private boolean jwtWasIssuedByHost(String issuer) { try { final String consumerKey = consumerService.getConsumer().getKey(); log.debug("jwtWasIssuedByHost: consumer-key='{}', issuer='{}'", consumerKey, issuer); return consumerKey.equals(issuer); } catch(ConsumerCreationException e) { log.error("Could not get the consumer that provides issuer Id.", e); } return false; }
public static boolean isOAuthPluginInstalled(final ApplicationLink applicationLink) { final boolean oAuthPluginInstalled = false; try { final Consumer consumer = fetchConsumerInformation(applicationLink); return consumer.getKey() != null; } catch (ResponseException e) { //ignored } return oAuthPluginInstalled; }
@Override public void marshal(Object value, HierarchicalStreamWriter writer, MarshallingContext context) { writer.setValue(((Consumer) value).getKey()); }
private String getHostClientKey() { return consumerService.getConsumer().getKey(); }
private String getHostClientKey() { return consumerService.getConsumer().getKey(); }
@Override @Nonnull public Optional<String> generate(HttpMethod httpMethod, URI url, Map<String, String[]> parameters, String secret, Optional<UserProfile> user) { checkArgument(null != parameters, "Parameters Map argument cannot be null"); checkArgument(null != secret, "Secret cannot be null"); final String authValue = jwtEncoder.encodeJwt(httpMethod, url, addonBaseUrl, parameters, consumerService.getConsumer().getKey(), secret, user); return Optional.of(JWT_AUTH_HEADER_PREFIX + authValue); } }
@Override @Nonnull public Optional<String> generate(HttpMethod httpMethod, URI url, Map<String, String[]> parameters, String secret, Optional<UserProfile> user) { checkArgument(null != parameters, "Parameters Map argument cannot be null"); checkArgument(null != secret, "Secret cannot be null"); final String authValue = jwtEncoder.encodeJwt(httpMethod, url, addonBaseUrl, parameters, consumerService.getConsumer().getKey(), secret, user); return Optional.of(JWT_AUTH_HEADER_PREFIX + authValue); } }
@GET @Path("service-provider/{applinkId}/{username}") public Response getServiceProviderAccessToken(@PathParam("applinkId") String applinkId, @PathParam("username") String username) throws TypeNotInstalledException { Consumer consumer = getConsumerForApplink(new ApplicationId(applinkId)); Iterable<ServiceProviderToken> tokens = serviceProviderTokenStore.getAccessTokensForUser(username); for (ServiceProviderToken token : tokens) { if (token.getConsumer().getKey().equals(consumer.getKey())) { return Response.ok(new RestAccessToken(token)).build(); } } return Response.status(Status.NOT_FOUND).build(); }
private void registerOAuthConsumer(final String id, final ApplicationLink applicationLink) { Consumer consumer = serviceProviderConsumerStore.get(id); if (consumer == null) { throw new RuntimeException("No consumer with key '" + consumer.getKey() + "' registered!"); } serviceProviderStoreService.addConsumer(consumer, applicationLink); log.debug("Associated OAuth Consumer with key '" + consumer.getKey() + "' with Application Link id='" + applicationLink.getId() + "' and name='" + applicationLink.getName() + "'"); } }
private String getConsumerKey(ApplicationLink applicationLink) { final Map<String, String> config = authenticationConfigurationManager.getConfiguration(applicationLink.getId(), OAuthAuthenticationProvider.class); if (config.containsKey(AddServiceProviderManuallyServlet.CONSUMER_KEY_OUTBOUND)) { return config.get(AddServiceProviderManuallyServlet.CONSUMER_KEY_OUTBOUND); } return consumerService.getConsumer().getKey(); }
@DELETE @Path("service-provider/{applinkId}/{username}") public Response removeServiceProviderAccessTokens(@PathParam("applinkId") String applinkId, @PathParam("username") String username) throws TypeNotInstalledException { Consumer consumer = getConsumerForApplink(new ApplicationId(applinkId)); Iterable<ServiceProviderToken> tokens = serviceProviderTokenStore.getAccessTokensForUser(username); for (ServiceProviderToken token : tokens) { if (token.getConsumer().getKey().equals(consumer.getKey())) { serviceProviderTokenStore.removeAndNotify(token.getToken()); } } return Response.noContent().build(); }
public void addConsumer(final Consumer consumer, final ApplicationLink applicationLink) { // don't check whether the consumer exists already - transparently upgrade existing OAuth consumers to UAL serviceProviderConsumerStore.put(consumer); applicationLink.putProperty(PROPERTY_INCOMING_CONSUMER_KEY, consumer.getKey()); }
