• 如果您觉得本站非常有看点,那么赶紧使用Ctrl+D 收藏吧

Java IdentityOAuth2Exception类的典型用法和代码示例

java 1次浏览

本文整理汇总了Java中org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception的典型用法代码示例。如果您正苦于以下问题:Java IdentityOAuth2Exception类的具体用法?Java IdentityOAuth2Exception怎么用?Java IdentityOAuth2Exception使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。

IdentityOAuth2Exception类属于org.wso2.carbon.identity.oauth2包,在下文中一共展示了IdentityOAuth2Exception类的35个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: validateGrant

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public boolean validateGrant(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception {

    RequestParameter[] requestParameters = tokReqMsgCtx.getOauth2AccessTokenReqDTO().getRequestParameters();
    for (RequestParameter requestParameter : requestParameters) {
        if (TENANT_DOMAIN_KEY.equals(requestParameter.getKey())) {
            String[] values = requestParameter.getValue();
            if (values != null && values.length > 0) {
                tokReqMsgCtx.getOauth2AccessTokenReqDTO()
                        .setTenantDomain(values[0]);
            }
        }
    }

    return super.validateGrant(tokReqMsgCtx);
}
 

开发者ID:wso2,
项目名称:carbon-device-mgt,
代码行数:17,
代码来源:ExtendedJWTGrantHandler.java

示例2: signJWT

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
 * Generic Signing function
 *
 * @param jwtClaimsSet contains JWT body
 * @param request
 * @return
 * @throws IdentityOAuth2Exception
 */
protected String signJWT(JWTClaimsSet jwtClaimsSet, OAuthTokenReqMessageContext request)
        throws IdentityOAuth2Exception {

    if (JWSAlgorithm.RS256.equals(signatureAlgorithm) || JWSAlgorithm.RS384.equals(signatureAlgorithm) ||
            JWSAlgorithm.RS512.equals(signatureAlgorithm)) {
        return signJWTWithRSA(jwtClaimsSet, request);
    } else if (JWSAlgorithm.HS256.equals(signatureAlgorithm) || JWSAlgorithm.HS384.equals(signatureAlgorithm) ||
            JWSAlgorithm.HS512.equals(signatureAlgorithm)) {
        // return signWithHMAC(jwtClaimsSet,jwsAlgorithm,request); implementation need to be done
        return null;
    } else {
        // return signWithEC(jwtClaimsSet,jwsAlgorithm,request); implementation need to be done
        return null;
    }
}
 

开发者ID:wso2,
项目名称:msf4j,
代码行数:24,
代码来源:JWTAccessTokenBuilder.java

示例3: mapSignatureAlgorithm

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
 * This method map signature algorithm define in identity.xml to nimbus
 * signature algorithm
 * format, Strings are defined inline hence there are not being used any
 * where
 *
 * @param signatureAlgorithm
 * @return
 * @throws IdentityOAuth2Exception
 */
protected JWSAlgorithm mapSignatureAlgorithm(String signatureAlgorithm) throws IdentityOAuth2Exception {

    if (NONE.equals(signatureAlgorithm)) {
        return new JWSAlgorithm(JWSAlgorithm.NONE.getName());
    } else if (SHA256_WITH_RSA.equals(signatureAlgorithm)) {
        return JWSAlgorithm.RS256;
    } else if (SHA384_WITH_RSA.equals(signatureAlgorithm)) {
        return JWSAlgorithm.RS384;
    } else if (SHA512_WITH_RSA.equals(signatureAlgorithm)) {
        return JWSAlgorithm.RS512;
    } else if (SHA256_WITH_HMAC.equals(signatureAlgorithm)) {
        return JWSAlgorithm.HS256;
    } else if (SHA384_WITH_HMAC.equals(signatureAlgorithm)) {
        return JWSAlgorithm.HS384;
    } else if (SHA512_WITH_HMAC.equals(signatureAlgorithm)) {
        return JWSAlgorithm.HS512;
    } else if (SHA256_WITH_EC.equals(signatureAlgorithm)) {
        return JWSAlgorithm.ES256;
    } else if (SHA384_WITH_EC.equals(signatureAlgorithm)) {
        return JWSAlgorithm.ES384;
    } else if (SHA512_WITH_EC.equals(signatureAlgorithm)) {
        return JWSAlgorithm.ES512;
    }
    throw new IdentityOAuth2Exception("Unsupported Signature Algorithm in identity.xml");
}
 

