Examples with RptAuthorizationResponse org.xdi.oxauth.model.uma.RptAuthorizationResponse used on opensource projects

Example 1 with RptAuthorizationResponse

use of org.xdi.oxauth.model.uma.RptAuthorizationResponse in project oxAuth by GluuFederation.

the class RptPermissionAuthorizationWS method requestRptPermissionAuthorization.

@POST
@Consumes({ UmaConstants.JSON_MEDIA_TYPE })
@Produces({ UmaConstants.JSON_MEDIA_TYPE })
public Response requestRptPermissionAuthorization(@HeaderParam("Authorization") String authorization, @HeaderParam("Host") String amHost, RptAuthorizationRequest rptAuthorizationRequest, @Context HttpServletRequest httpRequest) {
    try {
        final AuthorizationGrant grant = umaValidationService.assertHasAuthorizationScope(authorization);
        final String validatedAmHost = umaValidationService.validateAmHost(amHost);
        final UmaRPT rpt = authorizeRptPermission(authorization, rptAuthorizationRequest, httpRequest, grant, validatedAmHost);
        // convert manually to avoid possible conflict between resteasy providers, e.g. jettison, jackson
        return Response.ok(ServerUtil.asJson(new RptAuthorizationResponse(rpt.getCode()))).build();
    } catch (Exception ex) {
        log.error("Exception happened", ex);
        if (ex instanceof WebApplicationException) {
            throw (WebApplicationException) ex;
        }
        throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(errorResponseFactory.getUmaJsonErrorResponse(UmaErrorResponseType.SERVER_ERROR)).build());
    }
}

Example 2 with RptAuthorizationResponse

use of org.xdi.oxauth.model.uma.RptAuthorizationResponse in project oxAuth by GluuFederation.

the class TrustElevationHttpTest method trustElevation.

@Test
@Parameters({ "umaMetaDataUrl", "umaAmHost", "umaPatClientId", "umaPatClientSecret", "umaAatClientId", "umaAatClientSecret" })
public void trustElevation(final String umaMetaDataUrl, final String umaAmHost, final String umaPatClientId, final String umaPatClientSecret, final String umaAatClientId, final String umaAatClientSecret) throws Exception {
    this.metadataConfiguration = UmaClientFactory.instance().createMetaDataConfigurationService(umaMetaDataUrl).getMetadataConfiguration();
    UmaTestUtil.assert_(this.metadataConfiguration);
    this.umaObtainRptTokenFlowHttpTest = new ObtainRptTokenFlowHttpTest(this.metadataConfiguration);
    this.umaRegisterResourceSetFlowHttpTest = new RegisterResourceSetFlowHttpTest(this.metadataConfiguration);
    this.umaRegisterResourceSetPermissionFlowHttpTest = new RegisterResourceSetPermissionFlowHttpTest(this.metadataConfiguration);
    this.rptStatusService = UmaClientFactory.instance().createRptStatusService(metadataConfiguration);
    this.rptPermissionAuthorizationService = UmaClientFactory.instance().createAuthorizationRequestService(metadataConfiguration);
    m_pat = UmaClient.requestPat(tokenEndpoint, umaPatClientId, umaPatClientSecret);
    m_aat = UmaClient.requestAat(tokenEndpoint, umaAatClientId, umaAatClientSecret);
    UmaTestUtil.assert_(m_pat);
    UmaTestUtil.assert_(m_aat);
    final List<String> rsScopes = Arrays.asList("http://gluu.example.com/dev/scopes/view", "http://gluu.example.com/dev/scopes/all");
    this.umaRegisterResourceSetFlowHttpTest.m_pat = m_pat;
    final String resourceId = this.umaRegisterResourceSetFlowHttpTest.registerResourceSet(rsScopes);
    this.umaObtainRptTokenFlowHttpTest.m_aat = this.m_aat;
    this.umaObtainRptTokenFlowHttpTest.testObtainRptTokenFlow(umaAmHost);
    this.umaRegisterResourceSetPermissionFlowHttpTest.umaRegisterResourceSetFlowHttpTest = umaRegisterResourceSetFlowHttpTest;
    this.umaRegisterResourceSetPermissionFlowHttpTest.registerResourceSetPermission(umaAmHost, resourceId, rsScopes);
    RptIntrospectionResponse rptStatus = this.rptStatusService.requestRptStatus("Bearer " + m_pat.getAccessToken(), this.umaObtainRptTokenFlowHttpTest.rptToken, "");
    RptAuthorizationRequest rptAuthorizationRequest = new RptAuthorizationRequest(this.umaObtainRptTokenFlowHttpTest.rptToken, umaRegisterResourceSetPermissionFlowHttpTest.ticketForFullAccess);
    try {
        RptAuthorizationResponse authorizationResponse = this.rptPermissionAuthorizationService.requestRptPermissionAuthorization("Bearer " + m_aat.getAccessToken(), umaAmHost, rptAuthorizationRequest);
    } catch (ClientResponseFailure ex) {
        System.err.println(ex.getResponse().getEntity(String.class));
        throw ex;
    }
    rptStatus = this.rptStatusService.requestRptStatus("Bearer " + m_pat.getAccessToken(), this.umaObtainRptTokenFlowHttpTest.rptToken, "");
}

