Examples with PermissionTicket org.xdi.oxauth.model.uma.PermissionTicket used on opensource projects
Example 6 with PermissionTicket
use of org.xdi.oxauth.model.uma.PermissionTicket in project oxAuth by GluuFederation.
the class PermissionRegistrationWS method registerResourceSetPermission.
@POST
@Consumes({ UmaConstants.JSON_MEDIA_TYPE })
@Produces({ UmaConstants.JSON_MEDIA_TYPE })
@ApiOperation(value = "Registers permission using the POST method", consumes = UmaConstants.JSON_MEDIA_TYPE, produces = UmaConstants.JSON_MEDIA_TYPE, notes = "The resource server uses the POST method at the endpoint. The body of the HTTP request message contains a JSON object providing the requested permission, using a format derived from the scope description format specified in [OAuth-resource-reg], as follows. The object has the following properties:")
@ApiResponses(value = { @ApiResponse(code = 401, message = "Unauthorized"), @ApiResponse(code = 400, message = "Bad Request") })
public Response registerResourceSetPermission(@Context HttpServletRequest request, @HeaderParam("Authorization") String authorization, @HeaderParam("Host") String amHost, @ApiParam(value = "The identifier for a resource set to which this client is seeking access. The identifier MUST correspond to a resource set that was previously registered.", required = true) UmaPermission resourceSetPermissionRequest) {
try {
umaValidationService.assertHasProtectionScope(authorization);
String validatedAmHost = umaValidationService.validateAmHost(amHost);
umaValidationService.validateResourceSet(resourceSetPermissionRequest);
final ResourceSetPermission resourceSetPermissions = resourceSetPermissionManager.createResourceSetPermission(validatedAmHost, resourceSetPermissionRequest, umaRsPermissionService.rptExpirationDate());
resourceSetPermissionManager.addResourceSetPermission(resourceSetPermissions, tokenService.getClientDn(authorization));
return Response.status(Response.Status.CREATED).entity(new PermissionTicket(resourceSetPermissions.getTicket())).build();
} catch (Exception ex) {
if (ex instanceof WebApplicationException) {
throw (WebApplicationException) ex;
}
log.error("Exception happened", ex);
throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(errorResponseFactory.getUmaJsonErrorResponse(UmaErrorResponseType.SERVER_ERROR)).build());
}
}
Also used :
PermissionTicket(org.xdi.oxauth.model.uma.PermissionTicket)
WebApplicationException(javax.ws.rs.WebApplicationException)
ResourceSetPermission(org.xdi.oxauth.model.uma.persistence.ResourceSetPermission)
WebApplicationException(javax.ws.rs.WebApplicationException)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
ApiOperation(com.wordnik.swagger.annotations.ApiOperation)
ApiResponses(com.wordnik.swagger.annotations.ApiResponses)
Example 7 with PermissionTicket
use of org.xdi.oxauth.model.uma.PermissionTicket in project oxAuth by GluuFederation.
the class RegisterPermissionWSTest method testRegisterPermissionWithInvalidResourceSet.
@Test(dependsOnMethods = { "testRegisterPermission" })
@Parameters({ "umaAmHost", "umaHost" })
public void testRegisterPermissionWithInvalidResourceSet(final String umaAmHost, String umaHost) {
final String path = umaPermissionPath;
try {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + path).request();
request.header("Accept", UmaConstants.JSON_MEDIA_TYPE);
request.header("Authorization", "Bearer " + pat.getAccessToken());
request.header("Host", umaAmHost);
String json = null;
try {
final UmaPermission r = new UmaPermission();
r.setResourceSetId(resourceSet.getId() + "x");
json = ServerUtil.createJsonMapper().writeValueAsString(r);
} catch (IOException e) {
e.printStackTrace();
fail();
}
Response response = request.post(Entity.json(json));
String entity = response.readEntity(String.class);
BaseTest.showResponse("UMA : RegisterPermissionWSTest.testRegisterPermissionWithInvalidResourceSet() : ", response, entity);
assertEquals(response.getStatus(), Response.Status.BAD_REQUEST.getStatusCode(), "Unexpected response code.");
try {
final PermissionTicket t = ServerUtil.createJsonMapper().readValue(entity, PermissionTicket.class);
Assert.assertNull(t);
} catch (Exception e) {
// it's ok if it fails here, we expect ticket as null.
