本文整理汇总了Java中com.nimbusds.oauth2.sdk.token.AccessToken类的典型用法代码示例。如果您正苦于以下问题:Java AccessToken类的具体用法?Java AccessToken怎么用?Java AccessToken使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
AccessToken类属于com.nimbusds.oauth2.sdk.token包,在下文中一共展示了AccessToken类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: IdTokenRequest
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
public IdTokenRequest(Subject subject, OIDCClientInformation client, Scope scope, Instant authenticationTime,
ACR acr, AMR amr, SessionID sessionId, Nonce nonce, AccessToken accessToken, AuthorizationCode code) {
Objects.requireNonNull(subject, "subject must not be null");
Objects.requireNonNull(client, "client must not be null");
Objects.requireNonNull(scope, "scope must not be null");
Objects.requireNonNull(authenticationTime, "authenticationTime must not be null");
Objects.requireNonNull(acr, "acr must not be null");
Objects.requireNonNull(amr, "amr must not be null");
if (!scope.contains(OIDCScopeValue.OPENID)) {
throw new IllegalArgumentException("Scope '" + OIDCScopeValue.OPENID + "' is required");
}
this.subject = subject;
this.client = client;
this.scope = scope;
this.authenticationTime = authenticationTime;
this.acr = acr;
this.amr = amr;
this.sessionId = sessionId;
this.nonce = nonce;
this.accessToken = accessToken;
this.code = code;
}
示例2: grant
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
@Override
public Tokens grant(TokenRequest tokenRequest) throws GeneralException {
if (!(tokenRequest.getAuthorizationGrant() instanceof RefreshTokenGrant)) {
throw new GeneralException(OAuth2Error.UNSUPPORTED_GRANT_TYPE);
}
RefreshToken refreshToken = ((RefreshTokenGrant) tokenRequest.getAuthorizationGrant()).getRefreshToken();
RefreshTokenContext context = this.refreshTokenStore.load(refreshToken);
Subject subject = context.getSubject();
ClientID clientId = context.getClientId();
Scope originalScope = context.getScope();
OIDCClientInformation client = this.clientRepository.findById(clientId);
AccessTokenRequest accessTokenRequest = new AccessTokenRequest(subject, client, originalScope);
AccessToken accessToken = this.tokenService.createAccessToken(accessTokenRequest);
RefreshToken updatedRefreshToken = null;
if (this.updateRefreshToken) {
this.refreshTokenStore.revoke(refreshToken);
RefreshTokenRequest refreshTokenRequest = new RefreshTokenRequest(subject, clientId, originalScope);
updatedRefreshToken = this.tokenService.createRefreshToken(refreshTokenRequest);
}
return new Tokens(accessToken, updatedRefreshToken);
}
示例3: grant
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
@Override
public Tokens grant(TokenRequest tokenRequest) throws GeneralException {
if (!(tokenRequest.getAuthorizationGrant() instanceof ClientCredentialsGrant)) {
throw new GeneralException(OAuth2Error.UNSUPPORTED_GRANT_TYPE);
}
ClientID clientId = tokenRequest.getClientAuthentication().getClientID();
Subject subject = new Subject(clientId.getValue());
OIDCClientInformation client = this.clientRepository.findById(clientId);
Scope scope = this.scopeResolver.resolve(subject, tokenRequest.getScope(), client.getOIDCMetadata());
AccessTokenRequest accessTokenRequest = new AccessTokenRequest(subject, client, scope);
AccessToken accessToken = this.tokenService.createAccessToken(accessTokenRequest);
return new Tokens(accessToken, null);
}
示例4: resolveAndValidateClient
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
