Examples with Token org.xdi.oxauth.model.uma.wrapper.Token used on opensource projects

Search in sources :

Example 6 with Token

use of org.xdi.oxauth.model.uma.wrapper.Token in project oxAuth by GluuFederation.

the class IntrospectionWsHttpTest method test.

@Test
@Parameters({ "umaPatClientId", "umaPatClientSecret", "umaAatClientId", "umaAatClientSecret" })
public void test(final String umaPatClientId, final String umaPatClientSecret, final String umaAatClientId, final String umaAatClientSecret) throws Exception {
    final Token authorization = UmaClient.requestPat(tokenEndpoint, umaPatClientId, umaPatClientSecret);
    final Token tokenToIntrospect = UmaClient.requestAat(tokenEndpoint, umaAatClientId, umaAatClientSecret);
    final IntrospectionService introspectionService = ClientFactory.instance().createIntrospectionService(introspectionEndpoint);
    final IntrospectionResponse introspectionResponse = introspectionService.introspectToken("Bearer " + authorization.getAccessToken(), tokenToIntrospect.getAccessToken());
    Assert.assertTrue(introspectionResponse != null && introspectionResponse.isActive());
}
Also used : IntrospectionResponse(org.xdi.oxauth.model.common.IntrospectionResponse) IntrospectionService(org.xdi.oxauth.client.service.IntrospectionService) Token(org.xdi.oxauth.model.uma.wrapper.Token) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 7 with Token

use of org.xdi.oxauth.model.uma.wrapper.Token in project oxTrust by GluuFederation.

the class BaseScimWebService method processAuthorization.

protected Response processAuthorization(String authorization) throws Exception {
    boolean authorized = getAuthorizedUser();
    if (!authorized) {
        if (!scimUmaProtectionService.isEnabled()) {
            log.info("UMA authentication is disabled");
            return getErrorResponse(Response.Status.FORBIDDEN, "User isn't authorized");
        }
        Token patToken = scimUmaProtectionService.getPatToken();
        Pair<Boolean, Response> rptTokenValidationResult = umaPermissionService.validateRptToken(patToken, authorization, scimUmaProtectionService.getUmaResourceId(), scimUmaProtectionService.getUmaScope());
        if (rptTokenValidationResult.getFirst()) {
            if (rptTokenValidationResult.getSecond() != null) {
                return rptTokenValidationResult.getSecond();
            }
        } else {
            return getErrorResponse(Response.Status.FORBIDDEN, "User isn't authorized");
        }
    }
    return null;
}
Also used : VirtualListViewResponse(org.xdi.ldap.model.VirtualListViewResponse) Response(javax.ws.rs.core.Response) ErrorResponse(org.gluu.oxtrust.model.scim2.ErrorResponse) Token(org.xdi.oxauth.model.uma.wrapper.Token) GluuBoolean(org.xdi.ldap.model.GluuBoolean)

Example 8 with Token

use of org.xdi.oxauth.model.uma.wrapper.Token in project oxAuth by GluuFederation.

the class ObtainAatWSTest method requestNewAatByRefreshTokne.

@Test(dependsOnMethods = "requestAat")
@Parameters({ "tokenPath", "umaAatClientId", "umaAatClientSecret" })
public void requestNewAatByRefreshTokne(String tokenPath, String umaAatClientId, String umaAatClientSecret) {
    final Token newAat = TUma.newTokenByRefreshToken(url, tokenPath, aat, umaAatClientId, umaAatClientSecret);
    UmaTestUtil.assert_(newAat);
}
Also used : Token(org.xdi.oxauth.model.uma.wrapper.Token) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 9 with Token

use of org.xdi.oxauth.model.uma.wrapper.Token in project oxAuth by GluuFederation.

the class TTokenRequest method newTokenByRefreshToken.

