Java Code Examples for org.apache.cxf.rs.security.oauth2.common.Client#getClientSecret()
The following examples show how to use
org.apache.cxf.rs.security.oauth2.common.Client#getClientSecret() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DynamicRegistrationService.java From cxf with Apache License 2.0 | 6 votes |
|
protected ClientRegistrationResponse fromClientToRegistrationResponse(Client client) {
ClientRegistrationResponse response = new ClientRegistrationResponse();
response.setClientId(client.getClientId());
if (client.getClientSecret() != null) {
response.setClientSecret(client.getClientSecret());
// TODO: consider making Client secret time limited
response.setClientSecretExpiresAt(Long.valueOf(0));
}
response.setClientIdIssuedAt(client.getRegisteredAt());
response.setGrantTypes(client.getAllowedGrantTypes());
UriBuilder ub = getMessageContext().getUriInfo().getAbsolutePathBuilder();
if (supportRegistrationAccessTokens) {
// both registration access token and uri are either included or excluded
response.setRegistrationClientUri(
ub.path(client.getClientId()).build().toString());
response.setRegistrationAccessToken(
client.getProperties().get(ClientRegistrationResponse.REG_ACCESS_TOKEN));
}
return response;
}
Example 2
| Source File: OAuthServerJoseJwtProducer.java From cxf with Apache License 2.0 | 6 votes |
|
protected JweEncryptionProvider getInitializedEncryptionProvider(Client c) {
JweEncryptionProvider theEncryptionProvider = null;
if (encryptWithClientCertificates && c != null && !c.getApplicationCertificates().isEmpty()) {
X509Certificate cert =
(X509Certificate)CryptoUtils.decodeCertificate(c.getApplicationCertificates().get(0));
theEncryptionProvider = JweUtils.createJweEncryptionProvider(cert.getPublicKey(),
KeyAlgorithm.RSA_OAEP,
ContentAlgorithm.A128GCM,
null);
}
if (theEncryptionProvider == null && c != null && c.getClientSecret() != null) {
theEncryptionProvider = super.getInitializedEncryptionProvider(c.getClientSecret());
}
return theEncryptionProvider;
}
Example 3
| Source File: JwtRequestCodeFilter.java From cxf with Apache License 2.0 | 5 votes |
|
protected JwsSignatureVerifier getInitializedSigVerifier(Client c) {
if (verifyWithClientCertificates) {
X509Certificate cert =
(X509Certificate)CryptoUtils.decodeCertificate(c.getApplicationCertificates().get(0));
return JwsUtils.getPublicKeySignatureVerifier(cert, SignatureAlgorithm.RS256);
}
return super.getInitializedSignatureVerifier(c.getClientSecret());
}
Example 4
| Source File: AbstractTokenService.java From cxf with Apache License 2.0 | 5 votes |
|
protected boolean isConfidenatialClientSecretValid(Client client, String providedClientSecret) {
if (clientSecretVerifier != null) {
return clientSecretVerifier.validateClientSecret(client, providedClientSecret);
}
return client.getClientSecret() != null
&& providedClientSecret != null && client.getClientSecret().equals(providedClientSecret);
}
Example 5
| Source File: OAuthServerJoseJwtConsumer.java From cxf with Apache License 2.0 | 5 votes |
|
protected JwsSignatureVerifier getInitializedSignatureVerifier(Client c) {
JwsSignatureVerifier theSignatureVerifier = null;
if (verifyWithClientCertificates && c != null && !c.getApplicationCertificates().isEmpty()) {
X509Certificate cert =
(X509Certificate)CryptoUtils.decodeCertificate(c.getApplicationCertificates().get(0));
theSignatureVerifier = JwsUtils.getPublicKeySignatureVerifier(cert.getPublicKey(),
SignatureAlgorithm.RS256);
}
if (theSignatureVerifier == null && c != null && c.getClientSecret() != null) {
theSignatureVerifier = super.getInitializedSignatureVerifier(c.getClientSecret());
}
return theSignatureVerifier;
}
Example 6
| Source File: JwtRequestCodeFilter.java From cxf with Apache License 2.0 | 4 votes |
|
@Override
public MultivaluedMap<String, String> process(MultivaluedMap<String, String> params,
UserSubject endUser,
Client client) {
String requestToken = params.getFirst(REQUEST_PARAM);
if (requestToken == null) {
String requestUri = params.getFirst(REQUEST_URI_PARAM);
if (isRequestUriValid(client, requestUri)) {
requestToken = WebClient.create(requestUri).get(String.class);
}
}
if (requestToken != null) {
JweDecryptionProvider theDecryptor = super.getInitializedDecryptionProvider(client.getClientSecret());
JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(client);
JwtToken jwt = getJwtToken(requestToken, theDecryptor, theSigVerifier);
JwtClaims claims = jwt.getClaims();
// Check issuer
String iss = issuer != null ? issuer : client.getClientId();
if (!iss.equals(claims.getIssuer())) {
throw new SecurityException();
}
// Check client_id - if present it must match the client_id specified in the request
if (claims.getClaim(OAuthConstants.CLIENT_ID) != null
&& !claims.getStringProperty(OAuthConstants.CLIENT_ID).equals(client.getClientId())) {
throw new SecurityException();
}
// Check response_type - if present it must match the response_type specified in the request
String tokenResponseType = (String)claims.getClaim(OAuthConstants.RESPONSE_TYPE);
if (tokenResponseType != null
&& !tokenResponseType.equals(params.getFirst(OAuthConstants.RESPONSE_TYPE))) {
throw new SecurityException();
}
MultivaluedMap<String, String> newParams = new MetadataMap<>(params);
Map<String, Object> claimsMap = claims.asMap();
for (Map.Entry<String, Object> entry : claimsMap.entrySet()) {
String key = entry.getKey();
Object value = entry.getValue();
if (value instanceof Map) {
Map<String, Object> map = CastUtils.cast((Map<?, ?>)value);
value = jsonHandler.toJson(map);
} else if (value instanceof List) {
List<Object> list = CastUtils.cast((List<?>)value);
value = jsonHandler.toJson(list);
}
newParams.putSingle(key, value.toString());
}
return newParams;
}
return params;
}
Example 7
| Source File: AuthorizationCodeGrantService.java From cxf with Apache License 2.0 | 4 votes |
|
@Override
protected boolean canSupportPublicClient(Client c) {
return canSupportPublicClients && !c.isConfidential() && c.getClientSecret() == null;
}
Example 8
| Source File: AbstractTokenService.java From cxf with Apache License 2.0 | 4 votes |
|
protected boolean isValidPublicClient(Client client, String clientId) {
return canSupportPublicClients
&& !client.isConfidential()
&& client.getClientSecret() == null;
}
Example 9
| Source File: OAuthServerJoseJwtConsumer.java From cxf with Apache License 2.0 | 4 votes |
|
protected JweDecryptionProvider getInitializedDecryptionProvider(Client c) {
if (c == null) {
return null;
}
return super.getInitializedDecryptionProvider(c.getClientSecret());
}
Example 10
| Source File: OAuthServerJoseJwtProducer.java From cxf with Apache License 2.0 | 4 votes |
|
protected JwsSignatureProvider getInitializedSignatureProvider(Client c) {
if (c == null) {
return null;
}
return super.getInitializedSignatureProvider(c.getClientSecret());
}