private OIDCClientInformation resolveAndValidateClient(ClientID clientId, ProtectedResourceRequest request)
throws GeneralException {
OIDCClientInformation client = this.clientRepository.findById(clientId);
if (client != null) {
AccessToken requestAccessToken = request.getAccessToken();
BearerAccessToken registrationAccessToken = client.getRegistrationAccessToken();
BearerAccessToken apiAccessToken = this.apiAccessToken;
if (requestAccessToken.equals(registrationAccessToken) || requestAccessToken.equals(apiAccessToken)) {
return client;
}
}
throw new GeneralException(BearerTokenError.INVALID_TOKEN);
}
示例5: userInfoRequestInt
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
@Override
protected UserInfoSuccessResponse userInfoRequestInt(UserInfoRequest userReq, HttpServletResponse resp)
throws IOException {
// extract values from request
AccessToken at = userReq.getAccessToken();
// get values from honest OP for comparison
AccessToken refAt = (AccessToken) stepCtx.get(OPContextConstants.HONEST_ACCESSTOKEN);
// compare values
Object fo = stepCtx.get(OPContextConstants.USERINFO_INFORMATIONLEAK_FUTURE);
CompletableFuture<TestStepResult> f = (CompletableFuture<TestStepResult>) fo;
if (f != null) {
if (refAt != null && refAt.equals(at)) {
logger.log("Detected Honest AccessToken in Evil OP.");
f.complete(TestStepResult.FAIL);
} else if (at != null) {
logger.log("Detected unknown AccessToken in Evil OP.");
f.complete(TestStepResult.FAIL);
}
}
return super.userInfoRequestInt(userReq, resp);
}
示例6: userInfoRequestInt
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
@Nullable
protected UserInfoSuccessResponse userInfoRequestInt(UserInfoRequest userReq, HttpServletResponse resp)
throws IOException {
AccessToken at = userReq.getAccessToken();
if (at == null) {
UserInfoErrorResponse errorResp = new UserInfoErrorResponse(BearerTokenError.MISSING_TOKEN);
sendErrorResponse("User Info", errorResp, resp);
return null;
}
//AccessTokenHash atHash = AccessTokenHash.compute(at, JWSAlgorithm.RS256);
UserInfo ui = getUserInfo();
UserInfoSuccessResponse uiResp = new UserInfoSuccessResponse(ui);
return uiResp;
}
示例7: complete
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
protected AuthenticationMechanismOutcome complete(JWTClaimsSet claims, AccessToken accessToken, String returnURL, HttpServerExchange exchange, boolean redirect) throws Exception {
OIDCPrincipal principal = new OIDCPrincipalExt(claims, accessToken);
Account account = new AccountImpl(principal);
account = identityManager.verify(account);
if (account == null) {
LOG.warning(String.format("OIDC subject %s not found in identity manager", principal.getName()));
exchange.getSecurityContext().authenticationFailed("OIDC subject not found in identity manager", mechanismName);
OIDCContext oidcContext = exchange.getAttachment(OIDCContext.ATTACHMENT_KEY);
oidcContext.setError(true);
return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
}
exchange.getSecurityContext().authenticationComplete(account, mechanismName, true);
if (redirect) {
exchange.getResponseHeaders().put(Headers.LOCATION, returnURL != null && !returnURL.isEmpty() ? returnURL : "/");
exchange.setStatusCode(HttpServletResponse.SC_FOUND);
exchange.endExchange();
}
LOG.fine("authentificated " + principal);
return AuthenticationMechanismOutcome.AUTHENTICATED;
}
示例8: getMockAccessToken
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
/**
* TODO
* To create a mock access token. We do not use it for anything yet.
*
* @return mock access token.
