本文整理汇总了Java中org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception类的典型用法代码示例。如果您正苦于以下问题:Java IdentityOAuth2Exception类的具体用法?Java IdentityOAuth2Exception怎么用?Java IdentityOAuth2Exception使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
IdentityOAuth2Exception类属于org.wso2.carbon.identity.oauth2包,在下文中一共展示了IdentityOAuth2Exception类的35个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: validateGrant
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public boolean validateGrant(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception {
RequestParameter[] requestParameters = tokReqMsgCtx.getOauth2AccessTokenReqDTO().getRequestParameters();
for (RequestParameter requestParameter : requestParameters) {
if (TENANT_DOMAIN_KEY.equals(requestParameter.getKey())) {
String[] values = requestParameter.getValue();
if (values != null && values.length > 0) {
tokReqMsgCtx.getOauth2AccessTokenReqDTO()
.setTenantDomain(values[0]);
}
}
}
return super.validateGrant(tokReqMsgCtx);
}
开发者ID:wso2,
项目名称:carbon-device-mgt,
代码行数:17,
代码来源:ExtendedJWTGrantHandler.java
示例2: signJWT
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
* Generic Signing function
*
* @param jwtClaimsSet contains JWT body
* @param request
* @return
* @throws IdentityOAuth2Exception
*/
protected String signJWT(JWTClaimsSet jwtClaimsSet, OAuthTokenReqMessageContext request)
throws IdentityOAuth2Exception {
if (JWSAlgorithm.RS256.equals(signatureAlgorithm) || JWSAlgorithm.RS384.equals(signatureAlgorithm) ||
JWSAlgorithm.RS512.equals(signatureAlgorithm)) {
return signJWTWithRSA(jwtClaimsSet, request);
} else if (JWSAlgorithm.HS256.equals(signatureAlgorithm) || JWSAlgorithm.HS384.equals(signatureAlgorithm) ||
JWSAlgorithm.HS512.equals(signatureAlgorithm)) {
// return signWithHMAC(jwtClaimsSet,jwsAlgorithm,request); implementation need to be done
return null;
} else {
// return signWithEC(jwtClaimsSet,jwsAlgorithm,request); implementation need to be done
return null;
}
}
开发者ID:wso2,
项目名称:msf4j,
代码行数:24,
代码来源:JWTAccessTokenBuilder.java
示例3: mapSignatureAlgorithm
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
* This method map signature algorithm define in identity.xml to nimbus
* signature algorithm
* format, Strings are defined inline hence there are not being used any
* where
*
* @param signatureAlgorithm
* @return
* @throws IdentityOAuth2Exception
*/
protected JWSAlgorithm mapSignatureAlgorithm(String signatureAlgorithm) throws IdentityOAuth2Exception {
if (NONE.equals(signatureAlgorithm)) {
return new JWSAlgorithm(JWSAlgorithm.NONE.getName());
} else if (SHA256_WITH_RSA.equals(signatureAlgorithm)) {
return JWSAlgorithm.RS256;
} else if (SHA384_WITH_RSA.equals(signatureAlgorithm)) {
return JWSAlgorithm.RS384;
} else if (SHA512_WITH_RSA.equals(signatureAlgorithm)) {
return JWSAlgorithm.RS512;
} else if (SHA256_WITH_HMAC.equals(signatureAlgorithm)) {
return JWSAlgorithm.HS256;
} else if (SHA384_WITH_HMAC.equals(signatureAlgorithm)) {
return JWSAlgorithm.HS384;
} else if (SHA512_WITH_HMAC.equals(signatureAlgorithm)) {
return JWSAlgorithm.HS512;
} else if (SHA256_WITH_EC.equals(signatureAlgorithm)) {
return JWSAlgorithm.ES256;
} else if (SHA384_WITH_EC.equals(signatureAlgorithm)) {
return JWSAlgorithm.ES384;
} else if (SHA512_WITH_EC.equals(signatureAlgorithm)) {
return JWSAlgorithm.ES512;
}
throw new IdentityOAuth2Exception("Unsupported Signature Algorithm in identity.xml");
}
开发者ID:wso2,
项目名称:msf4j,
代码行数:36,
代码来源:JWTAccessTokenBuilder.java
示例4: putUserRPToStore
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
* @param user
* @param appName
* @throws OAuthSystemException
*/
public void putUserRPToStore(AuthenticatedUser user, String appName, boolean trustedAlways, String clientId) throws
OAuthSystemException {
OpenIDUserRPDO repDO = new OpenIDUserRPDO();
repDO.setDefaultProfileName(DEFAULT_PROFILE_NAME);
repDO.setRpUrl(appName);
repDO.setUserName(user.getAuthenticatedSubjectIdentifier());
repDO.setTrustedAlways(trustedAlways);
int tenantId = -1;
if (user.getUserName() != null) {
tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
} else {
OAuthAppDAO oAuthAppDAO = new OAuthAppDAO();
OAuthAppDO appDO;
try {
appDO = oAuthAppDAO.getAppInformation(clientId);
tenantId = IdentityTenantUtil.getTenantId(appDO.getUser().getTenantDomain());
} catch (IdentityOAuth2Exception | InvalidOAuthClientException e) {
throw new OAuthSystemException("Error while retrieving app");
}
}
OpenIDUserRPDAO dao = new OpenIDUserRPDAO();
dao.createOrUpdate(repDO, tenantId);
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:30,
代码来源:OpenIDConnectUserRPStore.java
示例5: getAvailableUserStoreDomainMappings
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public static Map<String, String> getAvailableUserStoreDomainMappings() throws
IdentityOAuth2Exception {
//TreeMap is used to ignore the case sensitivity of key. Because when user logged in, the case of the user name is ignored.
