}
Also used : InvalidJwtException(org.xdi.oxauth.model.exception.InvalidJwtException) IdToken(org.xdi.oxauth.model.common.IdToken) User(org.xdi.oxauth.model.common.User) WebApplicationException(javax.ws.rs.WebApplicationException) SessionClient(org.xdi.oxauth.model.session.SessionClient) OAuth2AuditLog(org.xdi.oxauth.model.audit.OAuth2AuditLog) ResourceOwnerPasswordCredentialsGrant(org.xdi.oxauth.model.common.ResourceOwnerPasswordCredentialsGrant) GrantType(org.xdi.oxauth.model.common.GrantType) SignatureException(java.security.SignatureException) StringEncrypter(org.xdi.util.security.StringEncrypter) InvalidJwtException(org.xdi.oxauth.model.exception.InvalidJwtException) SignatureException(java.security.SignatureException) JSONException(org.codehaus.jettison.json.JSONException) WebApplicationException(javax.ws.rs.WebApplicationException) InvalidJweException(org.xdi.oxauth.model.exception.InvalidJweException) RefreshToken(org.xdi.oxauth.model.common.RefreshToken) AuthorizationCodeGrant(org.xdi.oxauth.model.common.AuthorizationCodeGrant) AccessToken(org.xdi.oxauth.model.common.AccessToken) ClientCredentialsGrant(org.xdi.oxauth.model.common.ClientCredentialsGrant) ResponseBuilder(javax.ws.rs.core.Response.ResponseBuilder) Client(org.xdi.oxauth.model.registration.Client) SessionClient(org.xdi.oxauth.model.session.SessionClient) AuthorizationGrant(org.xdi.oxauth.model.common.AuthorizationGrant) InvalidJweException(org.xdi.oxauth.model.exception.InvalidJweException)

Aggregations

Client (org.xdi.oxauth.model.registration.Client)25 Date (java.util.Date)5 OAuth2AuditLog (org.xdi.oxauth.model.audit.OAuth2AuditLog)5 InvalidJwtException (org.xdi.oxauth.model.exception.InvalidJwtException)5 StringEncrypter (org.xdi.util.security.StringEncrypter)5 JSONException (org.codehaus.jettison.json.JSONException)4 EntryPersistenceException (org.gluu.site.ldap.persistence.exception.EntryPersistenceException)4 AuthorizationGrant (org.xdi.oxauth.model.common.AuthorizationGrant)4 User (org.xdi.oxauth.model.common.User)4 UnsupportedEncodingException (java.io.UnsupportedEncodingException)3 WebApplicationException (javax.ws.rs.WebApplicationException)3 Test (org.testng.annotations.Test)3 Prompt (org.xdi.oxauth.model.common.Prompt)3 SessionState (org.xdi.oxauth.model.common.SessionState)3 IOException (java.io.IOException)2 URI (java.net.URI)2 SignatureException (java.security.SignatureException)2 GregorianCalendar (java.util.GregorianCalendar)2 ServletException (javax.servlet.ServletException)2 Response (javax.ws.rs.core.Response)2