*/
private AccessToken getMockAccessToken() {
if (getAuthenticationRequest().getResponseType().contains(ResponseType.Value.TOKEN)){
return new BearerAccessToken();
}
return null;
}
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:13,代码来源:FormOutboundAuthenticationResponseMessage.java
示例9: grant
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
@Override
public Tokens grant(TokenRequest tokenRequest) throws GeneralException {
if (!(tokenRequest.getAuthorizationGrant() instanceof ResourceOwnerPasswordCredentialsGrant)) {
throw new GeneralException(OAuth2Error.UNSUPPORTED_GRANT_TYPE);
}
Scope requestedScope = tokenRequest.getScope();
if (!requestedScope.contains(OIDCScopeValue.OPENID)) {
throw new GeneralException(
OAuth2Error.INVALID_SCOPE.setDescription("The scope must include an \"openid\" value"));
}
Subject subject = this.passwordAuthenticationHandler
.authenticate((ResourceOwnerPasswordCredentialsGrant) tokenRequest.getAuthorizationGrant());
ClientID clientId = tokenRequest.getClientAuthentication().getClientID();
OIDCClientInformation client = this.clientRepository.findById(clientId);
Scope scope = this.scopeResolver.resolve(subject, requestedScope, client.getOIDCMetadata());
AccessTokenRequest accessTokenRequest = new AccessTokenRequest(subject, client, scope);
AccessToken accessToken = this.tokenService.createAccessToken(accessTokenRequest);
RefreshToken refreshToken = null;
if (client.getOIDCMetadata().getGrantTypes().contains(GrantType.REFRESH_TOKEN)) {
RefreshTokenRequest refreshTokenRequest = new RefreshTokenRequest(subject, clientId, scope);
refreshToken = this.tokenService.createRefreshToken(refreshTokenRequest);
}
return new Tokens(accessToken, refreshToken);
}
开发者ID:vpavic,项目名称:simple-openid-provider,代码行数:30,代码来源:ResourceOwnerPasswordCredentialsGrantHandler.java
示例10: validateAccessToken
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
private void validateAccessToken(AccessToken requestAccessToken) throws GeneralException {
BearerAccessToken apiAccessToken = this.apiAccessToken;
if (requestAccessToken == null || !requestAccessToken.equals(apiAccessToken)) {
throw new GeneralException(BearerTokenError.INVALID_TOKEN);
}
}
示例11: handleImplicitFlow
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
private AuthenticationSuccessResponse handleImplicitFlow(AuthenticationRequest authRequest,
OIDCClientInformation client, HttpServletRequest request, Subject subject) throws GeneralException {
ResponseType responseType = authRequest.getResponseType();
ResponseMode responseMode = authRequest.impliedResponseMode();
URI redirectUri = authRequest.getRedirectionURI();
Scope requestedScope = authRequest.getScope();
State state = authRequest.getState();
Nonce nonce = authRequest.getNonce();
Instant authenticationTime = Instant.ofEpochMilli(request.getSession().getCreationTime());
ACR acr = this.acr;
AMR amr = AMR.PWD;
SessionID sessionId = new SessionID(request.getSession().getId());
State sessionState = this.sessionManagementEnabled ? State.parse(sessionId.getValue()) : null;
Scope scope = this.scopeResolver.resolve(subject, requestedScope, client.getOIDCMetadata());
AccessToken accessToken = null;
if (responseType.contains(ResponseType.Value.TOKEN)) {
AccessTokenRequest accessTokenRequest = new AccessTokenRequest(subject, client, scope);
accessToken = this.tokenService.createAccessToken(accessTokenRequest);
}
IdTokenRequest idTokenRequest = new IdTokenRequest(subject, client, scope, authenticationTime, acr, amr,
sessionId, nonce, accessToken, null);
JWT idToken = this.tokenService.createIdToken(idTokenRequest);
return new AuthenticationSuccessResponse(redirectUri, null, idToken, accessToken, state, sessionState,
responseMode);
}
示例12: handleHybridFlow
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
private AuthenticationSuccessResponse handleHybridFlow(AuthenticationRequest authRequest,
OIDCClientInformation client, HttpServletRequest request, Subject subject) throws GeneralException {
ResponseType responseType = authRequest.getResponseType();
ResponseMode responseMode = authRequest.impliedResponseMode();
ClientID clientId = authRequest.getClientID();
URI redirectUri = authRequest.getRedirectionURI();
Scope requestedScope = authRequest.getScope();
State state = authRequest.getState();
CodeChallenge codeChallenge = authRequest.getCodeChallenge();
CodeChallengeMethod codeChallengeMethod = authRequest.getCodeChallengeMethod();
Nonce nonce = authRequest.getNonce();