Map<String, String> userStoreDomainMap = new TreeMap<String, String>(String.CASE_INSENSITIVE_ORDER);
String domainsStr = getAccessTokenPartitioningDomains();
if (domainsStr != null) {
String[] userStoreDomainsArr = domainsStr.split(",");
for (String userStoreDomains : userStoreDomainsArr) {
String[] mapping = userStoreDomains.trim().split(":"); //A:foo.com , B:bar.com
if (mapping.length < 2) {
throw new IdentityOAuth2Exception("Domain mapping has not defined correctly");
}
userStoreDomainMap.put(mapping[1].trim(), mapping[0].trim()); //key=domain & value=mapping
}
}
return userStoreDomainMap;
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:18,
代码来源:OAuth2Util.java
示例6: mapSignatureAlgorithm
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
protected JWSAlgorithm mapSignatureAlgorithm(String signatureAlgorithm)
throws IdentityOAuth2Exception {
if ("SHA256withRSA".equals(signatureAlgorithm)) {
return JWSAlgorithm.RS256;
} else if ("SHA384withRSA".equals(signatureAlgorithm)) {
return JWSAlgorithm.RS384;
} else if ("SHA512withRSA".equals(signatureAlgorithm)) {
return JWSAlgorithm.RS512;
} else if ("SHA256withHMAC".equals(signatureAlgorithm)) {
return JWSAlgorithm.HS256;
} else if ("SHA384withHMAC".equals(signatureAlgorithm)) {
return JWSAlgorithm.HS384;
} else if ("SHA512withHMAC".equals(signatureAlgorithm)) {
return JWSAlgorithm.HS512;
} else if ("SHA256withEC".equals(signatureAlgorithm)) {
return JWSAlgorithm.ES256;
} else if ("SHA384withEC".equals(signatureAlgorithm)) {
return JWSAlgorithm.ES384;
} else if ("SHA512withEC".equals(signatureAlgorithm)) {
return JWSAlgorithm.ES512;
}
log.error("Unsupported Signature Algorithm in identity.xml");
throw new IdentityOAuth2Exception("Unsupported Signature Algorithm in identity.xml");
}
开发者ID:apache,
项目名称:stratos,
代码行数:25,
代码来源:ClientCredentialsGrantHandler.java
示例7: validateScope
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx)
throws IdentityOAuth2Exception {
OAuthCallback scopeValidationCallback = new OAuthCallback(tokReqMsgCtx.getAuthorizedUser(),
tokReqMsgCtx.getOauth2AccessTokenReqDTO().getClientId(), OAuthCallback.OAuthCallbackType
.SCOPE_VALIDATION_TOKEN);
scopeValidationCallback.setRequestedScope(tokReqMsgCtx.getScope());
if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals(
org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString())) {
scopeValidationCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf(
OAuthConstants.OAUTH_SAML2_BEARER_GRANT_ENUM.toString()));
} else if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals(
org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString())) {
scopeValidationCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf(
OAuthConstants.OAUTH_IWA_NTLM_GRANT_ENUM.toString()));
} else {
scopeValidationCallback.setGrantType(tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType());
}
callbackManager.handleCallback(scopeValidationCallback);
tokReqMsgCtx.setValidityPeriod(scopeValidationCallback.getValidityPeriod());
tokReqMsgCtx.setScope(scopeValidationCallback.getApprovedScope());
return scopeValidationCallback.isValidScope();
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:25,
代码来源:AbstractAuthorizationGrantHandler.java
示例8: getOAuthAuthzHandler
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
* Get the appropriate <Code>OAuthCallbackHandler</Code> for the given callback
*
* @param authzCallback <Code>OAuthCallback</Code> object
* @return <Code>OAuthCallbackHandler</Code> instance which can handle the
* given callback, return <Code>null</Code> if there is no OAuthCallbackHandler which
* can handle the given callback
