Java Code Examples for org.apache.cxf.rs.security.oauth2.common.ServerAccessToken#setScopes()
The following examples show how to use
org.apache.cxf.rs.security.oauth2.common.ServerAccessToken#setScopes() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: JPAOAuthDataProvider.java From cxf with Apache License 2.0 | 6 votes |
|
@Override
protected ServerAccessToken doCreateAccessToken(AccessTokenRegistration atReg) {
ServerAccessToken at = super.doCreateAccessToken(atReg);
// we override this in order to get rid of elementCollections directly injected
// from another entity
// this can be the case when using multiple cmt dataProvider operation in a single entityManager
// lifespan
if (at.getAudiences() != null) {
at.setAudiences(new ArrayList<>(at.getAudiences()));
}
if (at.getExtraProperties() != null) {
at.setExtraProperties(new HashMap<String, String>(at.getExtraProperties()));
}
if (at.getScopes() != null) {
at.setScopes(new ArrayList<>(at.getScopes()));
}
if (at.getParameters() != null) {
at.setParameters(new HashMap<String, String>(at.getParameters()));
}
return at;
}
Example 2
| Source File: ModelEncryptionSupport.java From cxf with Apache License 2.0 | 5 votes |
|
private static ServerAccessToken recreateAccessToken(OAuthDataProvider provider,
String newTokenKey,
String[] parts) {
@SuppressWarnings("serial")
final ServerAccessToken newToken = new ServerAccessToken(provider.getClient(parts[4]),
parts[1],
newTokenKey == null ? parts[0] : newTokenKey,
Long.parseLong(parts[2]),
Long.parseLong(parts[3])) {
};
newToken.setRefreshToken(getStringPart(parts[5]));
newToken.setGrantType(getStringPart(parts[6]));
newToken.setAudiences(parseSimpleList(parts[7]));
newToken.setParameters(parseSimpleMap(parts[8]));
// Permissions
if (!parts[9].trim().isEmpty()) {
List<OAuthPermission> perms = new LinkedList<>();
String[] allPermParts = parts[9].split("\\.");
for (int i = 0; i + 4 < allPermParts.length; i = i + 5) {
OAuthPermission perm = new OAuthPermission(allPermParts[i], allPermParts[i + 1]);
perm.setDefaultPermission(Boolean.parseBoolean(allPermParts[i + 2]));
perm.setHttpVerbs(parseSimpleList(allPermParts[i + 3]));
perm.setUris(parseSimpleList(allPermParts[i + 4]));
perms.add(perm);
}
newToken.setScopes(perms);
}
//Client verifier:
newToken.setClientCodeVerifier(parts[10]);
//UserSubject:
newToken.setSubject(recreateUserSubject(parts[11]));
newToken.setExtraProperties(parseSimpleMap(parts[12]));
return newToken;
}
Example 3
| Source File: AbstractOAuthDataProvider.java From cxf with Apache License 2.0 | 5 votes |
|
protected ServerAccessToken doCreateAccessToken(AccessTokenRegistration atReg) {
ServerAccessToken at = createNewAccessToken(atReg.getClient(), atReg.getSubject());
at.setAudiences(atReg.getAudiences());
at.setGrantType(atReg.getGrantType());
List<String> theScopes = atReg.getApprovedScope();
List<OAuthPermission> thePermissions =
convertScopeToPermissions(atReg.getClient(), theScopes);
at.setScopes(thePermissions);
at.setSubject(atReg.getSubject());
at.setClientCodeVerifier(atReg.getClientCodeVerifier());
at.setNonce(atReg.getNonce());
at.setResponseType(atReg.getResponseType());
at.setGrantCode(atReg.getGrantCode());
at.getExtraProperties().putAll(atReg.getExtraProperties());
if (messageContext != null) {
String certCnf = (String)messageContext.get(JoseConstants.HEADER_X509_THUMBPRINT_SHA256);
if (certCnf != null) {
// At a later stage we will likely introduce a dedicated Confirmation bean (as it is used in POP etc)
at.getExtraProperties().put(JoseConstants.HEADER_X509_THUMBPRINT_SHA256, certCnf);
}
}
if (isUseJwtFormatForAccessTokens()) {
JwtClaims claims = createJwtAccessToken(at);
String jose = processJwtAccessToken(claims);
if (isPersistJwtEncoding()) {
at.setTokenKey(jose);
} else {
at.setEncodedToken(jose);
}
}
return at;
}
Example 4
| Source File: AbstractOAuthDataProvider.java From cxf with Apache License 2.0 | 5 votes |
|
protected ServerAccessToken doRefreshAccessToken(Client client,
RefreshToken oldRefreshToken,
List<String> restrictedScopes) {
ServerAccessToken at = createNewAccessToken(client, oldRefreshToken.getSubject());
at.setAudiences(oldRefreshToken.getAudiences() != null
? new ArrayList<String>(oldRefreshToken.getAudiences()) : null);
at.setGrantType(oldRefreshToken.getGrantType());
at.setGrantCode(oldRefreshToken.getGrantCode());
at.setSubject(oldRefreshToken.getSubject());
at.setNonce(oldRefreshToken.getNonce());
at.setClientCodeVerifier(oldRefreshToken.getClientCodeVerifier());
at.getExtraProperties().putAll(oldRefreshToken.getExtraProperties());
if (restrictedScopes.isEmpty()) {
at.setScopes(oldRefreshToken.getScopes() != null
? new ArrayList<OAuthPermission>(oldRefreshToken.getScopes()) : null);
} else {
List<OAuthPermission> theNewScopes = convertScopeToPermissions(client, restrictedScopes);
if (oldRefreshToken.getScopes().containsAll(theNewScopes)) {
at.setScopes(theNewScopes);
} else {
throw new OAuthServiceException("Invalid scopes");
}
}
if (isUseJwtFormatForAccessTokens()) {
JwtClaims claims = createJwtAccessToken(at);
String jose = processJwtAccessToken(claims);
if (isPersistJwtEncoding()) {
at.setTokenKey(jose);
} else {
at.setEncodedToken(jose);
}
}
return at;
}
