Examples of org.apache.amber.oauth2.as.issuer.MD5Generator

Package org.apache.amber.oauth2.as.issuer

Examples of org.apache.amber.oauth2.as.issuer.MD5Generator

org.apache.amber.oauth2.common.parameters.BodyURLEncodedParametersApplier
Exemplar OAuth Token Generator


            // Check if the token is not expired
            if (Common.ACCESS_TOKEN_EXPIRED.equals(accessToken)) {


                // Return the OAuth error message
                OAuthResponse oauthResponse = OAuthRSResponse
                    .errorResponse(HttpServletResponse.SC_UNAUTHORIZED)
                    .setRealm(Common.RESOURCE_SERVER_NAME)
                    .setError(OAuthError.ResourceResponse.EXPIRED_TOKEN)
                    .buildHeaderMessage();


                // Return the error message
                return Response.status(Response.Status.UNAUTHORIZED)
                    .header(OAuth.HeaderType.WWW_AUTHENTICATE,
                        oauthResponse.getHeader(OAuth.HeaderType.WWW_AUTHENTICATE))
                    .build();
            }




            // Check if the token is sufficient
            if (Common.ACCESS_TOKEN_INSUFFICIENT.equals(accessToken)) {


                // Return the OAuth error message
                OAuthResponse oauthResponse = OAuthRSResponse
                    .errorResponse(HttpServletResponse.SC_FORBIDDEN)
                    .setRealm(Common.RESOURCE_SERVER_NAME)
                    .setError(OAuthError.ResourceResponse.INSUFFICIENT_SCOPE)
                    .buildHeaderMessage();


                // Return the error message
                return Response.status(Response.Status.FORBIDDEN)
                    .header(OAuth.HeaderType.WWW_AUTHENTICATE,
                        oauthResponse.getHeader(OAuth.HeaderType.WWW_AUTHENTICATE))
                    .build();
            }




            // Return the OAuth error message
            OAuthResponse oauthResponse = OAuthRSResponse
                .errorResponse(HttpServletResponse.SC_UNAUTHORIZED)
                .setRealm(Common.RESOURCE_SERVER_NAME)
                .setError(OAuthError.ResourceResponse.INVALID_TOKEN)
                .buildHeaderMessage();


            //return Response.status(Response.Status.UNAUTHORIZED).build();
            return Response.status(Response.Status.UNAUTHORIZED)
                .header(OAuth.HeaderType.WWW_AUTHENTICATE,
                    oauthResponse.getHeader(OAuth.HeaderType.WWW_AUTHENTICATE))
                .build();


        } catch (OAuthProblemException e) {


            // Check if the error code has been set
            String errorCode = e.getError();
            if (OAuthUtils.isEmpty(errorCode)) {


                // Return the OAuth error message
                OAuthResponse oauthResponse = OAuthRSResponse
                    .errorResponse(HttpServletResponse.SC_UNAUTHORIZED)
                    .setRealm(Common.RESOURCE_SERVER_NAME)
                    .buildHeaderMessage();


                // If no error code then return a standard 401 Unauthorized response
                return Response.status(Response.Status.UNAUTHORIZED)
                    .header(OAuth.HeaderType.WWW_AUTHENTICATE,
                        oauthResponse.getHeader(OAuth.HeaderType.WWW_AUTHENTICATE))
                    .build();
            }


            OAuthResponse oauthResponse = OAuthRSResponse
                .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                .setRealm(Common.RESOURCE_SERVER_NAME)
                .setError(e.getError())
                .setErrorDescription(e.getDescription())
                .setErrorUri(e.getUri())
                .buildHeaderMessage();


            return Response.status(oauthResponse.getResponseStatus())
                .header(OAuth.HeaderType.WWW_AUTHENTICATE,
                    oauthResponse.getHeader(OAuth.HeaderType.WWW_AUTHENTICATE))
                .build();
        }
    }

View Full Code Here

public class OAuthASResponseTest {


    @Test
    public void testAuthzResponse() throws Exception {
      HttpServletRequest request = createMock(HttpServletRequest.class);
        OAuthResponse oAuthResponse = OAuthASResponse.authorizationResponse(request,200)
            .location("http://www.example.com")
            .setCode("code")
            .setAccessToken("access_111")
            .setExpiresIn(400l)
            .setState("ok")
            .setParam("testValue", "value2")
            .buildQueryMessage();


        String url = oAuthResponse.getLocationUri();
         
        Assert.assertEquals("http://www.example.com?testValue=value2&code=code"
            + "#access_token=access_111&state=ok&expires_in=400", url);
        Assert.assertEquals(200, oAuthResponse.getResponseStatus());


    }

View Full Code Here

    @Test
    public void testAuthzResponseWithState() throws Exception {
      HttpServletRequest request = createMock(HttpServletRequest.class);
      expect(request.getParameter(OAuth.OAUTH_STATE)).andStubReturn("ok");
      replay(request);
        OAuthResponse oAuthResponse = OAuthASResponse.authorizationResponse(request,200)
            .location("http://www.example.com")
            .setCode("code")
            .setAccessToken("access_111")
            .setExpiresIn("400")
            .setParam("testValue", "value2")
            .buildQueryMessage();


        String url = oAuthResponse.getLocationUri();
 
        Assert.assertEquals("http://www.example.com?testValue=value2&code=code"
            + "#access_token=access_111&state=ok&expires_in=400", url);
        Assert.assertEquals(200, oAuthResponse.getResponseStatus());