* @throws IdentityOAuth2Exception Error while evaluating the canHandle method
*/
public OAuthCallbackHandler getOAuthAuthzHandler(
OAuthCallback authzCallback) throws IdentityOAuth2Exception {
for (OAuthCallbackHandler oauthAuthzCbHandler : authzCallbackHandlers) {
if (oauthAuthzCbHandler.canHandle(new Callback[]{authzCallback})) {
if (log.isDebugEnabled()) {
log.debug("OAuthCallbackHandler was found for the callback. Class Name : " + oauthAuthzCbHandler
.getClass().getName() + " Resource Owner : " + authzCallback.getResourceOwner() + " " +
"Client Id : " + authzCallback.getClient() + " Scope : " + OAuth2Util.buildScopeString
(authzCallback.getRequestedScope()));
}
return oauthAuthzCbHandler;
}
}
if (log.isDebugEnabled()) {
log.debug("No OAuthAuthorizationCallbackHandlers were found for the callback. Resource Owner : " +
authzCallback.getResourceOwner() + " Client Id : " + authzCallback.getClient() + " Scope : " +
OAuth2Util.buildScopeString(authzCallback.getRequestedScope()));
}
return null;
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:32,
代码来源:OAuthCallbackHandlerRegistry.java
示例9: signJWT
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
* Generic Signing function
*
* @param signedJWT
* @param tenantDomain
* @param tenantId
* @return
* @throws IdentityOAuth2Exception
*/
protected JWT signJWT(SignedJWT signedJWT, String tenantDomain, int tenantId)
throws IdentityOAuth2Exception {
if (JWSAlgorithm.RS256.equals(signatureAlgorithm) || JWSAlgorithm.RS384.equals(signatureAlgorithm) ||
JWSAlgorithm.RS512.equals(signatureAlgorithm)) {
return signJWTWithRSA(signedJWT, signatureAlgorithm, tenantDomain, tenantId);
} else if (JWSAlgorithm.HS256.equals(signatureAlgorithm) ||
JWSAlgorithm.HS384.equals(signatureAlgorithm) ||
JWSAlgorithm.HS512.equals(signatureAlgorithm)) {
// return signWithHMAC(payLoad,jwsAlgorithm,tenantDomain,tenantId); implementation
// need to be done
} else if (JWSAlgorithm.ES256.equals(signatureAlgorithm) ||
JWSAlgorithm.ES384.equals(signatureAlgorithm) ||
JWSAlgorithm.ES512.equals(signatureAlgorithm)) {
// return signWithEC(payLoad,jwsAlgorithm,tenantDomain,tenantId); implementation
// need to be done
}
log.error("UnSupported Signature Algorithm");
throw new IdentityOAuth2Exception("UnSupported Signature Algorithm");
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:30,
代码来源:JWTTokenGenerator.java
示例10: deactivateAuthorizationCode
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public void deactivateAuthorizationCode(List<AuthzCodeDO> authzCodeDOs) throws IdentityOAuth2Exception {
Connection connection = IdentityDatabaseUtil.getDBConnection();
PreparedStatement prepStmt = null;
try {
prepStmt = connection.prepareStatement(SQLQueries.DEACTIVATE_AUTHZ_CODE_AND_INSERT_CURRENT_TOKEN);
for (AuthzCodeDO authzCodeDO : authzCodeDOs){
prepStmt.setString(1, authzCodeDO.getOauthTokenId());
prepStmt.setString(2, persistenceProcessor.getPreprocessedAuthzCode(authzCodeDO.getAuthorizationCode()));
prepStmt.addBatch();
}
prepStmt.executeBatch();
connection.commit();
} catch (SQLException e) {
throw new IdentityOAuth2Exception("Error when deactivating authorization code", e);
} finally {
IdentityDatabaseUtil.closeAllConnections(connection, null, prepStmt);
}
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:20,
代码来源:TokenMgtDAO.java
示例11: setAccessTokenState
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
*
* @param connection database connection
* @param tokenId accesstoken
* @param tokenState state of the token need to be updated.
* @param tokenStateId token state id.
* @param userStoreDomain user store domain.