开发者ID:wso2,
项目名称:msf4j,
代码行数:36,
代码来源:JWTAccessTokenBuilder.java

示例4: putUserRPToStore

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
 * @param user
 * @param appName
 * @throws OAuthSystemException
 */
public void putUserRPToStore(AuthenticatedUser user, String appName, boolean trustedAlways, String clientId) throws
        OAuthSystemException {
    OpenIDUserRPDO repDO = new OpenIDUserRPDO();
    repDO.setDefaultProfileName(DEFAULT_PROFILE_NAME);
    repDO.setRpUrl(appName);
    repDO.setUserName(user.getAuthenticatedSubjectIdentifier());
    repDO.setTrustedAlways(trustedAlways);
    int tenantId = -1;
    if (user.getUserName() != null) {
        tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
    } else {
        OAuthAppDAO oAuthAppDAO = new OAuthAppDAO();
        OAuthAppDO appDO;
        try {
            appDO = oAuthAppDAO.getAppInformation(clientId);
            tenantId = IdentityTenantUtil.getTenantId(appDO.getUser().getTenantDomain());
        } catch (IdentityOAuth2Exception | InvalidOAuthClientException e) {
            throw new OAuthSystemException("Error while retrieving app");
        }
    }

    OpenIDUserRPDAO dao = new OpenIDUserRPDAO();
    dao.createOrUpdate(repDO, tenantId);
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:30,
代码来源:OpenIDConnectUserRPStore.java

示例5: getAvailableUserStoreDomainMappings

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public static Map<String, String> getAvailableUserStoreDomainMappings() throws
        IdentityOAuth2Exception {
    //TreeMap is used to ignore the case sensitivity of key. Because when user logged in, the case of the user name is ignored.
    Map<String, String> userStoreDomainMap = new TreeMap<String, String>(String.CASE_INSENSITIVE_ORDER);
    String domainsStr = getAccessTokenPartitioningDomains();
    if (domainsStr != null) {
        String[] userStoreDomainsArr = domainsStr.split(",");
        for (String userStoreDomains : userStoreDomainsArr) {
            String[] mapping = userStoreDomains.trim().split(":"); //A:foo.com , B:bar.com
            if (mapping.length < 2) {
                throw new IdentityOAuth2Exception("Domain mapping has not defined correctly");
            }
            userStoreDomainMap.put(mapping[1].trim(), mapping[0].trim()); //key=domain & value=mapping
        }
    }
    return userStoreDomainMap;
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:18,
代码来源:OAuth2Util.java

示例6: mapSignatureAlgorithm

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
protected JWSAlgorithm mapSignatureAlgorithm(String signatureAlgorithm)
        throws IdentityOAuth2Exception {
    if ("SHA256withRSA".equals(signatureAlgorithm)) {
        return JWSAlgorithm.RS256;
    } else if ("SHA384withRSA".equals(signatureAlgorithm)) {
        return JWSAlgorithm.RS384;
    } else if ("SHA512withRSA".equals(signatureAlgorithm)) {
        return JWSAlgorithm.RS512;
    } else if ("SHA256withHMAC".equals(signatureAlgorithm)) {
        return JWSAlgorithm.HS256;
    } else if ("SHA384withHMAC".equals(signatureAlgorithm)) {
        return JWSAlgorithm.HS384;
    } else if ("SHA512withHMAC".equals(signatureAlgorithm)) {
        return JWSAlgorithm.HS512;
    } else if ("SHA256withEC".equals(signatureAlgorithm)) {
        return JWSAlgorithm.ES256;
    } else if ("SHA384withEC".equals(signatureAlgorithm)) {
        return JWSAlgorithm.ES384;
    } else if ("SHA512withEC".equals(signatureAlgorithm)) {
        return JWSAlgorithm.ES512;
    }
    log.error("Unsupported Signature Algorithm in identity.xml");
    throw new IdentityOAuth2Exception("Unsupported Signature Algorithm in identity.xml");
}
 

开发者ID:apache,
项目名称:stratos,
代码行数:25,
代码来源:ClientCredentialsGrantHandler.java

示例7: validateScope

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx)
        throws IdentityOAuth2Exception {
    OAuthCallback scopeValidationCallback = new OAuthCallback(tokReqMsgCtx.getAuthorizedUser(),
            tokReqMsgCtx.getOauth2AccessTokenReqDTO().getClientId(), OAuthCallback.OAuthCallbackType
            .SCOPE_VALIDATION_TOKEN);
    scopeValidationCallback.setRequestedScope(tokReqMsgCtx.getScope());
    if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals(
            org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString())) {
        scopeValidationCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf(
                OAuthConstants.OAUTH_SAML2_BEARER_GRANT_ENUM.toString()));
    } else if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals(
            org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString())) {
        scopeValidationCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf(
                OAuthConstants.OAUTH_IWA_NTLM_GRANT_ENUM.toString()));
    } else {
        scopeValidationCallback.setGrantType(tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType());
    }

    callbackManager.handleCallback(scopeValidationCallback);
    tokReqMsgCtx.setValidityPeriod(scopeValidationCallback.getValidityPeriod());
    tokReqMsgCtx.setScope(scopeValidationCallback.getApprovedScope());
    return scopeValidationCallback.isValidScope();
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:25,
代码来源:AbstractAuthorizationGrantHandler.java

示例8: getOAuthAuthzHandler

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
 * Get the appropriate <Code>OAuthCallbackHandler</Code> for the given callback
 *
 * @param authzCallback <Code>OAuthCallback</Code> object
 * @return <Code>OAuthCallbackHandler</Code> instance which can handle the
 * given callback, return <Code>null</Code> if there is no OAuthCallbackHandler which
 * can handle the given callback
 * @throws IdentityOAuth2Exception Error while evaluating the canHandle method
 */
public OAuthCallbackHandler getOAuthAuthzHandler(
        OAuthCallback authzCallback) throws IdentityOAuth2Exception {

    for (OAuthCallbackHandler oauthAuthzCbHandler : authzCallbackHandlers) {
        if (oauthAuthzCbHandler.canHandle(new Callback[]{authzCallback})) {
            if (log.isDebugEnabled()) {
                log.debug("OAuthCallbackHandler was found for the callback. Class Name : " + oauthAuthzCbHandler
                        .getClass().getName() + " Resource Owner : " + authzCallback.getResourceOwner() + " " +
                        "Client Id : " + authzCallback.getClient() + " Scope : " + OAuth2Util.buildScopeString
                        (authzCallback.getRequestedScope()));
            }
            return oauthAuthzCbHandler;
        }
    }

    if (log.isDebugEnabled()) {
        log.debug("No OAuthAuthorizationCallbackHandlers were found for the callback. Resource Owner : " +
                authzCallback.getResourceOwner() + " Client Id : " + authzCallback.getClient() + " Scope : " +
                OAuth2Util.buildScopeString(authzCallback.getRequestedScope()));
    }
    return null;
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:32,
代码来源:OAuthCallbackHandlerRegistry.java

示例9: signJWT

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
 * Generic Signing function
 *
 * @param signedJWT
 * @param tenantDomain
 * @param tenantId
 * @return
 * @throws IdentityOAuth2Exception
 */
protected JWT signJWT(SignedJWT signedJWT, String tenantDomain, int tenantId)
        throws IdentityOAuth2Exception {

    if (JWSAlgorithm.RS256.equals(signatureAlgorithm) || JWSAlgorithm.RS384.equals(signatureAlgorithm) ||
            JWSAlgorithm.RS512.equals(signatureAlgorithm)) {
        return signJWTWithRSA(signedJWT, signatureAlgorithm, tenantDomain, tenantId);
    } else if (JWSAlgorithm.HS256.equals(signatureAlgorithm) ||
            JWSAlgorithm.HS384.equals(signatureAlgorithm) ||
            JWSAlgorithm.HS512.equals(signatureAlgorithm)) {
        // return signWithHMAC(payLoad,jwsAlgorithm,tenantDomain,tenantId); implementation
        // need to be done
    } else if (JWSAlgorithm.ES256.equals(signatureAlgorithm) ||
            JWSAlgorithm.ES384.equals(signatureAlgorithm) ||
            JWSAlgorithm.ES512.equals(signatureAlgorithm)) {
        // return signWithEC(payLoad,jwsAlgorithm,tenantDomain,tenantId); implementation
        // need to be done
    }
    log.error("UnSupported Signature Algorithm");
    throw new IdentityOAuth2Exception("UnSupported Signature Algorithm");
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:30,
代码来源:JWTTokenGenerator.java

示例10: deactivateAuthorizationCode

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public void deactivateAuthorizationCode(List<AuthzCodeDO> authzCodeDOs) throws IdentityOAuth2Exception {
    Connection connection = IdentityDatabaseUtil.getDBConnection();
    PreparedStatement prepStmt = null;

    try {
        prepStmt = connection.prepareStatement(SQLQueries.DEACTIVATE_AUTHZ_CODE_AND_INSERT_CURRENT_TOKEN);
        for (AuthzCodeDO authzCodeDO : authzCodeDOs){
            prepStmt.setString(1, authzCodeDO.getOauthTokenId());
            prepStmt.setString(2, persistenceProcessor.getPreprocessedAuthzCode(authzCodeDO.getAuthorizationCode()));
            prepStmt.addBatch();
        }
        prepStmt.executeBatch();
        connection.commit();
    } catch (SQLException e) {
        throw new IdentityOAuth2Exception("Error when deactivating authorization code", e);
    } finally {
        IdentityDatabaseUtil.closeAllConnections(connection, null, prepStmt);
    }
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:20,
代码来源:TokenMgtDAO.java

示例11: setAccessTokenState

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
 *
 * @param connection database connection
    * @param tokenId accesstoken
    * @param tokenState    state of the token need to be updated.
 * @param tokenStateId  token state id.
 * @param userStoreDomain   user store domain.
 * @throws IdentityOAuth2Exception
 */
   public void setAccessTokenState(Connection connection, String tokenId, String tokenState,
                                   String tokenStateId, String userStoreDomain)
		throws IdentityOAuth2Exception {
	PreparedStatement prepStmt = null;
	try {

		String sql = SQLQueries.UPDATE_TOKE_STATE;
		if (StringUtils.isNotBlank(userStoreDomain)) {
			sql = sql.replace(IDN_OAUTH2_ACCESS_TOKEN, IDN_OAUTH2_ACCESS_TOKEN + "_" + userStoreDomain);
		}
		prepStmt = connection.prepareStatement(sql);
		prepStmt.setString(1, tokenState);
		prepStmt.setString(2, tokenStateId);
           prepStmt.setString(3, tokenId);
           prepStmt.executeUpdate();
	} catch (SQLException e) {
           throw new IdentityOAuth2Exception("Error while updating Access Token with ID : " +
                                             tokenId + " to Token State : " + tokenState, e);
       } finally {
		IdentityDatabaseUtil.closeStatement(prepStmt);
	}
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:32,
代码来源:TokenMgtDAO.java

示例12: authorizeAccessDelegation

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public boolean authorizeAccessDelegation(OAuthTokenReqMessageContext tokReqMsgCtx)
        throws IdentityOAuth2Exception {
    OAuthCallback authzCallback = new OAuthCallback(tokReqMsgCtx.getAuthorizedUser(),
            tokReqMsgCtx.getOauth2AccessTokenReqDTO().getClientId(),
            OAuthCallback.OAuthCallbackType.ACCESS_DELEGATION_TOKEN);
    authzCallback.setRequestedScope(tokReqMsgCtx.getScope());
    if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals(
            org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString())) {
        authzCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf(
                OAuthConstants.OAUTH_SAML2_BEARER_GRANT_ENUM.toString()));
    } else if (tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType().equals(
            org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString())) {
        authzCallback.setCarbonGrantType(org.wso2.carbon.identity.oauth.common.GrantType.valueOf(
                OAuthConstants.OAUTH_IWA_NTLM_GRANT_ENUM.toString()));
    } else {
        authzCallback.setGrantType(tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType());
    }
    callbackManager.handleCallback(authzCallback);
    tokReqMsgCtx.setValidityPeriod(authzCallback.getValidityPeriod());
    return authzCallback.isAuthorized();
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:23,
代码来源:AbstractAuthorizationGrantHandler.java

示例13: getActiveTokensForConsumerKey

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public Set<String> getActiveTokensForConsumerKey(String consumerKey) throws IdentityOAuth2Exception {
    Connection connection = IdentityDatabaseUtil.getDBConnection();
    PreparedStatement ps = null;
    ResultSet rs = null;
    Set<String> accessTokens = new HashSet<>();
    try {
        String sqlQuery = SQLQueries.GET_ACCESS_TOKENS_FOR_CONSUMER_KEY;
        ps = connection.prepareStatement(sqlQuery);
        ps.setString(1, consumerKey);
        ps.setString(2, OAuthConstants.TokenStates.TOKEN_STATE_ACTIVE);
        rs = ps.executeQuery();
        while (rs.next()) {
            accessTokens.add(rs.getString(1));
        }
        connection.commit();
    } catch (SQLException e) {
        IdentityDatabaseUtil.rollBack(connection);
        throw new IdentityOAuth2Exception("Error occurred while getting access tokens from acces token table for " +
                "the application with consumer key : " + consumerKey, e);
    } finally {
        IdentityDatabaseUtil.closeAllConnections(connection, null, ps);
    }
    return accessTokens;
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:25,
代码来源:TokenMgtDAO.java

示例14: getAuthorizationCodesForConsumerKey

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public Set<String> getAuthorizationCodesForConsumerKey(String consumerKey) throws IdentityOAuth2Exception {
    Connection connection = IdentityDatabaseUtil.getDBConnection();
    PreparedStatement ps = null;
    ResultSet rs = null;
    Set<String> authorizationCodes = new HashSet<>();
    try {
        String sqlQuery = SQLQueries.GET_AUTHORIZATION_CODES_FOR_CONSUMER_KEY;
        ps = connection.prepareStatement(sqlQuery);
        ps.setString(1, consumerKey);
        rs = ps.executeQuery();
        while (rs.next()) {
            authorizationCodes.add(rs.getString(1));
        }
        connection.commit();
    } catch (SQLException e) {
        IdentityDatabaseUtil.rollBack(connection);
        throw new IdentityOAuth2Exception("Error occurred while getting authorization codes from authorization code table for the application with consumer key : " + consumerKey, e);
    } finally {
        IdentityDatabaseUtil.closeAllConnections(connection, null, ps);
    }
    return authorizationCodes;
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:23,
代码来源:TokenMgtDAO.java

示例15: findScopeOfResource

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public String findScopeOfResource(String resourceUri) throws IdentityOAuth2Exception {

        Connection connection = IdentityDatabaseUtil.getDBConnection();;
        PreparedStatement ps = null;
        ResultSet rs = null;

        try {
            String sql = SQLQueries.RETRIEVE_IOS_SCOPE_KEY;

            ps = connection.prepareStatement(sql);
            ps.setString(1, resourceUri);
            rs = ps.executeQuery();

            if (rs.next()) {
                return rs.getString("SCOPE_KEY");
            }
            connection.commit();
            return null;
        } catch (SQLException e) {
            String errorMsg = "Error getting scopes for resource - " + resourceUri + " : " + e.getMessage();
            throw new IdentityOAuth2Exception(errorMsg, e);
        } finally {
            IdentityDatabaseUtil.closeAllConnections(connection, rs, ps);
        }
    }
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:26,
代码来源:TokenMgtDAO.java

示例16: renameUserStoreDomainInAccessTokenTable

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public void renameUserStoreDomainInAccessTokenTable(int tenantId, String currentUserStoreDomain, String
        newUserStoreDomain) throws IdentityOAuth2Exception {

    //we do not support access token partitioning here
    Connection connection = IdentityDatabaseUtil.getDBConnection();
    PreparedStatement ps = null;
    try {

        String sqlQuery = SQLQueries.RENAME_USER_STORE_IN_ACCESS_TOKENS_TABLE;
        ps = connection.prepareStatement(sqlQuery);
        ps.setString(1, newUserStoreDomain.toUpperCase());
        ps.setInt(2, tenantId);
        ps.setString(3, currentUserStoreDomain.toUpperCase());
        int count = ps.executeUpdate();
        if (log.isDebugEnabled()) {
            log.debug("Number of rows being updated : " + count);
        }
        connection.commit();
    } catch (SQLException e) {
        IdentityDatabaseUtil.rollBack(connection);
        throw new IdentityOAuth2Exception("Error occurred while renaming user store : " + currentUserStoreDomain +
                " in tenant :" + tenantId, e);
    } finally {
        IdentityDatabaseUtil.closeAllConnections(connection, null, ps);
    }
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:27,
代码来源:TokenMgtDAO.java

示例17: renameUserStoreDomainInAuthorizationCodeTable

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public void renameUserStoreDomainInAuthorizationCodeTable(int tenantId, String currentUserStoreDomain, String
        newUserStoreDomain) throws IdentityOAuth2Exception {

    //we do not support access token partitioning here
    Connection connection = IdentityDatabaseUtil.getDBConnection();
    PreparedStatement ps = null;
    try {
        String sqlQuery = SQLQueries.RENAME_USER_STORE_IN_AUTHORIZATION_CODES_TABLE;
        ps = connection.prepareStatement(sqlQuery);
        ps.setString(1, newUserStoreDomain.toUpperCase());
        ps.setInt(2, tenantId);
        ps.setString(3, currentUserStoreDomain.toUpperCase());
        int count = ps.executeUpdate();
        if (log.isDebugEnabled()) {
            log.debug("Number of rows being updated : " + count);
        }
        connection.commit();
    } catch (SQLException e) {
        IdentityDatabaseUtil.rollBack(connection);
        throw new IdentityOAuth2Exception("Error occurred while renaming user store : " + currentUserStoreDomain +
                "in tenant :" + tenantId, e);
    } finally {
        IdentityDatabaseUtil.closeAllConnections(connection, null, ps);
    }
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:26,
代码来源:TokenMgtDAO.java

示例18: getClaims

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public SortedMap<String, String> getClaims(String endUserName, String[] requestedClaims) throws IdentityOAuth2Exception {

    SortedMap<String, String> claimValues;
    int tenantId = MultitenantConstants.SUPER_TENANT_ID;
    try {
        tenantId = OAuth2Util.getTenantIdFromUserName(endUserName);
        String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(endUserName);
        UserStoreManager userStoreManager = OAuthComponentServiceHolder.getRealmService().
                getTenantUserRealm(tenantId).getUserStoreManager();
        claimValues = new TreeMap(userStoreManager.getUserClaimValues(tenantAwareUsername, requestedClaims, null));
    } catch (UserStoreException e) {
        throw new IdentityOAuth2Exception("Error while reading claims for user : " + endUserName, e);
    }
    return claimValues;
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:17,
代码来源:DefaultClaimsRetriever.java

示例19: authenticateClient

点赞 3

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public boolean authenticateClient(OAuthTokenReqMessageContext tokReqMsgCtx)
        throws IdentityOAuth2Exception {

    OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO = tokReqMsgCtx.getOauth2AccessTokenReqDTO();

    //Skipping credential validation for saml2 bearer if not configured as needed
    if (StringUtils.isEmpty(oAuth2AccessTokenReqDTO.getClientSecret()) && org.wso2.carbon.identity.oauth.common
            .GrantType.SAML20_BEARER.toString().equals(oAuth2AccessTokenReqDTO.getGrantType()) && JavaUtils
            .isFalseExplicitly(authConfig)) {
        if (log.isDebugEnabled()) {
            log.debug("Grant type : " + oAuth2AccessTokenReqDTO.getGrantType() + " " +
                    "Strict client validation set to : " + authConfig + " Authenticating without client secret");
        }
        return true;
    }

    if (log.isDebugEnabled()) {
        log.debug("Grant type : " + oAuth2AccessTokenReqDTO.getGrantType() + " " +
                "Strict client validation set to : " + authConfig);
    }
    return false;
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:24,
代码来源:AbstractClientAuthHandler.java

示例20: validateGrant

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public boolean validateGrant(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception {
    if(!super.validateGrant(tokReqMsgCtx)){
        return false;
    }
    AuthenticatedUser authenticatedUser = tokReqMsgCtx.getAuthorizedUser();
    authenticatedUser.setUserName(MultitenantUtils.getTenantAwareUsername(authenticatedUser.getUserName()));
    return true;
}
 

开发者ID:wso2,
项目名称:carbon-device-mgt,
代码行数:10,
代码来源:ExtendedSAML2BearerGrantHandler.java

示例21: JWTAccessTokenBuilder

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public JWTAccessTokenBuilder() throws IdentityOAuth2Exception {
    if (log.isDebugEnabled()) {
        log.debug("JWT Access token builder is initiated");
    }
    config = OAuthServerConfiguration.getInstance();
    //map signature algorithm from identity.xml to nimbus format, this is a one time configuration
    signatureAlgorithm = mapSignatureAlgorithm(config.getSignatureAlgorithm());
}
 

开发者ID:wso2,
项目名称:msf4j,
代码行数:9,
代码来源:JWTAccessTokenBuilder.java

示例22: accessToken

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public String accessToken(OAuthTokenReqMessageContext oAuthTokenReqMessageContext) throws OAuthSystemException {
    if (log.isDebugEnabled()) {
        log.debug("Access token request with token request message context. Authorized user " +
                oAuthTokenReqMessageContext.getAuthorizedUser().toString());
    }
    try {
        return this.buildIDToken(oAuthTokenReqMessageContext);
    } catch (IdentityOAuth2Exception e) {
        if (log.isDebugEnabled()) {
            log.debug("Error occurred while issuing jwt access token. Hence returning default token", e);
        }
        // Return default access token if it fails to build jwt
        return super.accessToken(oAuthTokenReqMessageContext);
    }
}
 

开发者ID:wso2,
项目名称:msf4j,
代码行数:16,
代码来源:JWTAccessTokenBuilder.java

示例23: buildIDToken

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
 * To build id token from OauthToken request message context
 *
 * @param request Token request message context
 * @return Signed jwt string.
 * @throws IdentityOAuth2Exception
 */
protected String buildIDToken(OAuthTokenReqMessageContext request)
        throws IdentityOAuth2Exception {

    String issuer = OAuth2Util.getIDTokenIssuer();
    long lifetimeInMillis = OAuthServerConfiguration.getInstance().
            getApplicationAccessTokenValidityPeriodInSeconds() * 1000;
    long curTimeInMillis = Calendar.getInstance().getTimeInMillis();
    // setting subject
    String subject = request.getAuthorizedUser().getAuthenticatedSubjectIdentifier();
    if (!StringUtils.isNotBlank(subject)) {
        subject = request.getAuthorizedUser().getUserName();
    }
    // Set claims to jwt token.
    JWTClaimsSet jwtClaimsSet = new JWTClaimsSet();
    jwtClaimsSet.setIssuer(issuer);
    jwtClaimsSet.setSubject(subject);
    jwtClaimsSet.setAudience(Arrays.asList(request.getOauth2AccessTokenReqDTO().getClientId()));
    jwtClaimsSet.setClaim(Constants.AUTHORIZATION_PARTY, request.getOauth2AccessTokenReqDTO().getClientId());
    jwtClaimsSet.setExpirationTime(new Date(curTimeInMillis + lifetimeInMillis));
    jwtClaimsSet.setIssueTime(new Date(curTimeInMillis));
    addUserClaims(jwtClaimsSet, request.getAuthorizedUser());

    if (JWSAlgorithm.NONE.getName().equals(signatureAlgorithm.getName())) {
        return new PlainJWT(jwtClaimsSet).serialize();
    }
    return signJWT(jwtClaimsSet, request);
}
 

开发者ID:wso2,
项目名称:msf4j,
代码行数:35,
代码来源:JWTAccessTokenBuilder.java

示例24: getAccessTokenIssuedTime

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
private long getAccessTokenIssuedTime(String accessToken, OAuthAuthzReqMessageContext request)
        throws IdentityOAuth2Exception {

    AccessTokenDO accessTokenDO = null;
    TokenMgtDAO tokenMgtDAO = new TokenMgtDAO();

    OAuthCache oauthCache = OAuthCache.getInstance();
    String authorizedUser = request.getAuthorizationReqDTO().getUser().toString();
    boolean isUsernameCaseSensitive = IdentityUtil.isUserStoreInUsernameCaseSensitive(authorizedUser);
    if (!isUsernameCaseSensitive){
        authorizedUser = authorizedUser.toLowerCase();
    }

    OAuthCacheKey cacheKey = new OAuthCacheKey(
            request.getAuthorizationReqDTO().getConsumerKey() + ":" + authorizedUser +
                    ":" + OAuth2Util.buildScopeString(request.getApprovedScope()));
    CacheEntry result = oauthCache.getValueFromCache(cacheKey);

    // cache hit, do the type check.
    if (result instanceof AccessTokenDO) {
        accessTokenDO = (AccessTokenDO) result;
    }

    // Cache miss, load the access token info from the database.
    if (accessTokenDO == null) {
        accessTokenDO = tokenMgtDAO.retrieveAccessToken(accessToken, false);
    }

    // if the access token or client id is not valid
    if (accessTokenDO == null) {
        throw new IdentityOAuth2Exception("Access token based information is not available in cache or database");
    }

    return accessTokenDO.getIssuedTime().getTime();
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:36,
代码来源:DefaultIDTokenBuilder.java

示例25: mapDigestAlgorithm

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
/**
 * This method maps signature algorithm define in identity.xml to digest algorithms to generate the at_hash
 *
 * @param signatureAlgorithm
 * @return
 * @throws IdentityOAuth2Exception
 */
protected String mapDigestAlgorithm(Algorithm signatureAlgorithm) throws IdentityOAuth2Exception {

    if (JWSAlgorithm.RS256.equals(signatureAlgorithm) || JWSAlgorithm.HS256.equals(signatureAlgorithm) ||
        JWSAlgorithm.ES256.equals(signatureAlgorithm)) {
        return SHA256;
    } else if (JWSAlgorithm.RS384.equals(signatureAlgorithm) || JWSAlgorithm.HS384.equals(signatureAlgorithm) ||
               JWSAlgorithm.ES384.equals(signatureAlgorithm)) {
        return SHA384;
    } else if (JWSAlgorithm.RS512.equals(signatureAlgorithm) || JWSAlgorithm.HS512.equals(signatureAlgorithm) ||
               JWSAlgorithm.ES512.equals(signatureAlgorithm)) {
        return SHA512;
    }
    throw new RuntimeException("Cannot map Signature Algorithm in identity.xml to hashing algorithm");
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:22,
代码来源:DefaultIDTokenBuilder.java

示例26: OAuthAppDAO

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public OAuthAppDAO() {

        try {
            persistenceProcessor = OAuthServerConfiguration.getInstance().getPersistenceProcessor();
        } catch (IdentityOAuth2Exception e) {
            log.error("Error retrieving TokenPersistenceProcessor. Defaulting to PlainTextPersistenceProcessor");
            persistenceProcessor = new PlainTextPersistenceProcessor();
        }

    }
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:11,
代码来源:OAuthAppDAO.java

示例27: OAuthConsumerDAO

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public OAuthConsumerDAO() {

        try {
            persistenceProcessor = OAuthServerConfiguration.getInstance().getPersistenceProcessor();
        } catch (IdentityOAuth2Exception e) {
            log.error("Error retrieving TokenPersistenceProcessor. Defaulting to PlainTextProcessor", e);
            persistenceProcessor = new PlainTextPersistenceProcessor();
        }

    }
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:11,
代码来源:OAuthConsumerDAO.java

示例28: validateAccessDelegation

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public boolean validateAccessDelegation(OAuthAuthzReqMessageContext oauthAuthzMsgCtx)
        throws IdentityOAuth2Exception {

    OAuth2AuthorizeReqDTO authzReqDTO = oauthAuthzMsgCtx.getAuthorizationReqDTO();
    String responseType = authzReqDTO.getResponseType();

    OAuthAppDO oAuthAppDO = (OAuthAppDO)oauthAuthzMsgCtx.getProperty("OAuthAppDO");
    // If the application has defined a limited set of grant types, then check the grant
    if (oAuthAppDO.getGrantTypes() != null) {
        if (ResponseType.CODE.toString().equals(responseType)) {
            //Do not change this log format as these logs use by external applications
            if (!oAuthAppDO.getGrantTypes().contains("authorization_code")) {
                log.debug("Unsupported Response Type : " + responseType +
                        " for client id : " + authzReqDTO.getConsumerKey());
                handleErrorRequest(oauthAuthzMsgCtx, OAuthError.CodeResponse.UNSUPPORTED_RESPONSE_TYPE,
                        "Unsupported Response Type!");
                return false;
            }
        } else if (StringUtils.contains(responseType, ResponseType.TOKEN.toString()) &&
                !oAuthAppDO.getGrantTypes().contains(IMPLICIT)) {
            //Do not change this log format as these logs use by external applications
            log.debug("Unsupported Response Type : " + responseType + " for client id : " + authzReqDTO
                    .getConsumerKey());
            handleErrorRequest(oauthAuthzMsgCtx, OAuthError.CodeResponse.UNSUPPORTED_RESPONSE_TYPE,
                    "Unsupported Response Type!");
            return false;
        }
    }

    OAuth2AuthorizeReqDTO authorizationReqDTO = oauthAuthzMsgCtx.getAuthorizationReqDTO();
    OAuthCallback authzCallback = new OAuthCallback(authorizationReqDTO.getUser(),
            authorizationReqDTO.getConsumerKey(), OAuthCallback.OAuthCallbackType.ACCESS_DELEGATION_AUTHZ);
    authzCallback.setRequestedScope(authorizationReqDTO.getScopes());
    authzCallback.setResponseType(authorizationReqDTO.getResponseType());
    callbackManager.handleCallback(authzCallback);

    oauthAuthzMsgCtx.setValidityPeriod(authzCallback.getValidityPeriod());
    return authzCallback.isAuthorized();
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:41,
代码来源:AbstractResponseTypeHandler.java

示例29: init

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public void init() throws IdentityOAuth2Exception {
    tokenMgtDAO = new TokenMgtDAO();
    callbackManager = new OAuthCallbackManager();
    // Set the cache instance if caching is enabled.
    if (OAuthServerConfiguration.getInstance().isCacheEnabled()) {
        cacheEnabled = true;
        oauthCache = OAuthCache.getInstance();
    }
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:11,
代码来源:AbstractAuthorizationGrantHandler.java

示例30: buildIdToken

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
private void buildIdToken(OAuthAuthzReqMessageContext msgCtx, OAuth2AuthorizeRespDTO authzRespDTO)
        throws IdentityOAuth2Exception{

    if (StringUtils.contains(msgCtx.getAuthorizationReqDTO().getResponseType(), "id_token") &&
            msgCtx.getApprovedScope() != null && OAuth2Util.isOIDCAuthzRequest(msgCtx.getApprovedScope())) {
        IDTokenBuilder builder = OAuthServerConfiguration.getInstance().getOpenIDConnectIDTokenBuilder();
        authzRespDTO.setIdToken(builder.buildIDToken(msgCtx, authzRespDTO));
    }
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:10,
代码来源:TokenResponseTypeHandler.java

示例31: getPrivateKey

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
private Key getPrivateKey(String tenantDomain, int tenantId) throws IdentityOAuth2Exception {

        if (tenantDomain == null) {
            tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
        }

        if (tenantId == 0) {
            tenantId = OAuth2Util.getTenantId(tenantDomain);
        }

        Key privateKey = null;

        if (!(privateKeys.containsKey(tenantId))) {
            // get tenant's key store manager
            KeyStoreManager tenantKSM = KeyStoreManager.getInstance(tenantId);

            if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
                // derive key store name
                String ksName = tenantDomain.trim().replace(".", "-");
                String jksName = ksName + ".jks";
                // obtain private key
                privateKey = tenantKSM.getPrivateKey(jksName, tenantDomain);

            } else {
                try {
                    privateKey = tenantKSM.getDefaultPrivateKey();
                } catch (Exception e) {
                    log.error("Error while obtaining private key for super tenant", e);
                }
            }
            if (privateKey != null) {
                privateKeys.put(tenantId, privateKey);
            }
        } else {
            privateKey = privateKeys.get(tenantId);
        }
        return privateKey;
    }
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:39,
代码来源:JWTTokenGenerator.java

示例32: getProcessedClientSecret

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public String getProcessedClientSecret(String clientSecret) throws IdentityOAuth2Exception {
    try {
        return encrypt(clientSecret);
    } catch (CryptoException e) {
        throw new IdentityOAuth2Exception("Error while retrieving processed client secret", e);
    }
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:9,
代码来源:EncryptionDecryptionPersistenceProcessor.java

示例33: getPreprocessedAuthzCode

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public String getPreprocessedAuthzCode(String processedAuthzCode) throws IdentityOAuth2Exception {
    try {
        return decrypt(processedAuthzCode);
    } catch (CryptoException e) {
        throw new IdentityOAuth2Exception("Error while retrieving preprocessed authorization code", e);
    }
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:9,
代码来源:EncryptionDecryptionPersistenceProcessor.java

示例34: getPreprocessedAccessTokenIdentifier

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
@Override
public String getPreprocessedAccessTokenIdentifier(String processedAccessTokenIdentifier)
        throws IdentityOAuth2Exception {
    try {
        return decrypt(processedAccessTokenIdentifier);
    } catch (CryptoException e) {
        throw new IdentityOAuth2Exception("Error while retrieving preprocessed access token identifier", e);
    }
}
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:10,
代码来源:EncryptionDecryptionPersistenceProcessor.java

示例35: getInstance

点赞 2

import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; //导入依赖的package包/类
public static AuthorizationHandlerManager getInstance() throws IdentityOAuth2Exception {

        CarbonUtils.checkSecurity();
        if (instance == null) {
            synchronized (AuthorizationHandlerManager.class) {
                if (instance == null) {
                    instance = new AuthorizationHandlerManager();
                }
            }
        }
        return instance;
    }
 

开发者ID:wso2-attic,
项目名称:carbon-identity,
代码行数:13,
代码来源:AuthorizationHandlerManager.java


版权声明:本文转自网络文章,转载此文章仅为分享知识,如有侵权,请联系管理员进行删除。
喜欢 (0)