private Result getUserLoginResult(HttpServletRequest request, HttpServletResponse response, OAuthMessage message, Consumer consumer, Principal user) { // if a user is provided, they must exist and be able to login if (user != null && !authenticationController.canLogin(user, request)) { LOG.info("Access denied because user:'{}' cannot login", user.getName()); sendError(response, HttpServletResponse.SC_UNAUTHORIZED, message); return new Result.Failure(new OAuthProblem.PermissionDenied(user.getName())); } LOG.info("Authenticated app '{}' as user '{}' successfully", consumer.getKey(), user == null ? "null" : user.getName()); return new Result.Success(user); }
private ConsumerAndSecret getConsumerAndSecret(String consumerKey) { ConsumerAndSecret cas = store.getByKey(consumerKey); if (cas == null) { cas = hostCasProvider.get(); if (!cas.getConsumer().getKey().equals(consumerKey)) { throw new OAuthConsumerNotFoundException("Consumer with key '" + consumerKey + "' could not be found"); } } return cas; }
private void registerOAuthServiceProvider(final String id, final ApplicationLink applicationLink) { final Consumer consumer = consumerService.getConsumerByKey(id); final String requestTokenUrl = applicationLink.getRpcUrl() + "/request/token"; final String accessTokenUrl = applicationLink.getRpcUrl() + "/access/token"; final String authorizeUrl = applicationLink.getDisplayUrl() + "/authorize/token"; authenticationConfigurationManager.registerProvider( applicationLink.getId(), OAuthAuthenticationProvider.class, ImmutableMap.of(AddServiceProviderManuallyServlet.CONSUMER_KEY_OUTBOUND, consumer.getKey(), AddServiceProviderManuallyServlet.SERVICE_PROVIDER_REQUEST_TOKEN_URL, requestTokenUrl, AddServiceProviderManuallyServlet.SERVICE_PROVIDER_ACCESS_TOKEN_URL, accessTokenUrl, AddServiceProviderManuallyServlet.SERVICE_PROVIDER_AUTHORIZE_URL, authorizeUrl)); log.debug("Associated OAuth ServiceProvider with consumer key '" + consumer.getKey() + "' with Application Link id='" + applicationLink.getId() + "' and name='" + applicationLink.getName() + "'"); }
public Request sign(Request request, ServiceProvider serviceProvider, ConsumerToken token) { ConsumerAndSecret cas = getConsumerAndSecret(token.getConsumer().getKey()); OAuthAccessor accessor = asOAuthAccessor(token, cas, serviceProvider); return sign(request, accessor); }
@Override public String signUrl(HttpMethod method, URI targetPath, Map<String, String[]> params) { assertThatTargetPathAndParamsDoNotDuplicateParams(targetPath, params); String encodedJwt = jwtEncoder.encodeJwt(method, targetPath, getBaseUrl(), params, consumerService.getConsumer().getKey(), requireSharedSecret(), Optional.empty()); final UriBuilder uriBuilder = new UriBuilder(Uri.fromJavaUri(URI.create(createGetUrl(targetPath, params)))); uriBuilder.addQueryParameter(JwtConstants.JWT_PARAM_NAME, encodedJwt); return uriBuilder.toString(); }
@Override public String signGetUrl(URI targetPath, Map<String, String[]> params) { assertThatTargetPathAndParamsDoNotDuplicateParams(targetPath, params); String encodedJwt = jwtEncoder.encodeJwt(HttpMethod.GET, targetPath, getBaseUrl(), params, consumerService.getConsumer().getKey(), requireSharedSecret(), Optional.empty()); final UriBuilder uriBuilder = new UriBuilder(Uri.fromJavaUri(URI.create(createGetUrl(targetPath, params)))); uriBuilder.addQueryParameter(JwtConstants.JWT_PARAM_NAME, encodedJwt); return uriBuilder.toString(); }
/** * Creates a new {@code TokenProperties} instance using the attributes of the {@code Token} as property values. */ public TokenProperties(Token token) { putToken(token.getToken()); putTokenSecret(token.getTokenSecret()); putTokenType(token.isAccessToken() ? TokenType.ACCESS : TokenType.REQUEST); putConsumerKey(token.getConsumer().getKey()); if (!token.getProperties().isEmpty()) { putProperties(token.getProperties()); } }
public RestConsumer(@Nonnull Consumer consumer) { checkNotNull(consumer, "consumer"); put(KEY, consumer.getKey()); put(NAME, consumer.getName()); putIfNotNull(DESCRIPTION, consumer.getDescription()); put(SIGNATURE_METHOD, consumer.getSignatureMethod().name()); if (consumer.getPublicKey() != null) { put(PUBLIC_KEY, RSAKeys.toPemEncoding(consumer.getPublicKey())); } putAsString(CALLBACK, consumer.getCallback()); put(TWO_LO_ALLOWED, consumer.getTwoLOAllowed()); putIfNotNull(EXECUTING_TWO_LO_USER, consumer.getExecutingTwoLOUser()); put(TWO_LO_IMPERSONATION_ALLOWED, consumer.getTwoLOImpersonationAllowed()); }