* @throws IdentityOAuth2Exception
*/
public void setAccessTokenState(Connection connection, String tokenId, String tokenState,
String tokenStateId, String userStoreDomain)
throws IdentityOAuth2Exception {
PreparedStatement prepStmt = null;
try {
String sql = SQLQueries.UPDATE_TOKE_STATE;
if (StringUtils.isNotBlank(userStoreDomain)) {
sql = sql.replace(IDN_OAUTH2_ACCESS_TOKEN, IDN_OAUTH2_ACCESS_TOKEN + "_" + userStoreDomain);
}
prepStmt = connection.prepareStatement(sql);
prepStmt.setString(1, tokenState);
prepStmt.setString(2, tokenStateId);
prepStmt.setString(3, tokenId);
prepStmt.executeUpdate();
} catch (SQLException e) {
throw new IdentityOAuth2Exception("Error while updating Access Token with ID : " +
tokenId + " to Token State : " + tokenState, e);
} finally {
IdentityDatabaseUtil.closeStatement(prepStmt);
}
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:32,
代码来源:TokenMgtDAO.java
示例12: authorizeAccessDelegation
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public boolean authorizeAccessDelegation(OAuthTokenReqMessageContext tokReqMsgCtx)
throws IdentityOAuth2Exception {
OAuthCallback authzCallback = new OAuthCallback(tokReqMsgCtx.getAuthorizedUser(),
tokReqMsgCtx.getOauth2AccessTokenReqDTO().getClientId(),
OAuthCallback.OAuthCallbackType.ACCESS_DELEGATION_TOKEN);
authzCallback.setRequestedScope(tokReqMsgCtx.getScope());
if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals(
org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString())) {
authzCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf(
OAuthConstants.OAUTH_SAML2_BEARER_GRANT_ENUM.toString()));
} else if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals(
org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString())) {
authzCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf(
OAuthConstants.OAUTH_IWA_NTLM_GRANT_ENUM.toString()));
} else {
authzCallback.setGrantType(tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType());
}
callbackManager.handleCallback(authzCallback);
tokReqMsgCtx.setValidityPeriod(authzCallback.getValidityPeriod());
return authzCallback.isAuthorized();
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:23,
代码来源:AbstractAuthorizationGrantHandler.java
示例13: getActiveTokensForConsumerKey
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public Set<String> getActiveTokensForConsumerKey(String consumerKey) throws IdentityOAuth2Exception {
Connection connection = IdentityDatabaseUtil.getDBConnection();
PreparedStatement ps = null;
ResultSet rs = null;
Set<String> accessTokens = new HashSet<>();
try {
String sqlQuery = SQLQueries.GET_ACCESS_TOKENS_FOR_CONSUMER_KEY;
ps = connection.prepareStatement(sqlQuery);
ps.setString(1, consumerKey);
ps.setString(2, OAuthConstants.TokenStates.TOKEN_STATE_ACTIVE);
rs = ps.executeQuery();
while (rs.next()) {
accessTokens.add(rs.getString(1));
}
connection.commit();
} catch (SQLException e) {
IdentityDatabaseUtil.rollBack(connection);
throw new IdentityOAuth2Exception("Error occurred while getting access tokens from acces token table for " +
"the application with consumer key : " + consumerKey, e);
} finally {
IdentityDatabaseUtil.closeAllConnections(connection, null, ps);
}
return accessTokens;
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:25,
代码来源:TokenMgtDAO.java
示例14: getAuthorizationCodesForConsumerKey
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public Set<String> getAuthorizationCodesForConsumerKey(String consumerKey) throws IdentityOAuth2Exception {
Connection connection = IdentityDatabaseUtil.getDBConnection();
PreparedStatement ps = null;
ResultSet rs = null;
Set<String> authorizationCodes = new HashSet<>();
try {
String sqlQuery = SQLQueries.GET_AUTHORIZATION_CODES_FOR_CONSUMER_KEY;
ps = connection.prepareStatement(sqlQuery);
ps.setString(1, consumerKey);
rs = ps.executeQuery();
while (rs.next()) {
authorizationCodes.add(rs.getString(1));
}
connection.commit();
} catch (SQLException e) {
IdentityDatabaseUtil.rollBack(connection);
throw new IdentityOAuth2Exception("Error occurred while getting authorization codes from authorization code table for the application with consumer key : " + consumerKey, e);
} finally {
IdentityDatabaseUtil.closeAllConnections(connection, null, ps);
}
return authorizationCodes;
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:23,
代码来源:TokenMgtDAO.java
示例15: findScopeOfResource
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public String findScopeOfResource(String resourceUri) throws IdentityOAuth2Exception {
Connection connection = IdentityDatabaseUtil.getDBConnection();;
