Examples of OAuthServiceException

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
                                              String clientMacString) {
        String macKey = macAuthInfo.getMacKey();
       
        ServerAccessToken accessToken = dataProvider.getAccessToken(macKey);
        if (!(accessToken instanceof MacAccessToken)) {
            throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
        }
        MacAccessToken macAccessToken = (MacAccessToken)accessToken;
       
        String normalizedString = macAuthInfo.getNormalizedRequestString();
        try {
            HmacAlgorithm hmacAlgo = HmacAlgorithm.toHmacAlgorithm(macAccessToken.getMacAlgorithm());
            byte[] serverMacData = HmacUtils.computeHmac(
                macAccessToken.getMacKey(), hmacAlgo, normalizedString);
                                                        
            byte[] clientMacData = Base64Utility.decode(clientMacString);
            boolean validMac = Arrays.equals(serverMacData, clientMacData);
            if (!validMac) {
                AuthorizationUtils.throwAuthorizationFailure(Collections
                    .singleton(OAuthConstants.MAC_AUTHORIZATION_SCHEME));
            }
        } catch (Base64Exception e) {
            throw new OAuthServiceException(OAuthConstants.SERVER_ERROR, e);
        }
        return macAccessToken;
    }
View Full Code Here

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
public class MessageDigestGenerator {
    private String algorithm = "MD5";
       
    public String generate(byte[] input) throws OAuthServiceException {
        if (input == null) {
            throw new OAuthServiceException("You have to pass input to Token Generator");
        }

        try {
            MessageDigest md = MessageDigest.getInstance(algorithm);
            md.reset();
            md.update(input);
            byte[] messageDigest = md.digest();
            StringBuffer hexString = new StringBuffer();
            for (int i = 0; i < messageDigest.length; i++) {
                hexString.append(Integer.toHexString(0xFF & messageDigest[i]));
            }

            return hexString.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new OAuthServiceException("server_error", e);
        }
    }
View Full Code Here

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

112
113
114
115
116
117
118
119
            if (digestAlgo != null) {
                gen.setAlgorithm(digestAlgo);
            }
            return gen.generate(bytes);
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.SERVER_ERROR, ex);
        }
    }
View Full Code Here

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

148
149
150
151
152
153
154
155
156
        if (requestScopes.isEmpty()) {
            requestScopes.addAll(registeredScopes);
            return requestScopes;
        }
        if (!validateScopes(requestScopes, registeredScopes, partialMatchScopeValidation)) {
            throw new OAuthServiceException("Unexpected scope");
        }
        return requestScopes;
    }
View Full Code Here

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
        throws OAuthServiceException {
       
        String ownerName = params.getFirst(OAuthConstants.RESOURCE_OWNER_NAME);
        String ownerPassword = params.getFirst(OAuthConstants.RESOURCE_OWNER_PASSWORD);
        if (ownerName == null || ownerPassword == null) {
            throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST);
        }
       
        UserSubject subject = null;
        try {
            subject = loginHandler.createSubject(ownerName, ownerPassword);
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST);
        }
       
        return doCreateAccessToken(client,
                                   subject,
                                   OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)));
View Full Code Here

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
            throw new ClientWebApplicationException(ex);
        }
        if (200 == response.getStatus()) {
            ClientAccessToken token = fromMapToClientToken(map);
            if (token == null) {
                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
            } else {
                return token;
            }
        } else if (400 == response.getStatus() && map.containsKey(OAuthConstants.ERROR_KEY)) {
            OAuthError error = new OAuthError(map.get(OAuthConstants.ERROR_KEY),
                                              map.get(OAuthConstants.ERROR_DESCRIPTION_KEY));
            error.setErrorUri(map.get(OAuthConstants.ERROR_URI_KEY));
            throw new OAuthServiceException(error);
        }
        throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
    }
View Full Code Here

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

275
276
277
278
279
280
281
282
283
            MacAuthorizationScheme macAuthData = new MacAuthorizationScheme(httpProps, token);
            String macAlgo = token.getParameters().get(OAuthConstants.MAC_TOKEN_ALGORITHM);
            String macKey = token.getParameters().get(OAuthConstants.MAC_TOKEN_KEY);
            sb.append(macAuthData.toAuthorizationHeader(macAlgo, macKey));
        } else {
            throw new ClientWebApplicationException(new OAuthServiceException("Unsupported token type"));
        }
       
    }
View Full Code Here

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
    }

    public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
        throws OAuthServiceException {
        if (!OAuthUtils.isGrantSupportedForClient(client, true, OAuthConstants.REFRESH_TOKEN_GRANT)) {
            throw new OAuthServiceException(OAuthConstants.UNAUTHORIZED_CLIENT);   
        }
        String refreshToken = params.getFirst(OAuthConstants.REFRESH_TOKEN);
       
        ServerAccessToken token = dataProvider.refreshAccessToken(client.getClientId(),
                                                                  refreshToken);
        if (token == null) {
            return null;
        }
        String scope = params.getFirst(OAuthConstants.SCOPE);
        if (scope != null) {
            List<String> tokenScopes = OAuthUtils.convertPermissionsToScopeList(token.getScopes());
            if (!tokenScopes.containsAll(OAuthUtils.parseScope(scope))) {           
                throw new OAuthServiceException(OAuthConstants.INVALID_SCOPE);
            }
        }
       
        return token;
    }
View Full Code Here

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

57
58
59
60
61
62
63
64
        return Collections.singletonList(supportedGrant);
    }
   
    protected void checkIfGrantSupported(Client client) {
        if (!OAuthUtils.isGrantSupportedForClient(client, isClientConfidential, supportedGrant)) {
            throw new OAuthServiceException(OAuthConstants.UNAUTHORIZED_CLIENT);   
        }
    }
View Full Code Here

Examples of org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException

110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
        throws OAuthServiceException {
        checkIfGrantSupported(client);
       
        String assertion = params.getFirst(Constants.CLIENT_GRANT_ASSERTION_PARAM);
        if (assertion == null) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }
        try {  
            InputStream tokenStream = decodeAssertion(assertion);
            Element token = readToken(tokenStream);
            AssertionWrapper assertionWrapper = new AssertionWrapper(token);
           
            Message message = PhaseInterceptorChain.getCurrentMessage();
   
            validateToken(message, assertionWrapper);
            UserSubject grantSubject = getGrantSubject(message, assertionWrapper);
           
            return doCreateAccessToken(client,
                                       grantSubject,
                                       OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)));
        } catch (OAuthServiceException ex) {
            throw ex;
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
        }
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.