org.apache.oltu.oauth2.common.OAuth Java Examples
The following examples show how to use
org.apache.oltu.oauth2.common.OAuth.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: URLConnectionClient.java From BIMserver with GNU Affero General Public License v3.0 | 6 votes |
|
private void setRequestBody(OAuthClientRequest request, String requestMethod, HttpURLConnection httpURLConnection)
throws IOException {
String requestBody = request.getBody();
if (OAuthUtils.isEmpty(requestBody)) {
return;
}
if (OAuth.HttpMethod.POST.equals(requestMethod) || OAuth.HttpMethod.PUT.equals(requestMethod)) {
httpURLConnection.setDoOutput(true);
OutputStream ost = httpURLConnection.getOutputStream();
PrintWriter pw = new PrintWriter(ost);
pw.print(requestBody);
pw.flush();
pw.close();
}
}
Example #2
| Source File: CarbonOAuthAuthzRequest.java From carbon-identity with Apache License 2.0 | 6 votes |
|
protected OAuthValidator<HttpServletRequest> initValidator() throws OAuthProblemException, OAuthSystemException {
String responseTypeValue = getParam(OAuth.OAUTH_RESPONSE_TYPE);
if (OAuthUtils.isEmpty(responseTypeValue)) {
throw OAuthUtils.handleOAuthProblemException("Missing response_type parameter value");
}
Class<? extends OAuthValidator<HttpServletRequest>> clazz = OAuthServerConfiguration
.getInstance().getSupportedResponseTypeValidators().get(responseTypeValue);
if (clazz == null) {
if (log.isDebugEnabled()) {
//Do not change this log format as these logs use by external applications
log.debug("Unsupported Response Type : " + responseTypeValue +
" for client id : " + getClientId());
}
throw OAuthUtils.handleOAuthProblemException("Invalid response_type parameter value");
}
return OAuthUtils.instantiateClass(clazz);
}
Example #3
| Source File: CarbonOAuthTokenRequest.java From carbon-identity with Apache License 2.0 | 6 votes |
|
/**
* Initialize a grant type validator
*
* @return an instance of OAuthValidator
* @throws OAuthProblemException
* @throws OAuthSystemException
*/
@Override
protected OAuthValidator<HttpServletRequest> initValidator() throws OAuthProblemException, OAuthSystemException {
String requestTypeValue = getParam(OAuth.OAUTH_GRANT_TYPE);
if (OAuthUtils.isEmpty(requestTypeValue)) {
throw OAuthUtils.handleOAuthProblemException("Missing grant_type parameter value");
}
Class<? extends OAuthValidator<HttpServletRequest>> clazz = OAuthServerConfiguration
.getInstance().getSupportedGrantTypeValidators().get(requestTypeValue);
if (clazz == null) {
if (log.isDebugEnabled()) {
//Do not change this log format as these logs use by external applications
log.debug("Unsupported Grant Type : " + requestTypeValue +
" for client id : " + getClientId());
}
throw OAuthUtils.handleOAuthProblemException("Invalid grant_type parameter value");
}
return OAuthUtils.instantiateClass(clazz);
}
Example #4
| Source File: CarbonOAuthTokenRequest.java From carbon-identity with Apache License 2.0 | 6 votes |
|
/**
* Constructs CarbonOAuthTokenRequest from the given HttpServletRequest
*
* @param request an instance of HttpServletRequest that represents an OAuth token request
* @throws OAuthSystemException
* @throws OAuthProblemException
*/
public CarbonOAuthTokenRequest(HttpServletRequest request) throws OAuthSystemException,
OAuthProblemException {
super(request);
assertion = request.getParameter(OAuth.OAUTH_ASSERTION);
windows_token = request.getParameter(OAuthConstants.WINDOWS_TOKEN);
tenantDomain = request.getParameter(MultitenantConstants.TENANT_DOMAIN);
if (tenantDomain == null) {
tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
}
// Store all request parameters
if (request.getParameterNames() != null) {
List<RequestParameter> requestParameterList = new ArrayList<RequestParameter>();
while (request.getParameterNames().hasMoreElements()) {
String key = request.getParameterNames().nextElement();
String value = request.getParameter(key);
requestParameterList.add(new RequestParameter(key, value));
}
requestParameters =
requestParameterList.toArray(new RequestParameter[requestParameterList.size()]);
}
}
Example #5
| Source File: FragmentParametersApplier.java From orion.server with Eclipse Public License 1.0 | 6 votes |
|
public OAuthMessage applyOAuthParameters(OAuthMessage message, Map<String, Object> params) throws OAuthSystemException {
String messageUrl = message.getLocationUri();
if (messageUrl != null) {
StringBuilder url = new StringBuilder(messageUrl);
if (params.containsKey(OAuth.OAUTH_REFRESH_TOKEN)) {
params.remove(OAuth.OAUTH_REFRESH_TOKEN);
}
String fragmentQuery = OAuthUtils.format(params.entrySet(), "UTF-8");
if (!OAuthUtils.isEmpty(fragmentQuery)) {
if (params.size() > 0) {
url.append("#").append(fragmentQuery);
}
}
message.setLocationUri(url.toString());
}
return message;
}
Example #6
| Source File: OAuthUtils.java From orion.server with Eclipse Public License 1.0 | 6 votes |
|
/**
* Construct a WWW-Authenticate header
*/
public static String encodeOAuthHeader(Map<String, Object> entries) {
StringBuffer sb = new StringBuffer();
sb.append(OAuth.OAUTH_HEADER_NAME).append(" ");
for (Map.Entry<String, Object> entry : entries.entrySet()) {
String value = entry.getValue() == null? null: String.valueOf(entry.getValue());
if (!OAuthUtils.isEmpty(entry.getKey()) && !OAuthUtils.isEmpty(value)) {
sb.append(entry.getKey());
sb.append("=\"");
sb.append(value);
sb.append("\",");
}
}
return sb.substring(0, sb.length() - 1);
}
Example #7
| Source File: AbstractValidator.java From orion.server with Eclipse Public License 1.0 | 6 votes |
|
@Override
public void validateClientAuthenticationCredentials(T request) throws OAuthProblemException {
if (enforceClientAuthentication) {
Set<String> missingParameters = new HashSet<String>();
String clientAuthHeader = request.getHeader(OAuth.HeaderType.AUTHORIZATION);
String[] clientCreds = OAuthUtils.decodeClientAuthenticationHeader(clientAuthHeader);
// Only fallback to params if the auth header is not correct. Don't allow a mix of auth header vs params
if (clientCreds == null || OAuthUtils.isEmpty(clientCreds[0]) || OAuthUtils.isEmpty(clientCreds[1])) {
if (OAuthUtils.isEmpty(request.getParameter(OAuth.OAUTH_CLIENT_ID))) {
missingParameters.add(OAuth.OAUTH_CLIENT_ID);
}
if (OAuthUtils.isEmpty(request.getParameter(OAuth.OAUTH_CLIENT_SECRET))) {
missingParameters.add(OAuth.OAUTH_CLIENT_SECRET);
}
}
if (!missingParameters.isEmpty()) {
throw OAuthUtils.handleMissingParameters(missingParameters);
}
}
}
Example #8
| Source File: OAuthUtils.java From orion.server with Eclipse Public License 1.0 | 5 votes |
|
/**
* Construct an Authorization Bearer header
*/
public static String encodeAuthorizationBearerHeader(Map<String, Object> entries) {
StringBuffer sb = new StringBuffer();
sb.append(OAuth.OAUTH_HEADER_NAME).append(" ");
for (Map.Entry<String, Object> entry : entries.entrySet()) {
String value = entry.getValue() == null? null: String.valueOf(entry.getValue());
if (!OAuthUtils.isEmpty(entry.getKey()) && !OAuthUtils.isEmpty(value)) {
sb.append(value);
}
}
return sb.toString();
}
Example #9