PreparedStatement ps = null;
ResultSet rs = null;
try {
String sql = SQLQueries.RETRIEVE_IOS_SCOPE_KEY;
ps = connection.prepareStatement(sql);
ps.setString(1, resourceUri);
rs = ps.executeQuery();
if (rs.next()) {
return rs.getString("SCOPE_KEY");
}
connection.commit();
return null;
} catch (SQLException e) {
String errorMsg = "Error getting scopes for resource - " + resourceUri + " : " + e.getMessage();
throw new IdentityOAuth2Exception(errorMsg, e);
} finally {
IdentityDatabaseUtil.closeAllConnections(connection, rs, ps);
}
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:26,
代码来源:TokenMgtDAO.java
示例16: renameUserStoreDomainInAccessTokenTable
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public void renameUserStoreDomainInAccessTokenTable(int tenantId, String currentUserStoreDomain, String
newUserStoreDomain) throws IdentityOAuth2Exception {
//we do not support access token partitioning here
Connection connection = IdentityDatabaseUtil.getDBConnection();
PreparedStatement ps = null;
try {
String sqlQuery = SQLQueries.RENAME_USER_STORE_IN_ACCESS_TOKENS_TABLE;
ps = connection.prepareStatement(sqlQuery);
ps.setString(1, newUserStoreDomain.toUpperCase());
ps.setInt(2, tenantId);
ps.setString(3, currentUserStoreDomain.toUpperCase());
int count = ps.executeUpdate();
if (log.isDebugEnabled()) {
log.debug("Number of rows being updated : " + count);
}
connection.commit();
} catch (SQLException e) {
IdentityDatabaseUtil.rollBack(connection);
throw new IdentityOAuth2Exception("Error occurred while renaming user store : " + currentUserStoreDomain +
" in tenant :" + tenantId, e);
} finally {
IdentityDatabaseUtil.closeAllConnections(connection, null, ps);
}
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:27,
代码来源:TokenMgtDAO.java
示例17: renameUserStoreDomainInAuthorizationCodeTable
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public void renameUserStoreDomainInAuthorizationCodeTable(int tenantId, String currentUserStoreDomain, String
newUserStoreDomain) throws IdentityOAuth2Exception {
//we do not support access token partitioning here
Connection connection = IdentityDatabaseUtil.getDBConnection();
PreparedStatement ps = null;
try {
String sqlQuery = SQLQueries.RENAME_USER_STORE_IN_AUTHORIZATION_CODES_TABLE;
ps = connection.prepareStatement(sqlQuery);
ps.setString(1, newUserStoreDomain.toUpperCase());
ps.setInt(2, tenantId);
ps.setString(3, currentUserStoreDomain.toUpperCase());
int count = ps.executeUpdate();
if (log.isDebugEnabled()) {
log.debug("Number of rows being updated : " + count);
}
connection.commit();
} catch (SQLException e) {
IdentityDatabaseUtil.rollBack(connection);
throw new IdentityOAuth2Exception("Error occurred while renaming user store : " + currentUserStoreDomain +
"in tenant :" + tenantId, e);
} finally {
IdentityDatabaseUtil.closeAllConnections(connection, null, ps);
}
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:26,
代码来源:TokenMgtDAO.java
示例18: getClaims
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public SortedMap<String, String> getClaims(String endUserName, String[] requestedClaims) throws IdentityOAuth2Exception {
SortedMap<String, String> claimValues;
int tenantId = MultitenantConstants.SUPER_TENANT_ID;
try {
tenantId = OAuth2Util.getTenantIdFromUserName(endUserName);
String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(endUserName);
UserStoreManager userStoreManager = OAuthComponentServiceHolder.getRealmService().
getTenantUserRealm(tenantId).getUserStoreManager();
claimValues = new TreeMap(userStoreManager.getUserClaimValues(tenantAwareUsername, requestedClaims, null));
} catch (UserStoreException e) {
throw new IdentityOAuth2Exception("Error while reading claims for user : " + endUserName, e);
}
return claimValues;
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:17,
代码来源:DefaultClaimsRetriever.java
示例19: authenticateClient
点赞 3
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public boolean authenticateClient(OAuthTokenReqMessageContext tokReqMsgCtx)
throws IdentityOAuth2Exception {
OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO = tokReqMsgCtx.getOauth2AccessTokenReqDTO();
//Skipping credential validation for saml2 bearer if not configured as needed
if (StringUtils.isEmpty(oAuth2AccessTokenReqDTO.getClientSecret()) && org.wso2.carbon.identity.oauth.common
.GrantType.SAML20_BEARER.toString().equals(oAuth2AccessTokenReqDTO.getGrantType()) && JavaUtils
.isFalseExplicitly(authConfig)) {
if (log.isDebugEnabled()) {
log.debug("Grant type : " + oAuth2AccessTokenReqDTO.getGrantType() + " " +
