Examples of org.openmhealth.reference.domain.AuthorizationToken

Package org.openmhealth.reference.domain

Examples of org.openmhealth.reference.domain.AuthorizationToken

org.openmhealth.reference.domain.AuthorizationToken

The authorization token for a user to grant access to some scope (e.g. schema IDs) to some third-party.

This class is immutable.
@author John Jenkins

      response.setStatus(oauthResponse.getResponseStatus());
      return oauthResponse.getBody();
    }
    
    // Handle the different types of token requests.
    AuthorizationToken token;
    if(GrantType.AUTHORIZATION_CODE.equals(grantType)) {
      // Attempt to get the code.
      String codeString = oauthRequest.getCode();
      if(codeString == null) {
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(TokenResponse.INVALID_REQUEST)
            .setErrorDescription(
              "An authorization code must be given to be " +
                "exchanged for an authorization token.")
            .buildJSONMessage();
        
        // Set the status and return the error message.
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }
      
      // Attempt to lookup the actual AuthorizationCode object.
      AuthorizationCode code =
        AuthorizationCodeBin.getInstance().getCode(codeString);
      // If the code doesn't exist, reject the request.
      if(code == null) {
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(TokenResponse.INVALID_REQUEST)
            .setErrorDescription(
              "The given authorization code is unknown: " +
                codeString)
            .buildJSONMessage();
        
        // Set the status and return the error message.
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }
      
      // Verify that the client asking for a token is the same as the one
      // that requested the code.
      if(! code.getThirdParty().getId().equals(thirdParty.getId())) {
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(TokenResponse.INVALID_REQUEST)
            .setErrorDescription(
              "This client is not allowed to reference this " +
                "code: " +
                codeString)
            .buildJSONMessage();
        
        // Set the status and return the error message.
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }


      // If the code has expired, reject the request.
      if(System.currentTimeMillis() > code.getExpirationTime()) {
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(TokenResponse.INVALID_REQUEST)
            .setErrorDescription(
              "The given authorization code has expired: " +
                codeString)
            .buildJSONMessage();
        
        // Set the status and return the error message.
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }
      
      // Use the code to lookup the response information and error out if
      // a user has not yet verified it.
      AuthorizationCodeResponse codeResponse =
        AuthorizationCodeResponseBin
          .getInstance().getResponse(code.getCode());
      if(codeResponse == null) {
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(TokenResponse.INVALID_REQUEST)
            .setErrorDescription(
              "A user has not yet verified the code: " +
                codeString)
            .buildJSONMessage();
        
        // Set the status and return the error message.
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }
      
      // Determine if the user granted access and, if not, error out.
      if(! codeResponse.getGranted()) {
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(TokenResponse.INVALID_REQUEST)
            .setErrorDescription(
              "The user denied the authorization: " + codeString)
            .buildJSONMessage();
        
        // Set the status and return the error message.
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }
      
      // Create a new token.
      token = new AuthorizationToken(codeResponse);
    }
    // Handle a third-party refreshing an existing token.
    else if(GrantType.REFRESH_TOKEN.equals(grantType)) {
      // Get the refresh token from the request.
      String refreshToken = oauthRequest.getRefreshToken();
      if(refreshToken == null) {
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(TokenResponse.INVALID_REQUEST)
            .setErrorDescription(
              "An refresh token must be given to be exchanged " +
                "for a new authorization token.")
            .buildJSONMessage();
        
        // Set the status and return the error message.
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }
      // Use the refresh token to lookup the actual refresh token.
      AuthorizationToken currentToken =
        AuthorizationTokenBin
          .getInstance().getTokenFromRefreshToken(refreshToken);
      if(currentToken == null) {
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(TokenResponse.INVALID_REQUEST)
            .setErrorDescription("The refresh token is unknown.")
            .buildJSONMessage();
        
        // Set the status and return the error message.
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }
      
      // Verify that the client asking for a token is the same as the one
      // that was issued the refresh token.
      // This is probably a very serious offense and should probably
      // raise some serious red flags!
      if(!
        currentToken
          .getThirdParty().getId().equals(thirdParty.getId())) {
        
        // Create the OAuth response.
        OAuthResponse oauthResponse =
          OAuthASResponse
            .errorResponse(HttpServletResponse.SC_BAD_REQUEST)
            .setError(TokenResponse.INVALID_REQUEST)
            .setErrorDescription(
              "This token does not belong to this client.")
            .buildJSONMessage();
        
        // Set the status and return the error message.
        response.setStatus(oauthResponse.getResponseStatus());
        return oauthResponse.getBody();
      }
      
      // Create a new authorization token from the current one.
      token = new AuthorizationToken(currentToken);
    }
    // If the grant-type is unknown, then we do not yet understand how
    // the request is built and, therefore, can do nothing more than
    // reject it via an OmhException.
    else {

View Full Code Here

      
      // If the authorization token was given, attempt to add the
      // third-party to the request.
      if(authorizationTokenString != null) {
        // Attempt to get the authorization token.
        AuthorizationToken authorizationToken =
          AuthorizationTokenBin
            .getInstance()
            .getTokenFromAccessToken(authorizationTokenString);
        
        // If the token is null, it does not exist or is expired.

View Full Code Here

                final ResultSet resultSet,
                final int rowNum)
                throws SQLException {
                
                return
                  new AuthorizationToken(
                    resultSet
                      .getString(
                        AuthorizationCode
                          .JSON_KEY_CODE),
                    resultSet

View Full Code Here

                final ResultSet resultSet,
                final int rowNum)
                throws SQLException {
                
                return
                  new AuthorizationToken(
                    resultSet
                      .getString(
                        AuthorizationCode
                          .JSON_KEY_CODE),
                    resultSet

View Full Code Here

TOP

Related Classes of org.openmhealth.reference.domain.AuthorizationToken

org.joda.time.DateTime

org.openmhealth.reference.data.sql.SqlAuthorizationTokenBin

org.openmhealth.reference.filter.AuthFilter

org.openmhealth.reference.servlet.Version1

org.openmhealth.reference.exception.OmhException

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.