Search in sources :

Example 1 with RptAuthorizationResponse

use of org.xdi.oxauth.model.uma.RptAuthorizationResponse in project oxAuth by GluuFederation.

the class RptPermissionAuthorizationWS method requestRptPermissionAuthorization.

@POST
@Consumes({ UmaConstants.JSON_MEDIA_TYPE })
@Produces({ UmaConstants.JSON_MEDIA_TYPE })
public Response requestRptPermissionAuthorization(@HeaderParam("Authorization") String authorization, @HeaderParam("Host") String amHost, RptAuthorizationRequest rptAuthorizationRequest, @Context HttpServletRequest httpRequest) {
    try {
        final AuthorizationGrant grant = umaValidationService.assertHasAuthorizationScope(authorization);
        final String validatedAmHost = umaValidationService.validateAmHost(amHost);
        final UmaRPT rpt = authorizeRptPermission(authorization, rptAuthorizationRequest, httpRequest, grant, validatedAmHost);
        // convert manually to avoid possible conflict between resteasy providers, e.g. jettison, jackson
        return Response.ok(ServerUtil.asJson(new RptAuthorizationResponse(rpt.getCode()))).build();
    } catch (Exception ex) {
        log.error("Exception happened", ex);
        if (ex instanceof WebApplicationException) {
            throw (WebApplicationException) ex;
        }
        throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(errorResponseFactory.getUmaJsonErrorResponse(UmaErrorResponseType.SERVER_ERROR)).build());
    }
}
Also used : UmaRPT(org.xdi.oxauth.model.common.uma.UmaRPT) RptAuthorizationResponse(org.xdi.oxauth.model.uma.RptAuthorizationResponse) WebApplicationException(javax.ws.rs.WebApplicationException) AuthorizationGrant(org.xdi.oxauth.model.common.AuthorizationGrant) WebApplicationException(javax.ws.rs.WebApplicationException) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces)

Example 2 with RptAuthorizationResponse

use of org.xdi.oxauth.model.uma.RptAuthorizationResponse in project oxAuth by GluuFederation.

the class TrustElevationHttpTest method trustElevation.