"Strict client validation set to : " + authConfig + " Authenticating without client secret");
}
return true;
}
if (log.isDebugEnabled()) {
log.debug("Grant type : " + oAuth2AccessTokenReqDTO.getGrantType() + " " +
"Strict client validation set to : " + authConfig);
}
return false;
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:24,
代码来源:AbstractClientAuthHandler.java
示例20: validateGrant
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public boolean validateGrant(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception {
if(!super.validateGrant(tokReqMsgCtx)){
return false;
}
AuthenticatedUser authenticatedUser = tokReqMsgCtx.getAuthorizedUser();
authenticatedUser.setUserName(MultitenantUtils.getTenantAwareUsername(authenticatedUser.getUserName()));
return true;
}
开发者ID:wso2,
项目名称:carbon-device-mgt,
代码行数:10,
代码来源:ExtendedSAML2BearerGrantHandler.java
示例21: JWTAccessTokenBuilder
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public JWTAccessTokenBuilder() throws IdentityOAuth2Exception {
if (log.isDebugEnabled()) {
log.debug("JWT Access token builder is initiated");
}
config = OAuthServerConfiguration.getInstance();
//map signature algorithm from identity.xml to nimbus format, this is a one time configuration
signatureAlgorithm = mapSignatureAlgorithm(config.getSignatureAlgorithm());
}
开发者ID:wso2,
项目名称:msf4j,
代码行数:9,
代码来源:JWTAccessTokenBuilder.java
示例22: accessToken
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public String accessToken(OAuthTokenReqMessageContext oAuthTokenReqMessageContext) throws OAuthSystemException {
if (log.isDebugEnabled()) {
log.debug("Access token request with token request message context. Authorized user " +
oAuthTokenReqMessageContext.getAuthorizedUser().toString());
}
try {
return this.buildIDToken(oAuthTokenReqMessageContext);
} catch (IdentityOAuth2Exception e) {
if (log.isDebugEnabled()) {
log.debug("Error occurred while issuing jwt access token. Hence returning default token", e);
}
// Return default access token if it fails to build jwt
return super.accessToken(oAuthTokenReqMessageContext);
}
}
开发者ID:wso2,
项目名称:msf4j,
代码行数:16,
代码来源:JWTAccessTokenBuilder.java
示例23: buildIDToken
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
* To build id token from OauthToken request message context
*
* @param request Token request message context
* @return Signed jwt string.
* @throws IdentityOAuth2Exception
*/
protected String buildIDToken(OAuthTokenReqMessageContext request)
throws IdentityOAuth2Exception {
String issuer = OAuth2Util.getIDTokenIssuer();
long lifetimeInMillis = OAuthServerConfiguration.getInstance().
getApplicationAccessTokenValidityPeriodInSeconds() * 1000;
long curTimeInMillis = Calendar.getInstance().getTimeInMillis();
// setting subject
String subject = request.getAuthorizedUser().getAuthenticatedSubjectIdentifier();
if (!StringUtils.isNotBlank(subject)) {
subject = request.getAuthorizedUser().getUserName();
}
// Set claims to jwt token.
JWTClaimsSet jwtClaimsSet = new JWTClaimsSet();
jwtClaimsSet.setIssuer(issuer);
jwtClaimsSet.setSubject(subject);
jwtClaimsSet.setAudience(Arrays.asList(request.getOauth2AccessTokenReqDTO().getClientId()));
jwtClaimsSet.setClaim(Constants.AUTHORIZATION_PARTY, request.getOauth2AccessTokenReqDTO().getClientId());
jwtClaimsSet.setExpirationTime(new Date(curTimeInMillis + lifetimeInMillis));
jwtClaimsSet.setIssueTime(new Date(curTimeInMillis));
addUserClaims(jwtClaimsSet, request.getAuthorizedUser());
if (JWSAlgorithm.NONE.getName().equals(signatureAlgorithm.getName())) {
return new PlainJWT(jwtClaimsSet).serialize();
}
return signJWT(jwtClaimsSet, request);
}
开发者ID:wso2,
项目名称:msf4j,
代码行数:35,
代码来源:JWTAccessTokenBuilder.java
示例24: getAccessTokenIssuedTime
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
private long getAccessTokenIssuedTime(String accessToken, OAuthAuthzReqMessageContext request)
throws IdentityOAuth2Exception {
AccessTokenDO accessTokenDO = null;
TokenMgtDAO tokenMgtDAO = new TokenMgtDAO();
OAuthCache oauthCache = OAuthCache.getInstance();
String authorizedUser = request.getAuthorizationReqDTO().getUser().toString();
boolean isUsernameCaseSensitive = IdentityUtil.isUserStoreInUsernameCaseSensitive(authorizedUser);
if (!isUsernameCaseSensitive){
authorizedUser = authorizedUser.toLowerCase();
}
OAuthCacheKey cacheKey = new OAuthCacheKey(
request.getAuthorizationReqDTO().getConsumerKey() + ":" + authorizedUser +
":" + OAuth2Util.buildScopeString(request.getApprovedScope()));
CacheEntry result = oauthCache.getValueFromCache(cacheKey);
// cache hit, do the type check.
