use of org.xdi.oxauth.model.uma.wrapper.Token in project oxAuth by GluuFederation.
the class IntrospectionWsHttpTest method test.
@Test
@Parameters({ "umaPatClientId", "umaPatClientSecret", "umaAatClientId", "umaAatClientSecret" })
public void test(final String umaPatClientId, final String umaPatClientSecret, final String umaAatClientId, final String umaAatClientSecret) throws Exception {
final Token authorization = UmaClient.requestPat(tokenEndpoint, umaPatClientId, umaPatClientSecret);
final Token tokenToIntrospect = UmaClient.requestAat(tokenEndpoint, umaAatClientId, umaAatClientSecret);
final IntrospectionService introspectionService = ClientFactory.instance().createIntrospectionService(introspectionEndpoint);
final IntrospectionResponse introspectionResponse = introspectionService.introspectToken("Bearer " + authorization.getAccessToken(), tokenToIntrospect.getAccessToken());
Assert.assertTrue(introspectionResponse != null && introspectionResponse.isActive());
}
use of org.xdi.oxauth.model.uma.wrapper.Token in project oxTrust by GluuFederation.
the class BaseScimWebService method processAuthorization.
protected Response processAuthorization(String authorization) throws Exception {
boolean authorized = getAuthorizedUser();
if (!authorized) {
if (!scimUmaProtectionService.isEnabled()) {
log.info("UMA authentication is disabled");
return getErrorResponse(Response.Status.FORBIDDEN, "User isn't authorized");
}
Token patToken = scimUmaProtectionService.getPatToken();
Pair<Boolean, Response> rptTokenValidationResult = umaPermissionService.validateRptToken(patToken, authorization, scimUmaProtectionService.getUmaResourceId(), scimUmaProtectionService.getUmaScope());
if (rptTokenValidationResult.getFirst()) {
if (rptTokenValidationResult.getSecond() != null) {
return rptTokenValidationResult.getSecond();
}
} else {
return getErrorResponse(Response.Status.FORBIDDEN, "User isn't authorized");
}
}
return null;
}
use of org.xdi.oxauth.model.uma.wrapper.Token in project oxAuth by GluuFederation.
the class ObtainAatWSTest method requestNewAatByRefreshTokne.
@Test(dependsOnMethods = "requestAat")
@Parameters({ "tokenPath", "umaAatClientId", "umaAatClientSecret" })
public void requestNewAatByRefreshTokne(String tokenPath, String umaAatClientId, String umaAatClientSecret) {
final Token newAat = TUma.newTokenByRefreshToken(url, tokenPath, aat, umaAatClientId, umaAatClientSecret);
UmaTestUtil.assert_(newAat);
}
use of org.xdi.oxauth.model.uma.wrapper.Token in project oxAuth by GluuFederation.
the class TTokenRequest method newTokenByRefreshToken.
public Token newTokenByRefreshToken(final String tokenPath, final Token p_oldToken, final String umaClientId, final String umaClientSecret) {
if (p_oldToken == null || StringUtils.isBlank(p_oldToken.getRefreshToken()) || StringUtils.isBlank(tokenPath)) {
throw new IllegalArgumentException("Refresh token or tokenPath is empty.");
}
final Holder<Token> t = new Holder<Token>();
try {
TokenRequest tokenRequest = new TokenRequest(GrantType.REFRESH_TOKEN);
tokenRequest.setAuthUsername(umaClientId);
tokenRequest.setAuthPassword(umaClientSecret);
tokenRequest.setRefreshToken(p_oldToken.getRefreshToken());
tokenRequest.setScope(p_oldToken.getScope());
Builder request = ResteasyClientBuilder.newClient().target(baseUri.toString() + tokenPath).request();
request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
String entity = response.readEntity(String.class);
BaseTest.showResponse("TTokenClient.requestToken() :", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code.");
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
assertTrue(jsonObj.has("refresh_token"), "Unexpected result: refresh_token not found");
// assertTrue(jsonObj.has("id_token"), "Unexpected result:
// id_token not found");
String accessToken = jsonObj.getString("access_token");
String refreshToken = jsonObj.getString("refresh_token");
// String idToken = jsonObj.getString("id_token");
final Token newToken = new Token();
newToken.setAccessToken(accessToken);
newToken.setRefreshToken(refreshToken);
t.setT(newToken);
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
} catch (Exception e) {
e.printStackTrace();
fail(e.getMessage());
}
} catch (Exception e) {
e.printStackTrace();
fail();
}
return t.getT();
}
use of org.xdi.oxauth.model.uma.wrapper.Token in project oxTrust by GluuFederation.
the class BaseUmaProtectionService method processUmaAuthorization.
Response processUmaAuthorization(String authorization, ResourceInfo resourceInfo) throws Exception {
List<String> scopes = getRequestedScopes(resourceInfo);
Token patToken = null;
try {
patToken = getPatToken();
} catch (UmaProtectionException ex) {
return getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Failed to obtain PAT token");
}
Pair<Boolean, Response> rptTokenValidationResult;
if (scopes.isEmpty()) {
rptTokenValidationResult = umaPermissionService.validateRptToken(patToken, authorization, getUmaResourceId(), scopes);
} else {
rptTokenValidationResult = umaPermissionService.validateRptToken(patToken, authorization, getUmaResourceId(), getUmaScope());
}
if (rptTokenValidationResult.getFirst()) {
if (rptTokenValidationResult.getSecond() != null) {
return rptTokenValidationResult.getSecond();
}
} else {
return getErrorResponse(Response.Status.UNAUTHORIZED, "Invalid GAT/RPT token");
}
return null;
}
Aggregations