}
} catch (Exception e) {
e.printStackTrace();
fail();
}
}
Also used :
Response(javax.ws.rs.core.Response)
ResourceSetResponse(org.xdi.oxauth.model.uma.ResourceSetResponse)
PermissionTicket(org.xdi.oxauth.model.uma.PermissionTicket)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
UmaPermission(org.xdi.oxauth.model.uma.UmaPermission)
IOException(java.io.IOException)
IOException(java.io.IOException)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Example 8 with PermissionTicket
use of org.xdi.oxauth.model.uma.PermissionTicket in project oxAuth by GluuFederation.
the class RegisterPermissionWSTest method testRegisterPermission.
@Test(dependsOnMethods = { "init" })
@Parameters({ "umaAmHost", "umaHost" })
public void testRegisterPermission(final String umaAmHost, String umaHost) throws Exception {
final UmaPermission r = new UmaPermission();
r.setResourceSetId(resourceSet.getId());
r.setScopes(Arrays.asList("http://photoz.example.com/dev/scopes/view"));
final PermissionTicket ticket = TUma.registerPermission(url, pat, umaAmHost, umaHost, r, umaPermissionPath);
UmaTestUtil.assert_(ticket);
}
Also used :
PermissionTicket(org.xdi.oxauth.model.uma.PermissionTicket)
UmaPermission(org.xdi.oxauth.model.uma.UmaPermission)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Example 9 with PermissionTicket
use of org.xdi.oxauth.model.uma.PermissionTicket in project oxTrust by GluuFederation.
the class UmaPermissionService method registerResourcePermission.
public String registerResourcePermission(Token patToken, String resourceId, List<String> scopeIds) {
UmaPermission permission = new UmaPermission();
permission.setResourceId(resourceId);
permission.setScopes(scopeIds);
PermissionTicket ticket = permissionService.registerPermission("Bearer " + patToken.getAccessToken(), UmaPermissionList.instance(permission));
if (ticket == null) {
return null;
}
return ticket.getTicket();
}
Also used :
PermissionTicket(org.xdi.oxauth.model.uma.PermissionTicket)
UmaPermission(org.xdi.oxauth.model.uma.UmaPermission)
Aggregations
PermissionTicket (org.xdi.oxauth.model.uma.PermissionTicket)9
UmaPermission (org.xdi.oxauth.model.uma.UmaPermission)6
Response (javax.ws.rs.core.Response)3
ClientResponseFailure (org.jboss.resteasy.client.ClientResponseFailure)3
Parameters (org.testng.annotations.Parameters)3
Test (org.testng.annotations.Test)3
BaseTest (org.xdi.oxauth.BaseTest)3
MalformedURLException (java.net.MalformedURLException)2
PermissionRegistrationService (org.xdi.oxauth.client.uma.PermissionRegistrationService)2
ApiOperation (com.wordnik.swagger.annotations.ApiOperation)1
ApiResponses (com.wordnik.swagger.annotations.ApiResponses)1
IOException (java.io.IOException)1
Consumes (javax.ws.rs.Consumes)1
POST (javax.ws.rs.POST)1
Produces (javax.ws.rs.Produces)1
WebApplicationException (javax.ws.rs.WebApplicationException)1
Builder (javax.ws.rs.client.Invocation.Builder)1
HttpResponse (org.apache.http.HttpResponse)1
ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)1
ResourceSetResponse (org.xdi.oxauth.model.uma.ResourceSetResponse)1
