Java Code Examples for org.apache.cxf.rs.security.oauth2.common.Client#setRegisteredAt()

The following examples show how to use org.apache.cxf.rs.security.oauth2.common.Client#setRegisteredAt() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DynamicRegistrationService.java    From cxf with Apache License 2.0 4 votes vote down vote up 
protected Client createNewClient(ClientRegistration request) {
    // Client ID
    String clientId = generateClientId();

    // Client Name
    String clientName = request.getClientName();
    if (StringUtils.isEmpty(clientName)) {
        clientName = clientId;
    }

    List<String> grantTypes = request.getGrantTypes();
    if (grantTypes == null) {
        grantTypes = Collections.singletonList(OAuthConstants.AUTHORIZATION_CODE_GRANT);
    }

    String tokenEndpointAuthMethod = request.getTokenEndpointAuthMethod();
    //TODO: default is expected to be set to OAuthConstants.TOKEN_ENDPOINT_AUTH_BASIC

    boolean passwordRequired = isPasswordRequired(grantTypes, tokenEndpointAuthMethod);

    // Application Type
    // https://tools.ietf.org/html/rfc7591 has no this property but
    // but http://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata does
    String appType = request.getApplicationType();
    if (appType == null) {
        appType = DEFAULT_APPLICATION_TYPE;
    }
    boolean isConfidential = DEFAULT_APPLICATION_TYPE.equals(appType)
        && (passwordRequired
            || OAuthConstants.TOKEN_ENDPOINT_AUTH_TLS.equals(tokenEndpointAuthMethod));

    // Client Secret
    String clientSecret = passwordRequired ? generateClientSecret(request) : null;

    Client newClient = new Client(clientId, clientSecret, isConfidential, clientName);

    newClient.setAllowedGrantTypes(grantTypes);

    newClient.setTokenEndpointAuthMethod(tokenEndpointAuthMethod);
    if (OAuthConstants.TOKEN_ENDPOINT_AUTH_TLS.equals(tokenEndpointAuthMethod)) {
        String subjectDn = (String)request.getProperty(OAuthConstants.TLS_CLIENT_AUTH_SUBJECT_DN);
        if (subjectDn != null) {
            newClient.getProperties().put(OAuthConstants.TLS_CLIENT_AUTH_SUBJECT_DN, subjectDn);
        }
        String issuerDn = (String)request.getProperty(OAuthConstants.TLS_CLIENT_AUTH_ISSUER_DN);
        if (issuerDn != null) {
            newClient.getProperties().put(OAuthConstants.TLS_CLIENT_AUTH_ISSUER_DN, issuerDn);
        }
    }
    // Client Registration Time
    newClient.setRegisteredAt(System.currentTimeMillis() / 1000L);

    fromClientRegistrationToClient(request, newClient);

    SecurityContext sc = mc.getSecurityContext();
    if (sc != null && sc.getUserPrincipal() != null && sc.getUserPrincipal().getName() != null) {
        UserSubject subject = new UserSubject(sc.getUserPrincipal().getName());
        newClient.setResourceOwnerSubject(subject);
    }

    newClient.setRegisteredDynamically(true);
    return newClient;
}
Example 2
Source File: ClientRegistrationService.java    From cxf-fediz with Apache License 2.0 4 votes vote down vote up 
@POST
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
@Produces(MediaType.TEXT_HTML)
@Path("/")
public Response registerForm(@FormParam("client_name") String appName,
                             @FormParam("client_type") String appType,
                             @FormParam("client_audience") String audience,
                             @FormParam("client_redirectURI") String redirectURI,
                             @FormParam("client_logoutURI") String logoutURI,
                             @FormParam("client_homeRealm") String homeRealm,
                             @FormParam("client_csrfToken") String csrfToken
) {
    try {
        // CSRF
        checkCSRFToken(csrfToken);
        checkSecurityContext();

        // Client Name
        if (StringUtils.isEmpty(appName)) {
            throw new InvalidRegistrationException("The client name must not be empty");
        }
        // Client Type
        if (StringUtils.isEmpty(appType)) {
            throw new InvalidRegistrationException("The client type must not be empty");
        }
        if (!("confidential".equals(appType) || "public".equals(appType))) {
            throw new InvalidRegistrationException("An invalid client type was specified: "
                + StringEscapeUtils.escapeHtml4(appType));
        }
        // Client ID
        String clientId = generateClientId();
        boolean isConfidential = "confidential".equals(appType);
        // Client Secret
        String clientSecret = isConfidential
            ? generateClientSecret()
            : null;

        Client newClient = new Client(clientId, clientSecret, isConfidential, appName);

        // User who registered this client
        String userName = getUserName();
        UserSubject userSubject = new OidcUserSubject(userName);
        newClient.setResourceOwnerSubject(userSubject);

        // Client Registration Time
        newClient.setRegisteredAt(System.currentTimeMillis() / 1000);

        updateClientDetails(newClient, audience, redirectURI, logoutURI, homeRealm);

        // Client Scopes
        if (clientScopes != null && !clientScopes.isEmpty()) {
            newClient.setRegisteredScopes(new ArrayList<>(clientScopes.keySet()));
        }

        return Response.ok(registerNewClient(newClient)).build();
    } catch (InvalidRegistrationException ex) {
        // For the view handlers to handle it
        return Response.ok(new InvalidRegistration(ex.getMessage())).build();
    }
}