Package org.jboss.resteasy.skeleton.key.representations

Examples of org.jboss.resteasy.skeleton.key.representations.SkeletonKeyToken


      }
      else
      {
         if (!oauth.resolveCode(code)) return;

         SkeletonKeyToken token = oauth.getToken();
         Set<String> roles = null;
         if (resourceMetadata.getResourceName() != null)
         {
            SkeletonKeyToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName());
            if (access != null) roles = access.getRoles();
         }
         else
         {
            SkeletonKeyToken.Access access = token.getRealmAccess();
            if (access != null) roles = access.getRoles();
         }
         SkeletonKeyPrincipal skp = new SkeletonKeyPrincipal(token.getPrincipal(), null);
         GenericPrincipal principal = new CatalinaSecurityContextHelper().createPrincipal(context.getRealm(), skp, roles);
         Session session = request.getSessionInternal(true);
         session.setPrincipal(principal);
         session.setAuthType("OAUTH");
         if (!remoteSkeletonKeyConfig.isCancelPropagation())
         {
            SkeletonKeySession skSession = new SkeletonKeySession(oauth.getTokenString(), realmConfiguration.getMetadata());
            session.setNote(SkeletonKeySession.class.getName(), skSession);
         }

         String username = token.getPrincipal();
         log.debug("userSessionManage.login: " + username);
         userSessionManagement.login(session, username);
      }
   }
View Full Code Here


      {

      }
      if (!verified) throw new VerificationException("Token signature not validated");

      SkeletonKeyToken token = null;
      try
      {
         token = JsonSerialization.fromBytes(SkeletonKeyToken.class, input.getContent());
      }
      catch (IOException e)
      {
         throw new VerificationException(e);
      }
      if (!token.isActive())
      {
         throw new VerificationException("Token is not active.");
      }
      String user = token.getPrincipal();
      if (user == null)
      {
         throw new VerificationException("Token user was null");
      }
      if (!realm.equals(token.getAudience()))
      {
         throw new VerificationException("Token audience doesn't match domain");

      }
      return token;
View Full Code Here

   }

   @Test
   public void testToken() throws Exception
   {
      SkeletonKeyToken token = new SkeletonKeyToken();
      token.id("111");
      token.addAccess("foo").addRole("admin");
      token.addAccess("bar").addRole("user");

      String json = JsonSerialization.toString(token, true);
      System.out.println(json);

      token = JsonSerialization.fromString(SkeletonKeyToken.class, json);
      Assert.assertEquals("111", token.getId());
      SkeletonKeyToken.Access foo = token.getResourceAccess("foo");
      Assert.assertNotNull(foo);
      Assert.assertTrue(foo.isUserInRole("admin"));

   }
View Full Code Here

   }

   @Test
   public void testRSA() throws Exception
   {
      SkeletonKeyToken token = new SkeletonKeyToken();
      token.id("111");
      token.addAccess("foo").addRole("admin");
      token.addAccess("bar").addRole("user");

      KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
      byte[] tokenBytes = JsonSerialization.toByteArray(token, true);

      String encoded = new JWSBuilder()
              .content(tokenBytes)
              .rsa256(keyPair.getPrivate());

      System.out.println(encoded);

      JWSInput input = new JWSInput(encoded);
      byte[] content = input.getContent();

      token = JsonSerialization.fromBytes(SkeletonKeyToken.class, content);
      Assert.assertEquals("111", token.getId());
      Assert.assertTrue(RSAProvider.verify(input, keyPair.getPublic()));
   }
View Full Code Here

      String tokenString = split[1];


      try
      {
         SkeletonKeyToken token = RSATokenVerifier.verifyToken(tokenString, resourceMetadata);
         SkeletonKeySession skSession = new SkeletonKeySession(tokenString, resourceMetadata);
         ResteasyProviderFactory.pushContext(SkeletonKeySession.class, skSession);
         String callerPrincipal = securityContext.getUserPrincipal() != null ? securityContext.getUserPrincipal().getName() : null;

         final SkeletonKeyPrincipal principal = new SkeletonKeyPrincipal(token.getPrincipal(), callerPrincipal);
         final boolean isSecure = securityContext.isSecure();
         final SkeletonKeyToken.Access access;
         if (resourceMetadata.getResourceName() != null)
         {
            access = token.getResourceAccess(resourceMetadata.getResourceName());
         }
         else
         {
            access = token.getRealmAccess();
         }
         SecurityContext ctx = new SecurityContext()
         {
            @Override
            public Principal getUserPrincipal()
View Full Code Here

      metadata = new ResourceMetadata();
      metadata.setResourceName("service");
      metadata.setRealm("domain");
      metadata.setRealmKey(idpPair.getPublic());

      token = new SkeletonKeyToken();
      token.principal("CN=Client")
              .audience("domain")
              .addAccess("service").addRole("admin");
   }
View Full Code Here

      byte[] tokenBytes = JsonSerialization.toByteArray(token, false);

      String encoded = new JWSBuilder()
              .content(tokenBytes)
              .rsa256(idpPair.getPrivate());
      SkeletonKeyToken token =  RSATokenVerifier.verifyToken(encoded, metadata);
      Assert.assertTrue(token.getResourceAccess("service").getRoles().contains("admin"));
      Assert.assertEquals("CN=Client", token.getPrincipal());
   }
View Full Code Here

      String encoded = new JWSBuilder()
              .content(tokenBytes)
              .rsa256(badPair.getPrivate());

      SkeletonKeyToken v = null;
      try
      {
         v = RSATokenVerifier.verifyToken(encoded, metadata);
         Assert.fail();
      }
View Full Code Here

      String encoded = new JWSBuilder()
              .content(tokenBytes)
              .rsa256(idpPair.getPrivate());

      SkeletonKeyToken v = null;
      try
      {
         v = RSATokenVerifier.verifyToken(encoded, metadata);
      }
      catch (VerificationException ignored)
View Full Code Here

      String encoded = new JWSBuilder()
              .content(tokenBytes)
              .rsa256(idpPair.getPrivate());

      SkeletonKeyToken v = null;
      try
      {
         v = RSATokenVerifier.verifyToken(encoded, metadata);
         Assert.fail();
      }
View Full Code Here

TOP

Related Classes of org.jboss.resteasy.skeleton.key.representations.SkeletonKeyToken

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.