if (result instanceof AccessTokenDO) {
accessTokenDO = (AccessTokenDO) result;
}
// Cache miss, load the access token info from the database.
if (accessTokenDO == null) {
accessTokenDO = tokenMgtDAO.retrieveAccessToken(accessToken, false);
}
// if the access token or client id is not valid
if (accessTokenDO == null) {
throw new IdentityOAuth2Exception("Access token based information is not available in cache or database");
}
return accessTokenDO.getIssuedTime().getTime();
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:36,
代码来源:DefaultIDTokenBuilder.java
示例25: mapDigestAlgorithm
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
* This method maps signature algorithm define in identity.xml to digest algorithms to generate the at_hash
*
* @param signatureAlgorithm
* @return
* @throws IdentityOAuth2Exception
*/
protected String mapDigestAlgorithm(Algorithm signatureAlgorithm) throws IdentityOAuth2Exception {
if (JWSAlgorithm.RS256.equals(signatureAlgorithm) || JWSAlgorithm.HS256.equals(signatureAlgorithm) ||
JWSAlgorithm.ES256.equals(signatureAlgorithm)) {
return SHA256;
} else if (JWSAlgorithm.RS384.equals(signatureAlgorithm) || JWSAlgorithm.HS384.equals(signatureAlgorithm) ||
JWSAlgorithm.ES384.equals(signatureAlgorithm)) {
return SHA384;
} else if (JWSAlgorithm.RS512.equals(signatureAlgorithm) || JWSAlgorithm.HS512.equals(signatureAlgorithm) ||
JWSAlgorithm.ES512.equals(signatureAlgorithm)) {
return SHA512;
}
throw new RuntimeException("Cannot map Signature Algorithm in identity.xml to hashing algorithm");
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:22,
代码来源:DefaultIDTokenBuilder.java
示例26: OAuthAppDAO
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public OAuthAppDAO() {
try {
persistenceProcessor = OAuthServerConfiguration.getInstance().getPersistenceProcessor();
} catch (IdentityOAuth2Exception e) {
log.error("Error retrieving TokenPersistenceProcessor. Defaulting to PlainTextPersistenceProcessor");
persistenceProcessor = new PlainTextPersistenceProcessor();
}
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:11,
代码来源:OAuthAppDAO.java
示例27: OAuthConsumerDAO
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public OAuthConsumerDAO() {
try {
persistenceProcessor = OAuthServerConfiguration.getInstance().getPersistenceProcessor();
} catch (IdentityOAuth2Exception e) {
log.error("Error retrieving TokenPersistenceProcessor. Defaulting to PlainTextProcessor", e);
persistenceProcessor = new PlainTextPersistenceProcessor();
}
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:11,
代码来源:OAuthConsumerDAO.java
示例28: validateAccessDelegation
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public boolean validateAccessDelegation(OAuthAuthzReqMessageContext oauthAuthzMsgCtx)
throws IdentityOAuth2Exception {
OAuth2AuthorizeReqDTO authzReqDTO = oauthAuthzMsgCtx.getAuthorizationReqDTO();
String responseType = authzReqDTO.getResponseType();
OAuthAppDO oAuthAppDO = (OAuthAppDO)oauthAuthzMsgCtx.getProperty("OAuthAppDO");
// If the application has defined a limited set of grant types, then check the grant
if (oAuthAppDO.getGrantTypes() != null) {
if (ResponseType.CODE.toString().equals(responseType)) {
//Do not change this log format as these logs use by external applications
if (!oAuthAppDO.getGrantTypes().contains("authorization_code")) {
log.debug("Unsupported Response Type : " + responseType +
" for client id : " + authzReqDTO.getConsumerKey());
handleErrorRequest(oauthAuthzMsgCtx, OAuthError.CodeResponse.UNSUPPORTED_RESPONSE_TYPE,
"Unsupported Response Type!");
return false;
}
} else if (StringUtils.contains(responseType, ResponseType.TOKEN.toString()) &&
!oAuthAppDO.getGrantTypes().contains(IMPLICIT)) {
//Do not change this log format as these logs use by external applications
log.debug("Unsupported Response Type : " + responseType + " for client id : " + authzReqDTO
.getConsumerKey());
handleErrorRequest(oauthAuthzMsgCtx, OAuthError.CodeResponse.UNSUPPORTED_RESPONSE_TYPE,
"Unsupported Response Type!");
return false;
}
}
OAuth2AuthorizeReqDTO authorizationReqDTO = oauthAuthzMsgCtx.getAuthorizationReqDTO();
OAuthCallback authzCallback = new OAuthCallback(authorizationReqDTO.getUser(),
authorizationReqDTO.getConsumerKey(), OAuthCallback.OAuthCallbackType.ACCESS_DELEGATION_AUTHZ);
authzCallback.setRequestedScope(authorizationReqDTO.getScopes());
authzCallback.setResponseType(authorizationReqDTO.getResponseType());
callbackManager.handleCallback(authzCallback);
oauthAuthzMsgCtx.setValidityPeriod(authzCallback.getValidityPeriod());
return authzCallback.isAuthorized();
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:41,
代码来源:AbstractResponseTypeHandler.java
示例29: init
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public void init() throws IdentityOAuth2Exception {
tokenMgtDAO = new TokenMgtDAO();
callbackManager = new OAuthCallbackManager();
// Set the cache instance if caching is enabled.