Example 3 with RptAuthorizationResponse

use of org.xdi.oxauth.model.uma.RptAuthorizationResponse in project oxAuth by GluuFederation.

the class AccessProtectedResourceFlowHttpTest method testRequesterAsksForAuthorization.

//** 4 ******************************************************************************
/**
     * Authorize requester to access resource set
     */
@Test(dependsOnMethods = { "testHostReturnTicketToRequester" })
@Parameters({ "umaAmHost" })
public void testRequesterAsksForAuthorization(final String umaAmHost) throws Exception {
    showTitle("testRequesterAsksForAuthorization");
    // Authorize RPT token to access permission ticket
    RptAuthorizationResponse authorizationResponse = null;
    try {
        RptAuthorizationRequest rptAuthorizationRequest = new RptAuthorizationRequest(this.umaObtainRptTokenFlowHttpTest.rptToken, umaRegisterResourceSetPermissionFlowHttpTest.ticketForFullAccess);
        authorizationResponse = this.rptPermissionAuthorizationService.requestRptPermissionAuthorization("Bearer " + m_aat.getAccessToken(), umaAmHost, rptAuthorizationRequest);
    } catch (ClientResponseFailure ex) {
        System.err.println(ex.getResponse().getEntity(String.class));
        throw ex;
    }
    UmaTestUtil.assertAuthorizationRequest(authorizationResponse);
}

Example 4 with RptAuthorizationResponse

use of org.xdi.oxauth.model.uma.RptAuthorizationResponse in project oxAuth by GluuFederation.

the class GatFlowHttpTest method testRequesterAsksForAuthorization.

//** 4 ******************************************************************************
/**
     * Authorize requester to access resource set
     */
@Test(dependsOnMethods = { "testHostReturnTicketToRequester" })
@Parameters({ "umaAmHost" })
public void testRequesterAsksForAuthorization(final String umaAmHost) throws Exception {
    showTitle("testRequesterAsksForAuthorization");
    // Authorize GAT to access permission ticket
    RptAuthorizationResponse authorizationResponse = null;
    try {
        RptAuthorizationRequest rptAuthorizationRequest = new RptAuthorizationRequest(gat, umaRegisterResourceSetPermissionFlowHttpTest.ticketForFullAccess);
        authorizationResponse = this.authorizationService.requestRptPermissionAuthorization("Bearer " + aat.getAccessToken(), umaAmHost, rptAuthorizationRequest);
    } catch (ClientResponseFailure ex) {
        System.err.println(ex.getResponse().getEntity(String.class));
        throw ex;
    }
    UmaTestUtil.assertAuthorizationRequest(authorizationResponse);
}

Example 5 with RptAuthorizationResponse

use of org.xdi.oxauth.model.uma.RptAuthorizationResponse in project oxAuth by GluuFederation.

the class AccessProtectedResourceFlowWSTest method _5_authorizePermission.

@Test(dependsOnMethods = { "_4_registerPermissionForRpt" })
@Parameters({ "umaPermissionAuthorizationPath", "umaAmHost" })
public void _5_authorizePermission(String umaPermissionAuthorizationPath, String umaAmHost) {
    final RptAuthorizationRequest request = new RptAuthorizationRequest();
    request.setRpt(rpt.getRpt());
    request.setTicket(ticket.getTicket());
    request.setClaims(new ClaimTokenList().addToken(new ClaimToken("clientClaim", "clientValue")));
    final RptAuthorizationResponse response = TUma.requestAuthorization(url, umaPermissionAuthorizationPath, umaAmHost, aat, request);
    assertNotNull(response, "Token response status is null");
}