Examples of org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData

• org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException
  This bean represents a resource owner authorization challenge. Typically, an HTML view will be returned to a resource owner who will authorize or deny the third-party client

                    return handler;
                }
            }
            // Lets try the default grant handler
            if (grantHandlers.size() == 0) {
                AuthorizationCodeGrantHandler handler = new AuthorizationCodeGrantHandler();
                if (handler.getSupportedGrantTypes().contains(grantType)) {
                    handler.setDataProvider(
                            (AuthorizationCodeDataProvider)super.getDataProvider());
                    return handler;
                }
            }
        }

        Crypto crypto = new CryptoLoader().loadCrypto(CRYPTO_RESOURCE_PROPERTIES);
        SelfSignInfo signInfo = new SelfSignInfo(crypto, "alice", "password");

        String assertion =  SAMLUtils.createAssertion(new SamlCallbackHandler(),
                                                      signInfo).assertionToString();
        Saml2BearerGrant grant = new Saml2BearerGrant(assertion);
        ClientAccessToken at = OAuthClientUtils.getAccessToken(wc,
                                        new OAuthClientUtils.Consumer("alice", "alice"),
                                        grant,
                                        false);
        assertNotNull(at.getTokenKey());

        } catch (OAuthServiceException ex) {
            return createErrorResponseFromBean(ex.getError());
        }

        // Find the grant handler
        AccessTokenGrantHandler handler = findGrantHandler(params);
        if (handler == null) {
            return createErrorResponse(params, OAuthConstants.UNSUPPORTED_GRANT_TYPE);
        }

        // Create the access token
        ServerAccessToken serverToken = null;
        try {
            serverToken = handler.createAccessToken(client, params);
        } catch (OAuthServiceException ex) {
            OAuthError customError = ex.getError();
            if (writeCustomErrors && customError != null) {
                return createErrorResponseFromBean(customError);
            }

        if (dataProvider == null && tokenHandlers.isEmpty()) {
            throw ExceptionUtils.toInternalServerErrorException(null, null);
        }

        // Get the registered handler capable of processing the token
        AccessTokenValidator handler = findTokenValidator(authScheme);
        if (handler != null) {
            try {
                // Convert the HTTP Authorization scheme data into a token
                accessTokenV = handler.validateAccessToken(getMessageContext(), authScheme, authSchemeData);
            } catch (OAuthServiceException ex) {
                AuthorizationUtils.throwAuthorizationFailure(
                    Collections.singleton(authScheme), realm);
            }
        }

    public static ClientAccessToken getAccessToken(String accessTokenServiceUri,
                                                   Consumer consumer,
                                                   AccessTokenGrant grant,
                                                   boolean setAuthorizationHeader)
        throws OAuthServiceException {
        OAuthJSONProvider provider = new OAuthJSONProvider();
        WebClient accessTokenService =
            WebClient.create(accessTokenServiceUri, Collections.singletonList(provider));
        accessTokenService.accept("application/json");
        return getAccessToken(accessTokenService, consumer, grant, setAuthorizationHeader);
    }

            // the authenticated credentials and the client registration id
        }
        Response response = accessTokenService.form(form);
        Map<String, String> map = null;
        try {
            map = new OAuthJSONProvider().readJSONResponse((InputStream)response.getEntity());
        } catch (IOException ex) {
            throw new ClientException(ex);
        }
        if (200 == response.getStatus()) {
            ClientAccessToken token = fromMapToClientToken(map, defaultTokenType);

    private String algorithm = ALGO_MD5;

    public String generate(byte[] input) throws OAuthServiceException {
        if (input == null) {
            throw new OAuthServiceException("You have to pass input to Token Generator");
        }

        try {
            byte[] messageDigest = createDigest(input, algorithm);
            StringBuffer hexString = new StringBuffer();
            for (int i = 0; i < messageDigest.length; i++) {
                hexString.append(Integer.toHexString(0xFF & messageDigest[i]));
            }

            return hexString.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new OAuthServiceException("server_error", e);
        }
    }

    public byte[] createDigest(String input, String algo) {
        try {
            return createDigest(input.getBytes("UTF-8"), algo);
        } catch (UnsupportedEncodingException e) {
            throw new OAuthServiceException("server_error", e);
        } catch (NoSuchAlgorithmException e) {
            throw new OAuthServiceException("server_error", e);
        }
    }

            return;
        }

        String audienceParam = params.getFirst(OAuthConstants.CLIENT_AUDIENCE);
        if (audienceParam == null) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_REQUEST));
        }
        // must be URL
        try {
            new URL(audienceParam);
        } catch (MalformedURLException ex) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_REQUEST));
        }

        if (!audiences.contains(audienceParam)) {
            throw new OAuthServiceException(new OAuthError(OAuthConstants.ACCESS_DENIED));
        }

    }

    public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
        throws OAuthServiceException {

        String assertion = params.getFirst(Constants.CLIENT_GRANT_ASSERTION_PARAM);
        if (assertion == null) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
        }
        try {
            InputStream tokenStream = decodeAssertion(assertion);
            Element token = readToken(tokenStream);
            AssertionWrapper assertionWrapper = new AssertionWrapper(token);

            Message message = PhaseInterceptorChain.getCurrentMessage();

            validateToken(message, assertionWrapper);
            UserSubject grantSubject = getGrantSubject(message, assertionWrapper);

            return doCreateAccessToken(client,
                                       grantSubject,
                                       Constants.SAML2_BEARER_GRANT,
                                       OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)));
        } catch (OAuthServiceException ex) {
            throw ex;
        } catch (Exception ex) {
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
        }
    }