| Source File: IDTokenTokenResponseValidator.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public void validateMethod(HttpServletRequest request) throws OAuthProblemException {
String method = request.getMethod();
if (!OAuth.HttpMethod.GET.equals(method) && !OAuth.HttpMethod.POST.equals(method)) {
throw OAuthProblemException.error(OAuthError.CodeResponse.INVALID_REQUEST)
.description("Method not correct.");
}
}
Example #10
| Source File: IDTokenResponseValidator.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public void validateMethod(HttpServletRequest request) throws OAuthProblemException {
String method = request.getMethod();
if (!OAuth.HttpMethod.GET.equals(method) && !OAuth.HttpMethod.POST.equals(method)) {
throw OAuthProblemException.error(OAuthError.CodeResponse.INVALID_REQUEST)
.description("Method not correct.");
}
}
Example #11
| Source File: OidcAuthenticator.java From entando-components with GNU Lesser General Public License v3.0 | 5 votes |
|
private void fetchAndProcessToken(HttpServletRequest req, String code) throws
OAuthSystemException, OAuthProblemException, ApsSystemException {
OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
OAuthClientRequest oAuthClientRequest = this.oidcHelper.buildOauthRequest(req, code);
OAuthJSONAccessTokenResponse oAuthResponse = oAuthClient.resource(oAuthClientRequest, OAuth.HttpMethod.POST, OAuthJSONAccessTokenResponse.class);
_logger.info("----------------------TOKEN------------------- ");
String accessToken = oAuthResponse.getAccessToken();
_logger.info("accessToken -> " + accessToken);
UserDetails cdpUser = this.oidcHelper.getOidcUser(oAuthResponse.getAccessToken());
HttpSession session = req.getSession();
session.setAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER, cdpUser);
}
Example #12
| Source File: AbstractValidator.java From orion.server with Eclipse Public License 1.0 | 5 votes |
|
@Override
public void validateContentType(T request) throws OAuthProblemException {
String contentType = request.getContentType();
final String expectedContentType = OAuth.ContentType.URL_ENCODED;
if (!OAuthUtils.hasContentType(contentType, expectedContentType)) {
throw OAuthUtils.handleBadContentTypeException(expectedContentType);
}
}
Example #13
| Source File: OAuthClient.java From orion.server with Eclipse Public License 1.0 | 5 votes |
|
public <T extends OAuthAccessTokenResponse> T accessToken(
OAuthClientRequest request,
Class<T> responseClass)
throws OAuthSystemException, OAuthProblemException {
return accessToken(request, OAuth.HttpMethod.POST, responseClass);
}
Example #14
| Source File: ClientHeaderParametersApplier.java From orion.server with Eclipse Public License 1.0 | 5 votes |
|
public OAuthMessage applyOAuthParameters(OAuthMessage message, Map<String, Object> params)
throws OAuthSystemException {
String header = OAuthUtils.encodeAuthorizationBearerHeader(params);
message.addHeader(OAuth.HeaderType.AUTHORIZATION, header);
return message;
}
Example #15
| Source File: OAuthResponse.java From orion.server with Eclipse Public License 1.0 | 5 votes |
|
public OAuthErrorResponseBuilder error(OAuthProblemException ex) {
this.parameters.put(OAuthError.OAUTH_ERROR, ex.getError());
this.parameters.put(OAuthError.OAUTH_ERROR_DESCRIPTION, ex.getDescription());
this.parameters.put(OAuthError.OAUTH_ERROR_URI, ex.getUri());
this.parameters.put(OAuth.OAUTH_STATE, ex.getState());
return this;
}
Example #16
| Source File: OAuthUtils.java From orion.server with Eclipse Public License 1.0 | 5 votes |
|
/**
* Return true if the given Content-Type header means FORM_ENCODED.