Instant authenticationTime = Instant.ofEpochMilli(request.getSession().getCreationTime());
ACR acr = this.acr;
AMR amr = AMR.PWD;
SessionID sessionId = new SessionID(request.getSession().getId());
State sessionState = this.sessionManagementEnabled ? State.parse(sessionId.getValue()) : null;
Scope scope = this.scopeResolver.resolve(subject, requestedScope, client.getOIDCMetadata());
AuthorizationCodeContext context = new AuthorizationCodeContext(subject, clientId, redirectUri, scope,
authenticationTime, acr, amr, sessionId, codeChallenge, codeChallengeMethod, nonce);
AuthorizationCode code = this.authorizationCodeService.create(context);
AccessToken accessToken = null;
if (responseType.contains(ResponseType.Value.TOKEN)) {
AccessTokenRequest accessTokenRequest = new AccessTokenRequest(subject, client, scope);
accessToken = this.tokenService.createAccessToken(accessTokenRequest);
}
JWT idToken = null;
if (responseType.contains(OIDCResponseTypeValue.ID_TOKEN)) {
IdTokenRequest idTokenRequest = new IdTokenRequest(subject, client, scope, authenticationTime, acr, amr,
sessionId, nonce, accessToken, code);
idToken = this.tokenService.createIdToken(idTokenRequest);
}
return new AuthenticationSuccessResponse(redirectUri, code, idToken, accessToken, state, sessionState,
responseMode);
}
示例13: tokenRequestInt
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
@Nullable
protected OIDCTokenResponse tokenRequestInt(TokenRequest tokenReq, HttpServletResponse resp)
throws GeneralSecurityException, JOSEException, ParseException {
ClientAuthentication auth = tokenReq.getClientAuthentication();
ClientID clientId = auth != null ? auth.getClientID() : tokenReq.getClientID();
AuthorizationGrant grant = tokenReq.getAuthorizationGrant();
CodeHash cHash = null;
if (grant != null && grant.getType() == GrantType.AUTHORIZATION_CODE) {
AuthorizationCodeGrant codeGrant = (AuthorizationCodeGrant) grant;
cHash = CodeHash.compute(codeGrant.getAuthorizationCode(), JWSAlgorithm.RS256);
}
AccessToken at = new BearerAccessToken();
AccessTokenHash atHash = AccessTokenHash.compute(at, JWSAlgorithm.RS256);
// save access token if honest op
if (type == OPType.HONEST) {
stepCtx.put(OPContextConstants.HONEST_ACCESSTOKEN, at);
}
Nonce nonce = (Nonce) stepCtx.get(OPContextConstants.AUTH_REQ_NONCE);
JWT idToken = getIdToken(clientId, nonce, atHash, cHash);
OIDCTokens tokens = new OIDCTokens(idToken, at, null);
OIDCTokenResponse tokenRes = new OIDCTokenResponse(tokens);
return tokenRes;
}
示例14: processOIDCAuthResponse
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
protected AuthenticationMechanismOutcome processOIDCAuthResponse(HttpServerExchange exchange) {
try {
AuthenticationResponse authResp = authenticate(exchange);
if (authResp instanceof AuthenticationErrorResponse) {
ErrorObject error = ((AuthenticationErrorResponse) authResp).getErrorObject();
throw new IllegalStateException(String.format("OIDC Authentication error: code %s description: %s", error.getCode(), error.getDescription()));
}
AuthenticationSuccessResponse successResponse = (AuthenticationSuccessResponse) authResp;
// could store returnURL/state
// in session but state is encrypted
State state = successResponse.getState();
String returnURL = restoreState(state != null ? state.getValue() : null, exchange);
AuthorizationCode authCode = successResponse.getAuthorizationCode();
JWT idToken = successResponse.getIDToken();
AccessToken accessToken = successResponse.getAccessToken();
if (idToken == null && authCode != null) {
OIDCTokenResponse tokenResponse = fetchToken(authCode, exchange);
idToken = tokenResponse.getOIDCTokens().getIDToken();
accessToken = tokenResponse.getOIDCTokens().getAccessToken();
}
validateToken(idToken, exchange, true);
return complete(idToken.getJWTClaimsSet(), accessToken, returnURL, exchange, true);
} catch (Exception e) {
LOG.log(Level.SEVERE, "", e);
OIDCContext oidcContext = exchange.getAttachment(OIDCContext.ATTACHMENT_KEY);
oidcContext.setError(true);
exchange.getSecurityContext().authenticationFailed("OIDC auth response processing failed", mechanismName);
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
}
示例15: handle
import com.nimbusds.oauth2.sdk.token.AccessToken; //导入依赖的package包/类
@Override
public Response handle(HTTPRequest httpRequest, OIDCResourceReference reference) throws Exception
{
// Parse the request
UserInfoRequest request = UserInfoRequest.parse(httpRequest);
// Get the token associated to the user
AccessToken accessToken = request.getAccessToken();
// UserInfoSuccessResponse
return null;
}