@Test
@Parameters({ "umaMetaDataUrl", "umaAmHost", "umaPatClientId", "umaPatClientSecret", "umaAatClientId", "umaAatClientSecret" })
public void trustElevation(final String umaMetaDataUrl, final String umaAmHost, final String umaPatClientId, final String umaPatClientSecret, final String umaAatClientId, final String umaAatClientSecret) throws Exception {
    this.metadataConfiguration = UmaClientFactory.instance().createMetaDataConfigurationService(umaMetaDataUrl).getMetadataConfiguration();
    UmaTestUtil.assert_(this.metadataConfiguration);
    this.umaObtainRptTokenFlowHttpTest = new ObtainRptTokenFlowHttpTest(this.metadataConfiguration);
    this.umaRegisterResourceSetFlowHttpTest = new RegisterResourceSetFlowHttpTest(this.metadataConfiguration);
    this.umaRegisterResourceSetPermissionFlowHttpTest = new RegisterResourceSetPermissionFlowHttpTest(this.metadataConfiguration);
    this.rptStatusService = UmaClientFactory.instance().createRptStatusService(metadataConfiguration);
    this.rptPermissionAuthorizationService = UmaClientFactory.instance().createAuthorizationRequestService(metadataConfiguration);
    m_pat = UmaClient.requestPat(tokenEndpoint, umaPatClientId, umaPatClientSecret);
    m_aat = UmaClient.requestAat(tokenEndpoint, umaAatClientId, umaAatClientSecret);
    UmaTestUtil.assert_(m_pat);
    UmaTestUtil.assert_(m_aat);
    final List<String> rsScopes = Arrays.asList("http://gluu.example.com/dev/scopes/view", "http://gluu.example.com/dev/scopes/all");
    this.umaRegisterResourceSetFlowHttpTest.m_pat = m_pat;
    final String resourceId = this.umaRegisterResourceSetFlowHttpTest.registerResourceSet(rsScopes);
    this.umaObtainRptTokenFlowHttpTest.m_aat = this.m_aat;
    this.umaObtainRptTokenFlowHttpTest.testObtainRptTokenFlow(umaAmHost);
    this.umaRegisterResourceSetPermissionFlowHttpTest.umaRegisterResourceSetFlowHttpTest = umaRegisterResourceSetFlowHttpTest;
    this.umaRegisterResourceSetPermissionFlowHttpTest.registerResourceSetPermission(umaAmHost, resourceId, rsScopes);
    RptIntrospectionResponse rptStatus = this.rptStatusService.requestRptStatus("Bearer " + m_pat.getAccessToken(), this.umaObtainRptTokenFlowHttpTest.rptToken, "");
    RptAuthorizationRequest rptAuthorizationRequest = new RptAuthorizationRequest(this.umaObtainRptTokenFlowHttpTest.rptToken, umaRegisterResourceSetPermissionFlowHttpTest.ticketForFullAccess);
    try {
        RptAuthorizationResponse authorizationResponse = this.rptPermissionAuthorizationService.requestRptPermissionAuthorization("Bearer " + m_aat.getAccessToken(), umaAmHost, rptAuthorizationRequest);
    } catch (ClientResponseFailure ex) {
        System.err.println(ex.getResponse().getEntity(String.class));
        throw ex;
    }
    rptStatus = this.rptStatusService.requestRptStatus("Bearer " + m_pat.getAccessToken(), this.umaObtainRptTokenFlowHttpTest.rptToken, "");
}
Also used : RptIntrospectionResponse(org.xdi.oxauth.model.uma.RptIntrospectionResponse) RptAuthorizationResponse(org.xdi.oxauth.model.uma.RptAuthorizationResponse) RptAuthorizationRequest(org.xdi.oxauth.model.uma.RptAuthorizationRequest) ClientResponseFailure(org.jboss.resteasy.client.ClientResponseFailure) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 3 with RptAuthorizationResponse

use of org.xdi.oxauth.model.uma.RptAuthorizationResponse in project oxAuth by GluuFederation.

the class AccessProtectedResourceFlowHttpTest method testRequesterAsksForAuthorization.

//** 4 ******************************************************************************
/**
     * Authorize requester to access resource set
     */
@Test(dependsOnMethods = { "testHostReturnTicketToRequester" })
@Parameters({ "umaAmHost" })
public void testRequesterAsksForAuthorization(final String umaAmHost) throws Exception {
    showTitle("testRequesterAsksForAuthorization");
    // Authorize RPT token to access permission ticket
    RptAuthorizationResponse authorizationResponse = null;
    try {
        RptAuthorizationRequest rptAuthorizationRequest = new RptAuthorizationRequest(this.umaObtainRptTokenFlowHttpTest.rptToken, umaRegisterResourceSetPermissionFlowHttpTest.ticketForFullAccess);
        authorizationResponse = this.rptPermissionAuthorizationService.requestRptPermissionAuthorization("Bearer " + m_aat.getAccessToken(), umaAmHost, rptAuthorizationRequest);
    } catch (ClientResponseFailure ex) {
        System.err.println(ex.getResponse().getEntity(String.class));
        throw ex;
    }
    UmaTestUtil.assertAuthorizationRequest(authorizationResponse);
}
Also used : RptAuthorizationResponse(org.xdi.oxauth.model.uma.RptAuthorizationResponse) RptAuthorizationRequest(org.xdi.oxauth.model.uma.RptAuthorizationRequest) ClientResponseFailure(org.jboss.resteasy.client.ClientResponseFailure) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 4 with RptAuthorizationResponse

use of org.xdi.oxauth.model.uma.RptAuthorizationResponse in project oxAuth by GluuFederation.

the class GatFlowHttpTest method testRequesterAsksForAuthorization.