*/
public static boolean isFormEncoded(String contentType) {
if (contentType == null) {
return false;
}
int semi = contentType.indexOf(";");
if (semi >= 0) {
contentType = contentType.substring(0, semi);
}
return OAuth.ContentType.URL_ENCODED.equalsIgnoreCase(contentType.trim());
}
Example #17
| Source File: OAuthResponse.java From orion.server with Eclipse Public License 1.0 | 5 votes |
|
public OAuthResponse buildQueryMessage() throws OAuthSystemException {
OAuthResponse msg = new OAuthResponse(location, responseCode);
this.applier = new QueryParameterApplier();
if (parameters.containsKey(OAuth.OAUTH_ACCESS_TOKEN)) {
this.applier = new FragmentParametersApplier();
}else{
this.applier = new QueryParameterApplier();
}
return (OAuthResponse)applier.applyOAuthParameters(msg, parameters);
}
Example #18
| Source File: OAuthJSONAccessTokenResponse.java From orion.server with Eclipse Public License 1.0 | 5 votes |
|
protected void setBody(String body) throws OAuthProblemException {
try {
this.body = body;
parameters = JSONUtils.parseJSON(body);
} catch (Throwable e) {
throw OAuthProblemException.error(OAuthError.CodeResponse.UNSUPPORTED_RESPONSE_TYPE,
"Invalid response! Response body is not " + OAuth.ContentType.JSON + " encoded");
}
}
Example #19
| Source File: OAuthClient.java From orion.server with Eclipse Public License 1.0 | 5 votes |
|
public <T extends OAuthAccessTokenResponse> T accessToken(
OAuthClientRequest request, String requestMethod, Class<T> responseClass)
throws OAuthSystemException, OAuthProblemException {
Map<String, String> headers = new HashMap<String, String>();
headers.put(OAuth.HeaderType.CONTENT_TYPE, OAuth.ContentType.URL_ENCODED);
return httpClient.execute(request, headers, requestMethod, responseClass);
}
Example #20
| Source File: OAuthClientValidator.java From orion.server with Eclipse Public License 1.0 | 5 votes |
|
public void validateErrorResponse(OAuthClientResponse response) throws OAuthProblemException {
String error = response.getParam(OAuthError.OAUTH_ERROR);
if (!OAuthUtils.isEmpty(error)) {
String errorDesc = response.getParam(OAuthError.OAUTH_ERROR_DESCRIPTION);
String errorUri = response.getParam(OAuthError.OAUTH_ERROR_URI);
String state = response.getParam(OAuth.OAUTH_STATE);
throw OAuthProblemException.error(error).description(errorDesc).uri(errorUri).state(state);
}
}
Example #21
| Source File: OAuthResponse.java From orion.server with Eclipse Public License 1.0 | 4 votes |
|
public OAuthErrorResponseBuilder setState(String state) {
this.parameters.put(OAuth.OAUTH_STATE, state);
return this;
}
Example #22
| Source File: OAuthResponse.java From orion.server with Eclipse Public License 1.0 | 4 votes |
|
public OAuthErrorResponseBuilder setRealm(String realm) {
this.parameters.put(OAuth.WWWAuthHeader.REALM, realm);
return this;
}
Example #23
| Source File: OAuthTokenResponse.java From orion.server with Eclipse Public License 1.0 | 4 votes |
|
public String getTokenType() {
return getParam(OAuth.OAUTH_TOKEN_TYPE);
}
Example #24
| Source File: OAuthTokenResponse.java From orion.server with Eclipse Public License 1.0 | 4 votes |
|
public String getScope() {
return getParam(OAuth.OAUTH_SCOPE);
}
Example #25
| Source File: OAuthTokenResponse.java From orion.server with Eclipse Public License 1.0 | 4 votes |
|
public String getRefreshToken() {
return getParam(OAuth.OAUTH_REFRESH_TOKEN);
}
Example #26
| Source File: OAuthTokenResponse.java From orion.server with Eclipse Public License 1.0 | 4 votes |
|
public Long getExpiresIn() {
String value = getParam(OAuth.OAUTH_EXPIRES_IN);
return value == null? null: Long.valueOf(value);
}
Example #27
| Source File: OAuthTokenResponse.java From orion.server with Eclipse Public License 1.0 | 4 votes |
|
public String getAccessToken() {
return getParam(OAuth.OAUTH_ACCESS_TOKEN);
}
Example #28
| Source File: SAML1GrantValidator.java From carbon-identity with Apache License 2.0 | 4 votes |
|
public SAML1GrantValidator(){
requiredParams.add(OAuth.OAUTH_GRANT_TYPE);
requiredParams.add(OAuth.OAUTH_ASSERTION);
}
Example #29
| Source File: AbstractValidator.java From orion.server with Eclipse Public License 1.0 | 4 votes |
|
@Override
public void validateMethod(T request) throws OAuthProblemException {
if (!request.getMethod().equals(OAuth.HttpMethod.POST)) {
throw OAuthUtils.handleOAuthProblemException("Method not set to POST.");
}
}
Example #30
| Source File: OAuthAuthzResponse.java From orion.server with Eclipse Public License 1.0 | 4 votes |
|
public String getCode() {
return getParam(OAuth.OAUTH_CODE);
}