    }

View Full Code Here




    @Test
    public void testTokenResponse() throws Exception {


        OAuthResponse oAuthResponse = OAuthASResponse.tokenResponse(200).setAccessToken("access_token")
            .setExpiresIn("200").setRefreshToken("refresh_token2")
            .buildBodyMessage();


        String body = oAuthResponse.getBody();
        Assert.assertEquals(
            "expires_in=200&refresh_token=refresh_token2&access_token=access_token",
            body);


    }

View Full Code Here

    }


    @Test
    public void testTokenResponseAdditionalParam() throws Exception {


        OAuthResponse oAuthResponse = OAuthASResponse.tokenResponse(200).setAccessToken("access_token")
            .setExpiresIn("200").setRefreshToken("refresh_token2").setParam("some_param", "new_param")
            .buildBodyMessage();


        String body = oAuthResponse.getBody();
        Assert.assertEquals(
            "some_param=new_param&expires_in=200&refresh_token=refresh_token2&access_token=access_token",
            body);


    }

View Full Code Here

            .error(OAuthError.CodeResponse.ACCESS_DENIED, "Access denied")
            .setParameter("testparameter", "testparameter_value")
            .scope("album")
            .uri("http://www.example.com/error");


        OAuthResponse oAuthResponse = OAuthResponse.errorResponse(400).error(ex).buildJSONMessage();


        Assert.assertEquals(
            "{\"error_uri\":\"http:\\/\\/www.example.com\\/error\",\"error\":\"access_denied\",\""
                + "error_description\":\"Access denied\"}",
            oAuthResponse.getBody());




        oAuthResponse = OAuthResponse.errorResponse(500)
            .location("http://www.example.com/redirect?param2=true").error(ex).buildQueryMessage();
        Assert.assertEquals(
            "http://www.example.com/redirect?param2=true&error_uri=http%3A%2F%2Fwww.example.com%2Ferror"
                + "&error=access_denied&error_description=Access+denied",
            oAuthResponse.getLocationUri());
    }

View Full Code Here

            .error(OAuthError.CodeResponse.ACCESS_DENIED, "Access denied")
            .setParameter("testparameter", "testparameter_value")
            .scope("album")
            .uri("http://www.example.com/error");


        OAuthResponse oAuthResponse = OAuthResponse.errorResponse(500)
            .location("http://www.example.com/redirect?param2=true").error(ex).buildQueryMessage();
        Assert.assertEquals(
            "http://www.example.com/redirect?param2=true&error_uri=http%3A%2F%2Fwww.example.com%2Ferror"
                + "&error=access_denied&error_description=Access+denied",
            oAuthResponse.getLocationUri());
    }

View Full Code Here

    }


    @Test
    public void testHeaderResponse() throws Exception {
      HttpServletRequest request = createMock(HttpServletRequest.class);
        OAuthResponse oAuthResponse = OAuthASResponse.authorizationResponse(request,400).setCode("oauth_code")
            .setState("state_ok")
            .buildHeaderMessage();


        String header = oAuthResponse.getHeader(OAuth.HeaderType.WWW_AUTHENTICATE);
        Assert.assertEquals("Bearer state=\"state_ok\",code=\"oauth_code\"", header);


        header = oAuthResponse.getHeaders().get(OAuth.HeaderType.WWW_AUTHENTICATE);
        Assert.assertEquals("Bearer state=\"state_ok\",code=\"oauth_code\"", header);
    }

View Full Code Here

        params.put("empty_param", "");
        params.put("null_param", null);
        params.put("", "some_value");
        params.put(null, "some_value");


        OAuthResponse res = OAuthResponse.status(200).location("").buildQueryMessage();


        OAuthParametersApplier applier = new WWWAuthHeaderParametersApplier();
        res = (OAuthResponse)applier.applyOAuthParameters(res, params);
        Assert.assertNotNull(res);
        String header = res.getHeader(OAuth.HeaderType.WWW_AUTHENTICATE);
        Assert.assertNotNull(header);
        Assert.assertEquals(OAuth.OAUTH_HEADER_NAME
            + " scope=\"s1 s2 s3\",error_uri=\"http://www.example.com/error\",error=\"invalid_token\"",
            header);

View Full Code Here

            return (OAuthResponse)applier.applyOAuthParameters(msg, parameters);
        }


        public OAuthResponse buildBodyMessage() throws OAuthSystemException {
            OAuthResponse msg = new OAuthResponse(location, responseCode);
            this.applier = new BodyURLEncodedParametersApplier();
            return (OAuthResponse)applier.applyOAuthParameters(msg, parameters);
        }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.amber.oauth2.as.issuer.MD5Generator

org.apache.amber.oauth2.as.issuer.MD5Generator

org.apache.amber.oauth2.as.issuer.OAuthIssuer

org.apache.amber.oauth2.as.issuer.OAuthIssuerImpl

org.apache.amber.oauth2.as.MD5GeneratorTest

org.apache.amber.oauth2.as.OAuthRequestTest

org.apache.amber.oauth2.as.request.OAuthAuthzRequest

org.apache.amber.oauth2.as.request.OAuthRequest

org.apache.amber.oauth2.as.request.OAuthTokenRequest

org.apache.amber.oauth2.as.response.OAuthASResponseTest

org.apache.amber.oauth2.as.validator.TokenValidator

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.