if (OAuthServerConfiguration.getInstance().isCacheEnabled()) {
cacheEnabled = true;
oauthCache = OAuthCache.getInstance();
}
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:11,
代码来源:AbstractAuthorizationGrantHandler.java
示例30: buildIdToken
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
private void buildIdToken(OAuthAuthzReqMessageContext msgCtx, OAuth2AuthorizeRespDTO authzRespDTO)
throws IdentityOAuth2Exception{
if (StringUtils.contains(msgCtx.getAuthorizationReqDTO().getResponseType(), "id_token") &&
msgCtx.getApprovedScope() != null && OAuth2Util.isOIDCAuthzRequest(msgCtx.getApprovedScope())) {
IDTokenBuilder builder = OAuthServerConfiguration.getInstance().getOpenIDConnectIDTokenBuilder();
authzRespDTO.setIdToken(builder.buildIDToken(msgCtx, authzRespDTO));
}
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:10,
代码来源:TokenResponseTypeHandler.java
示例31: getPrivateKey
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
private Key getPrivateKey(String tenantDomain, int tenantId) throws IdentityOAuth2Exception {
if (tenantDomain == null) {
tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
}
if (tenantId == 0) {
tenantId = OAuth2Util.getTenantId(tenantDomain);
}
Key privateKey = null;
if (!(privateKeys.containsKey(tenantId))) {
// get tenant's key store manager
KeyStoreManager tenantKSM = KeyStoreManager.getInstance(tenantId);
if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
// derive key store name
String ksName = tenantDomain.trim().replace(".", "-");
String jksName = ksName + ".jks";
// obtain private key
privateKey = tenantKSM.getPrivateKey(jksName, tenantDomain);
} else {
try {
privateKey = tenantKSM.getDefaultPrivateKey();
} catch (Exception e) {
log.error("Error while obtaining private key for super tenant", e);
}
}
if (privateKey != null) {
privateKeys.put(tenantId, privateKey);
}
} else {
privateKey = privateKeys.get(tenantId);
}
return privateKey;
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:39,
代码来源:JWTTokenGenerator.java
示例32: getProcessedClientSecret
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public String getProcessedClientSecret(String clientSecret) throws IdentityOAuth2Exception {
try {
return encrypt(clientSecret);
} catch (CryptoException e) {
throw new IdentityOAuth2Exception("Error while retrieving processed client secret", e);
}
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:9,
代码来源:EncryptionDecryptionPersistenceProcessor.java
示例33: getPreprocessedAuthzCode
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public String getPreprocessedAuthzCode(String processedAuthzCode) throws IdentityOAuth2Exception {
try {
return decrypt(processedAuthzCode);
} catch (CryptoException e) {
throw new IdentityOAuth2Exception("Error while retrieving preprocessed authorization code", e);
}
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:9,
代码来源:EncryptionDecryptionPersistenceProcessor.java
示例34: getPreprocessedAccessTokenIdentifier
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public String getPreprocessedAccessTokenIdentifier(String processedAccessTokenIdentifier)
throws IdentityOAuth2Exception {
try {
return decrypt(processedAccessTokenIdentifier);
} catch (CryptoException e) {
throw new IdentityOAuth2Exception("Error while retrieving preprocessed access token identifier", e);
}
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:10,
代码来源:EncryptionDecryptionPersistenceProcessor.java
示例35: getInstance
点赞 2
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public static AuthorizationHandlerManager getInstance() throws IdentityOAuth2Exception {
CarbonUtils.checkSecurity();
if (instance == null) {
synchronized (AuthorizationHandlerManager.class) {
if (instance == null) {
instance = new AuthorizationHandlerManager();
}
}
}
return instance;
}
开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:13,
代码来源:AuthorizationHandlerManager.java
版权声明:本文转自网络文章,转载此文章仅为分享知识,如有侵权,请联系管理员进行删除。
