@Override public boolean authorizeAccessDelegation(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception { OAuthCallback authzCallback = new OAuthCallback(tokReqMsgCtx.getAuthorizedUser(), tokReqMsgCtx.getOauth2AccessTokenReqDTO().getClientId(), OAuthCallback.OAuthCallbackType.ACCESS_DELEGATION_TOKEN); authzCallback.setRequestedScope(tokReqMsgCtx.getScope()); if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals( org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString())) { authzCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf( OAuthConstants.OAUTH_SAML2_BEARER_GRANT_ENUM.toString())); } else if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals( org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString())) { authzCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf( OAuthConstants.OAUTH_IWA_NTLM_GRANT_ENUM.toString())); } else { authzCallback.setGrantType(tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType()); } callbackManager.handleCallback(authzCallback); tokReqMsgCtx.setValidityPeriod(authzCallback.getValidityPeriod()); return authzCallback.isAuthorized(); }
@Override public boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception { OAuthCallback scopeValidationCallback = new OAuthCallback(tokReqMsgCtx.getAuthorizedUser(), tokReqMsgCtx.getOauth2AccessTokenReqDTO().getClientId(), OAuthCallback.OAuthCallbackType .SCOPE_VALIDATION_TOKEN); scopeValidationCallback.setRequestedScope(tokReqMsgCtx.getScope()); if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals( org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString())) { scopeValidationCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf( OAuthConstants.OAUTH_SAML2_BEARER_GRANT_ENUM.toString())); } else if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals( org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString())) { scopeValidationCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf( OAuthConstants.OAUTH_IWA_NTLM_GRANT_ENUM.toString())); } else { scopeValidationCallback.setGrantType(tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType()); } callbackManager.handleCallback(scopeValidationCallback); tokReqMsgCtx.setValidityPeriod(scopeValidationCallback.getValidityPeriod()); tokReqMsgCtx.setScope(scopeValidationCallback.getApprovedScope()); return scopeValidationCallback.isValidScope(); }
if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals( org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString())) { scopeValidationCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf( OAuthConstants.OAUTH_SAML2_BEARER_GRANT_ENUM.toString())); } else if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals( org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString())) { scopeValidationCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf( OAuthConstants.OAUTH_IWA_NTLM_GRANT_ENUM.toString())); } else {
@Override public boolean authorizeAccessDelegation(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception { OAuthCallback authzCallback = new OAuthCallback(tokReqMsgCtx.getAuthorizedUser(), tokReqMsgCtx.getOauth2AccessTokenReqDTO().getClientId(), OAuthCallback.OAuthCallbackType.ACCESS_DELEGATION_TOKEN); authzCallback.setRequestedScope(tokReqMsgCtx.getScope()); if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals( org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString())) { authzCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf( OAuthConstants.OAUTH_SAML2_BEARER_GRANT_ENUM)); } else if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals( org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString())) { authzCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf( OAuthConstants.OAUTH_IWA_NTLM_GRANT_ENUM)); } else { authzCallback.setGrantType(tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType()); } callbackManager.handleCallback(authzCallback); tokReqMsgCtx.setValidityPeriod(authzCallback.getValidityPeriod()); return authzCallback.isAuthorized(); }