//** 4 ******************************************************************************
/**
     * Authorize requester to access resource set
     */
@Test(dependsOnMethods = { "testHostReturnTicketToRequester" })
@Parameters({ "umaAmHost" })
public void testRequesterAsksForAuthorization(final String umaAmHost) throws Exception {
    showTitle("testRequesterAsksForAuthorization");
    // Authorize GAT to access permission ticket
    RptAuthorizationResponse authorizationResponse = null;
    try {
        RptAuthorizationRequest rptAuthorizationRequest = new RptAuthorizationRequest(gat, umaRegisterResourceSetPermissionFlowHttpTest.ticketForFullAccess);
        authorizationResponse = this.authorizationService.requestRptPermissionAuthorization("Bearer " + aat.getAccessToken(), umaAmHost, rptAuthorizationRequest);
    } catch (ClientResponseFailure ex) {
        System.err.println(ex.getResponse().getEntity(String.class));
        throw ex;
    }
    UmaTestUtil.assertAuthorizationRequest(authorizationResponse);
}
Also used : RptAuthorizationResponse(org.xdi.oxauth.model.uma.RptAuthorizationResponse) RptAuthorizationRequest(org.xdi.oxauth.model.uma.RptAuthorizationRequest) ClientResponseFailure(org.jboss.resteasy.client.ClientResponseFailure) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 5 with RptAuthorizationResponse

use of org.xdi.oxauth.model.uma.RptAuthorizationResponse in project oxAuth by GluuFederation.

the class AccessProtectedResourceFlowWSTest method _5_authorizePermission.

@Test(dependsOnMethods = { "_4_registerPermissionForRpt" })
@Parameters({ "umaPermissionAuthorizationPath", "umaAmHost" })
public void _5_authorizePermission(String umaPermissionAuthorizationPath, String umaAmHost) {
    final RptAuthorizationRequest request = new RptAuthorizationRequest();
    request.setRpt(rpt.getRpt());
    request.setTicket(ticket.getTicket());
    request.setClaims(new ClaimTokenList().addToken(new ClaimToken("clientClaim", "clientValue")));
    final RptAuthorizationResponse response = TUma.requestAuthorization(url, umaPermissionAuthorizationPath, umaAmHost, aat, request);
    assertNotNull(response, "Token response status is null");
}
Also used : RptAuthorizationResponse(org.xdi.oxauth.model.uma.RptAuthorizationResponse) RptAuthorizationRequest(org.xdi.oxauth.model.uma.RptAuthorizationRequest) ClaimToken(org.xdi.oxauth.model.uma.ClaimToken) ClaimTokenList(org.xdi.oxauth.model.uma.ClaimTokenList) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Aggregations

RptAuthorizationResponse (org.xdi.oxauth.model.uma.RptAuthorizationResponse)6 Parameters (org.testng.annotations.Parameters)5 Test (org.testng.annotations.Test)5 BaseTest (org.xdi.oxauth.BaseTest)5 RptAuthorizationRequest (org.xdi.oxauth.model.uma.RptAuthorizationRequest)5 ClientResponseFailure (org.jboss.resteasy.client.ClientResponseFailure)3 ClaimToken (org.xdi.oxauth.model.uma.ClaimToken)2 ClaimTokenList (org.xdi.oxauth.model.uma.ClaimTokenList)2 Consumes (javax.ws.rs.Consumes)1 POST (javax.ws.rs.POST)1 Produces (javax.ws.rs.Produces)1 WebApplicationException (javax.ws.rs.WebApplicationException)1 AuthorizationGrant (org.xdi.oxauth.model.common.AuthorizationGrant)1 UmaRPT (org.xdi.oxauth.model.common.uma.UmaRPT)1 RptIntrospectionResponse (org.xdi.oxauth.model.uma.RptIntrospectionResponse)1