public Token newTokenByRefreshToken(final String tokenPath, final Token p_oldToken, final String umaClientId, final String umaClientSecret) {
    if (p_oldToken == null || StringUtils.isBlank(p_oldToken.getRefreshToken()) || StringUtils.isBlank(tokenPath)) {
        throw new IllegalArgumentException("Refresh token or tokenPath is empty.");
    }
    final Holder<Token> t = new Holder<Token>();
    try {
        TokenRequest tokenRequest = new TokenRequest(GrantType.REFRESH_TOKEN);
        tokenRequest.setAuthUsername(umaClientId);
        tokenRequest.setAuthPassword(umaClientSecret);
        tokenRequest.setRefreshToken(p_oldToken.getRefreshToken());
        tokenRequest.setScope(p_oldToken.getScope());
        Builder request = ResteasyClientBuilder.newClient().target(baseUri.toString() + tokenPath).request();
        request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
        Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
        String entity = response.readEntity(String.class);
        BaseTest.showResponse("TTokenClient.requestToken() :", response, entity);
        assertEquals(response.getStatus(), 200, "Unexpected response code.");
        try {
            JSONObject jsonObj = new JSONObject(entity);
            assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
            assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
            assertTrue(jsonObj.has("refresh_token"), "Unexpected result: refresh_token not found");
            // assertTrue(jsonObj.has("id_token"), "Unexpected result:
            // id_token not found");
            String accessToken = jsonObj.getString("access_token");
            String refreshToken = jsonObj.getString("refresh_token");
            // String idToken = jsonObj.getString("id_token");
            final Token newToken = new Token();
            newToken.setAccessToken(accessToken);
            newToken.setRefreshToken(refreshToken);
            t.setT(newToken);
        } catch (JSONException e) {
            e.printStackTrace();
            fail(e.getMessage() + "\nResponse was: " + entity);
        } catch (Exception e) {
            e.printStackTrace();
            fail(e.getMessage());
        }
    } catch (Exception e) {
        e.printStackTrace();
        fail();
    }
    return t.getT();
}
Also used : Response(javax.ws.rs.core.Response) MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) JSONObject(org.codehaus.jettison.json.JSONObject) Holder(org.xdi.oxauth.model.common.Holder) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) TokenRequest(org.xdi.oxauth.client.TokenRequest) JSONException(org.codehaus.jettison.json.JSONException) Token(org.xdi.oxauth.model.uma.wrapper.Token) IOException(java.io.IOException) JSONException(org.codehaus.jettison.json.JSONException)

Example 10 with Token

use of org.xdi.oxauth.model.uma.wrapper.Token in project oxTrust by GluuFederation.

the class BaseUmaProtectionService method processUmaAuthorization.

Response processUmaAuthorization(String authorization, ResourceInfo resourceInfo) throws Exception {
    List<String> scopes = getRequestedScopes(resourceInfo);
    Token patToken = null;
    try {
        patToken = getPatToken();
    } catch (UmaProtectionException ex) {
        return getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Failed to obtain PAT token");
    }
    Pair<Boolean, Response> rptTokenValidationResult;
    if (scopes.isEmpty()) {
        rptTokenValidationResult = umaPermissionService.validateRptToken(patToken, authorization, getUmaResourceId(), scopes);
    } else {
        rptTokenValidationResult = umaPermissionService.validateRptToken(patToken, authorization, getUmaResourceId(), getUmaScope());
    }
    if (rptTokenValidationResult.getFirst()) {
        if (rptTokenValidationResult.getSecond() != null) {
            return rptTokenValidationResult.getSecond();
        }
    } else {
        return getErrorResponse(Response.Status.UNAUTHORIZED, "Invalid GAT/RPT token");
    }
    return null;
}
Also used : Response(javax.ws.rs.core.Response) UmaProtectionException(org.gluu.oxtrust.exception.UmaProtectionException) Token(org.xdi.oxauth.model.uma.wrapper.Token)

Aggregations

Token (org.xdi.oxauth.model.uma.wrapper.Token)10 Response (javax.ws.rs.core.Response)5 Parameters (org.testng.annotations.Parameters)3 Test (org.testng.annotations.Test)3 BaseTest (org.xdi.oxauth.BaseTest)3 UmaProtectionException (org.gluu.oxtrust.exception.UmaProtectionException)2 GluuBoolean (org.xdi.ldap.model.GluuBoolean)2 VirtualListViewResponse (org.xdi.ldap.model.VirtualListViewResponse)2 TokenClient (org.xdi.oxauth.client.TokenClient)2 TokenResponse (org.xdi.oxauth.client.TokenResponse)2 IOException (java.io.IOException)1 Builder (javax.ws.rs.client.Invocation.Builder)1 MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)1 JSONException (org.codehaus.jettison.json.JSONException)1 JSONObject (org.codehaus.jettison.json.JSONObject)1 PassportConfigResponse (org.gluu.oxtrust.model.passport.PassportConfigResponse)1 ErrorResponse (org.gluu.oxtrust.model.scim2.ErrorResponse)1 ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)1 TokenRequest (org.xdi.oxauth.client.TokenRequest)1 IntrospectionService (org.xdi.oxauth.client.service.IntrospectionService)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial