本文整理汇总了Java中com.nimbusds.oauth2.sdk.Scope类的典型用法代码示例。如果您正苦于以下问题:Java Scope类的具体用法?Java Scope怎么用?Java Scope使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
Scope类属于com.nimbusds.oauth2.sdk包,在下文中一共展示了Scope类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: doExecute
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) {
Scope registeredScopes = getMetadataContext().getClientInformation().getMetadata().getScope();
if (registeredScopes == null || registeredScopes.isEmpty()) {
log.debug("{} No registered scopes for client {}, nothing to do", getLogPrefix(),
getMetadataContext().getClientInformation().getID());
return;
}
Scope requestedScopes = scopeLookupStrategy.apply(profileRequestContext);
for (Iterator<Scope.Value> i = requestedScopes.iterator(); i.hasNext();) {
Scope.Value scope = i.next();
if (!registeredScopes.contains(scope)) {
log.warn("{} removing requested scope {} for rp {} as it is not a registered one", getLogPrefix(),
scope.getValue(), getMetadataContext().getClientInformation().getID());
i.remove();
}
}
getOidcResponseContext().setScope(requestedScopes);
}
示例2: setUp
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
@SuppressWarnings("unchecked")
@BeforeMethod
private void setUp() throws Exception {
rule = new AttributeOIDCScopePolicyRule();
rule.setMatchString("test");
rule.setId("componentId");
rule.initialize();
final RequestContext requestCtx = new RequestContextBuilder().buildRequestContext();
prc = new WebflowRequestContextProfileRequestContextLookup().apply(requestCtx);
msgCtx = new MessageContext<AuthenticationResponse>();
prc.setOutboundMessageContext(msgCtx);
// shortcut, may break the test
filtercontext = prc.getSubcontext(AttributeFilterContext.class, true);
authRespCtx = new OIDCAuthenticationResponseContext();
msgCtx.addSubcontext(authRespCtx);
Scope scope = new Scope();
scope.add("openid");
scope.add("test");
authRespCtx.setScope(scope);
}
示例3: testSuccess
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
@Test
public void testSuccess() throws Exception {
final ClientIDCriterion criterion = new ClientIDCriterion(new ClientID(clientId));
final OIDCClientInformation clientInfo = resolver.resolveSingle(new CriteriaSet(criterion));
Assert.assertNotNull(clientInfo);
Assert.assertEquals(clientInfo.getID().getValue(), clientId);
final Set<URI> redirectUris = clientInfo.getOIDCMetadata().getRedirectionURIs();
Assert.assertEquals(redirectUris.size(), 1);
Assert.assertTrue(redirectUris.contains(redirectUri));
final Scope scope = clientInfo.getOIDCMetadata().getScope();
Assert.assertEquals(scope.size(), 6);
Assert.assertTrue(scope.contains(OIDCScopeValue.OPENID));
Assert.assertTrue(scope.contains(OIDCScopeValue.ADDRESS));
Assert.assertTrue(scope.contains(OIDCScopeValue.EMAIL));
Assert.assertTrue(scope.contains(OIDCScopeValue.PHONE));
Assert.assertTrue(scope.contains(OIDCScopeValue.PROFILE));
Assert.assertTrue(scope.contains("info"));
final Set<ResponseType> responseTypes = clientInfo.getOIDCMetadata().getResponseTypes();
Assert.assertEquals(responseTypes.size(), 2);
Assert.assertTrue(responseTypes.contains(new ResponseType(OIDCResponseTypeValue.ID_TOKEN)));
}
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:22,代码来源:FilesystemClientInformationResolverTest.java
示例4: createRefreshToken
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
@Override
public RefreshToken createRefreshToken(RefreshTokenRequest refreshTokenRequest) {
Instant now = Instant.now();
ClientID clientId = refreshTokenRequest.getClientId();
Subject subject = refreshTokenRequest.getSubject();
Scope scope = refreshTokenRequest.getScope();
RefreshTokenContext context = this.refreshTokenStore.findByClientIdAndSubject(clientId, subject);
if (context == null || !SetUtils.isEqualSet(context.getScope(), scope)) {
if (context != null) {
this.refreshTokenStore.revoke(context.getRefreshToken());
}
Instant expiry = (!this.refreshTokenLifetime.isZero() && !this.refreshTokenLifetime.isNegative())
? now.plus(this.refreshTokenLifetime)
: null;
context = new RefreshTokenContext(new RefreshToken(), clientId, subject, scope, expiry);
this.refreshTokenStore.save(context);
}
return context.getRefreshToken();
}
示例5: IdTokenRequest
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
public IdTokenRequest(Subject subject, OIDCClientInformation client, Scope scope, Instant authenticationTime,
ACR acr, AMR amr, SessionID sessionId, Nonce nonce, AccessToken accessToken, AuthorizationCode code) {
Objects.requireNonNull(subject, "subject must not be null");
Objects.requireNonNull(client, "client must not be null");
Objects.requireNonNull(scope, "scope must not be null");
Objects.requireNonNull(authenticationTime, "authenticationTime must not be null");
Objects.requireNonNull(acr, "acr must not be null");
Objects.requireNonNull(amr, "amr must not be null");
if (!scope.contains(OIDCScopeValue.OPENID)) {
throw new IllegalArgumentException("Scope '" + OIDCScopeValue.OPENID + "' is required");
}
this.subject = subject;
this.client = client;
this.scope = scope;
this.authenticationTime = authenticationTime;
this.acr = acr;
this.amr = amr;
this.sessionId = sessionId;
this.nonce = nonce;
this.accessToken = accessToken;
this.code = code;
}
示例6: AuthorizationCodeContext
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
public AuthorizationCodeContext(Subject subject, ClientID clientId, URI redirectUri, Scope scope,
Instant authenticationTime, ACR acr, AMR amr, SessionID sessionId, CodeChallenge codeChallenge,
CodeChallengeMethod codeChallengeMethod, Nonce nonce) {
Objects.requireNonNull(subject, "subject must not be null");
Objects.requireNonNull(clientId, "clientId must not be null");
Objects.requireNonNull(redirectUri, "redirectUri must not be null");
Objects.requireNonNull(scope, "scope must not be null");
Objects.requireNonNull(authenticationTime, "authenticationTime must not be null");
Objects.requireNonNull(acr, "acr must not be null");
Objects.requireNonNull(amr, "amr must not be null");
Objects.requireNonNull(sessionId, "sessionId must not be null");
this.subject = subject;
this.clientId = clientId;
this.redirectUri = redirectUri;
this.scope = scope;
this.authenticationTime = authenticationTime;
this.acr = acr;
this.amr = amr;
this.sessionId = sessionId;
this.codeChallenge = codeChallenge;
this.codeChallengeMethod = codeChallengeMethod;
this.nonce = nonce;
}
示例7: grant
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
@Override
public Tokens grant(TokenRequest tokenRequest) throws GeneralException {
if (!(tokenRequest.getAuthorizationGrant() instanceof RefreshTokenGrant)) {
throw new GeneralException(OAuth2Error.UNSUPPORTED_GRANT_TYPE);
}
RefreshToken refreshToken = ((RefreshTokenGrant) tokenRequest.getAuthorizationGrant()).getRefreshToken();
RefreshTokenContext context = this.refreshTokenStore.load(refreshToken);
Subject subject = context.getSubject();
ClientID clientId = context.getClientId();
Scope originalScope = context.getScope();
OIDCClientInformation client = this.clientRepository.findById(clientId);
AccessTokenRequest accessTokenRequest = new AccessTokenRequest(subject, client, originalScope);
AccessToken accessToken = this.tokenService.createAccessToken(accessTokenRequest);
RefreshToken updatedRefreshToken = null;
if (this.updateRefreshToken) {
this.refreshTokenStore.revoke(refreshToken);
RefreshTokenRequest refreshTokenRequest = new RefreshTokenRequest(subject, clientId, originalScope);
updatedRefreshToken = this.tokenService.createRefreshToken(refreshTokenRequest);
}
return new Tokens(accessToken, updatedRefreshToken);
}
示例8: grant
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
@Override
public Tokens grant(TokenRequest tokenRequest) throws GeneralException {
if (!(tokenRequest.getAuthorizationGrant() instanceof ClientCredentialsGrant)) {
throw new GeneralException(OAuth2Error.UNSUPPORTED_GRANT_TYPE);
}
ClientID clientId = tokenRequest.getClientAuthentication().getClientID();
Subject subject = new Subject(clientId.getValue());
OIDCClientInformation client = this.clientRepository.findById(clientId);
Scope scope = this.scopeResolver.resolve(subject, tokenRequest.getScope(), client.getOIDCMetadata());
AccessTokenRequest accessTokenRequest = new AccessTokenRequest(subject, client, scope);
AccessToken accessToken = this.tokenService.createAccessToken(accessTokenRequest);
return new Tokens(accessToken, null);
}
示例9: handleAuthorizationCodeFlow
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
private AuthenticationSuccessResponse handleAuthorizationCodeFlow(AuthenticationRequest authRequest,
OIDCClientInformation client, HttpServletRequest request, Subject subject) throws GeneralException {
ResponseMode responseMode = authRequest.impliedResponseMode();
ClientID clientId = authRequest.getClientID();
URI redirectUri = authRequest.getRedirectionURI();
Scope requestedScope = authRequest.getScope();
CodeChallenge codeChallenge = authRequest.getCodeChallenge();
CodeChallengeMethod codeChallengeMethod = authRequest.getCodeChallengeMethod();
Nonce nonce = authRequest.getNonce();
Instant authenticationTime = Instant.ofEpochMilli(request.getSession().getCreationTime());
ACR acr = this.acr;
AMR amr = AMR.PWD;
SessionID sessionId = new SessionID(request.getSession().getId());
State sessionState = this.sessionManagementEnabled ? State.parse(sessionId.getValue()) : null;
Scope scope = this.scopeResolver.resolve(subject, requestedScope, client.getOIDCMetadata());
AuthorizationCodeContext context = new AuthorizationCodeContext(subject, clientId, redirectUri, scope,
authenticationTime, acr, amr, sessionId, codeChallenge, codeChallengeMethod, nonce);
AuthorizationCode code = this.authorizationCodeService.create(context);
return new AuthenticationSuccessResponse(redirectUri, code, null, null, authRequest.getState(), sessionState,
responseMode);
}
示例10: authCode_minimumParams_isSuccess
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
@Test
public void authCode_minimumParams_isSuccess() throws Exception {
AuthorizationCode authorizationCode = new AuthorizationCode();
given(this.clientRepository.findById(any(ClientID.class))).willReturn(authCodeClient());
given(this.authorizationCodeService.create(any(AuthorizationCodeContext.class))).willReturn(authorizationCode);
given(this.subjectResolver.resolveSubject(any(HttpServletRequest.class))).willReturn(new Subject("user"));
given(this.scopeResolver.resolve(any(Subject.class), any(Scope.class), any(OIDCClientMetadata.class)))
.will(returnsSecondArg());
MockHttpServletRequestBuilder request = get(
"/oauth2/authorize?scope=openid&response_type=code&client_id=test-client&redirect_uri=http://example.com")
.session(this.session);
this.mvc.perform(request).andExpect(status().isFound())
.andExpect(redirectedUrlTemplate("http://example.com?code={code}", authorizationCode.getValue()));
}
示例11: authCode_withState_isSuccess
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
@Test
public void authCode_withState_isSuccess() throws Exception {
AuthorizationCode authorizationCode = new AuthorizationCode();
State state = new State();
given(this.clientRepository.findById(any(ClientID.class))).willReturn(authCodeClient());
given(this.authorizationCodeService.create(any(AuthorizationCodeContext.class))).willReturn(authorizationCode);
given(this.subjectResolver.resolveSubject(any(HttpServletRequest.class))).willReturn(new Subject("user"));
given(this.scopeResolver.resolve(any(Subject.class), any(Scope.class), any(OIDCClientMetadata.class)))
.will(returnsSecondArg());
MockHttpServletRequestBuilder request = get(
"/oauth2/authorize?scope=openid&response_type=code&client_id=test-client&redirect_uri=http://example.com&state="
+ state.getValue()).session(this.session);
this.mvc.perform(request).andExpect(status().isFound()).andExpect(redirectedUrlTemplate(
"http://example.com?code={code}&state={state}", authorizationCode.getValue(), state.getValue()));
}
示例12: authCode_withPromptNoneAndAuthentication_isSuccess
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
@Test
public void authCode_withPromptNoneAndAuthentication_isSuccess() throws Exception {
AuthorizationCode authorizationCode = new AuthorizationCode();
given(this.clientRepository.findById(any(ClientID.class))).willReturn(authCodeClient());
given(this.authorizationCodeService.create(any(AuthorizationCodeContext.class))).willReturn(authorizationCode);
given(this.subjectResolver.resolveSubject(any(HttpServletRequest.class))).willReturn(new Subject("user"));
given(this.scopeResolver.resolve(any(Subject.class), any(Scope.class), any(OIDCClientMetadata.class)))
.will(returnsSecondArg());
MockHttpServletRequestBuilder request = get(
"/oauth2/authorize?scope=openid&response_type=code&client_id=test-client&redirect_uri=http://example.com&prompt=none")
.session(this.session);
this.mvc.perform(request).andExpect(status().isFound())
.andExpect(redirectedUrlTemplate("http://example.com?code={code}", authorizationCode.getValue()));
}
示例13: authCode_withValidMaxAge_isSuccess
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
@Test
public void authCode_withValidMaxAge_isSuccess() throws Exception {
AuthorizationCode authorizationCode = new AuthorizationCode();
given(this.clientRepository.findById(any(ClientID.class))).willReturn(authCodeClient());
given(this.authorizationCodeService.create(any(AuthorizationCodeContext.class))).willReturn(authorizationCode);
given(this.subjectResolver.resolveSubject(any(HttpServletRequest.class))).willReturn(new Subject("user"));
given(this.scopeResolver.resolve(any(Subject.class), any(Scope.class), any(OIDCClientMetadata.class)))
.will(returnsSecondArg());
MockHttpServletRequestBuilder request = get(
"/oauth2/authorize?scope=openid&response_type=code&client_id=test-client&redirect_uri=http://example.com&max_age=60")
.session(this.session);
this.mvc.perform(request).andExpect(status().isFound())
.andExpect(redirectedUrlTemplate("http://example.com?code={code}", authorizationCode.getValue()));
}
示例14: implicitWithIdTokenAndToken_minimumParams_isSuccess
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
@Test
public void implicitWithIdTokenAndToken_minimumParams_isSuccess() throws Exception {
BearerAccessToken accessToken = new BearerAccessToken();
JWT idToken = new PlainJWT(new JWTClaimsSet.Builder().build());
given(this.clientRepository.findById(any(ClientID.class))).willReturn(implicitWithIdTokenAndTokenClient());
given(this.tokenService.createAccessToken(any(AccessTokenRequest.class))).willReturn(accessToken);
given(this.tokenService.createIdToken(any(IdTokenRequest.class))).willReturn(idToken);
given(this.subjectResolver.resolveSubject(any(HttpServletRequest.class))).willReturn(new Subject("user"));
given(this.scopeResolver.resolve(any(Subject.class), any(Scope.class), any(OIDCClientMetadata.class)))
.will(returnsSecondArg());
MockHttpServletRequestBuilder request = get(
"/oauth2/authorize?scope=openid&response_type=id_token token&client_id=test-client&redirect_uri=http://example.com&nonce=test")
.session(this.session);
this.mvc.perform(request).andExpect(status().isFound())
.andExpect(redirectedUrlTemplate(
"http://example.com#access_token={accessToken}&id_token={idToken}&token_type=Bearer",
accessToken.getValue(), idToken.serialize()));
}
示例15: implicitWithIdToken_minimumParams_isSuccess
import com.nimbusds.oauth2.sdk.Scope; //导入依赖的package包/类
@Test
public void implicitWithIdToken_minimumParams_isSuccess() throws Exception {
JWT idToken = new PlainJWT(new JWTClaimsSet.Builder().build());
given(this.clientRepository.findById(any(ClientID.class))).willReturn(implicitWithIdTokenClient());
given(this.tokenService.createIdToken(any(IdTokenRequest.class))).willReturn(idToken);
given(this.subjectResolver.resolveSubject(any(HttpServletRequest.class))).willReturn(new Subject("user"));
given(this.scopeResolver.resolve(any(Subject.class), any(Scope.class), any(OIDCClientMetadata.class)))
.will(returnsSecondArg());
MockHttpServletRequestBuilder request = get(
"/oauth2/authorize?scope=openid&response_type=id_token&client_id=test-client&redirect_uri=http://example.com&nonce=test")
.session(this.session);
this.mvc.perform(request).andExpect(status().isFound())
.andExpect(redirectedUrlTemplate("http://example.com#id_token={idToken}", idToken.serialize()));
}