当前位置: 首页>>代码示例>>Java>>正文


Java OAuthUtils类代码示例

本文整理汇总了Java中org.jasig.cas.support.oauth.OAuthUtils的典型用法代码示例。如果您正苦于以下问题:Java OAuthUtils类的具体用法?Java OAuthUtils怎么用?Java OAuthUtils使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


OAuthUtils类属于org.jasig.cas.support.oauth包,在下文中一共展示了OAuthUtils类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: internalHandleRequest

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Override
protected ModelAndView internalHandleRequest(final String method, final HttpServletRequest request,
        final HttpServletResponse response) throws Exception {

    // authorize
    if (OAuthConstants.AUTHORIZE_URL.equals(method)) {
        return authorizeController.handleRequest(request, response);
    }
    // callback on authorize
    if (OAuthConstants.CALLBACK_AUTHORIZE_URL.equals(method)) {
        return callbackAuthorizeController.handleRequest(request, response);
    }
    //get access token
    if (OAuthConstants.ACCESS_TOKEN_URL.equals(method)) {
        return accessTokenController.handleRequest(request, response);
    }
    // get profile
    if (OAuthConstants.PROFILE_URL.equals(method)) {
        return profileController.handleRequest(request, response);
    }

    // else error
    logger.error("Unknown method : {}", method);
    OAuthUtils.writeTextError(response, OAuthConstants.INVALID_REQUEST, HttpStatus.SC_OK);
    return null;
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:27,代码来源:OAuth20WrapperController.java

示例2: internalHandleRequest

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Override
protected ModelAndView internalHandleRequest(final String method, final HttpServletRequest request,
        final HttpServletResponse response) throws Exception {

    // authorize
    if (OAuthConstants.AUTHORIZE_URL.equals(method)) {
        return authorizeController.handleRequest(request, response);
    }
    // callback on authorize
    if (OAuthConstants.CALLBACK_AUTHORIZE_URL.equals(method)) {
        return callbackAuthorizeController.handleRequest(request, response);
    }
    //get access token
    if (OAuthConstants.ACCESS_TOKEN_URL.equals(method)) {
        return accessTokenController.handleRequest(request, response);
    }
    // get profile
    if (OAuthConstants.PROFILE_URL.equals(method)) {
        return profileController.handleRequest(request, response);
    }

    // else error
    logger.error("Unknown method : {}", method);
    OAuthUtils.writeTextError(response, OAuthConstants.INVALID_REQUEST, 200);
    return null;
}
 
开发者ID:luotuo,项目名称:cas4.0.x-server-wechat,代码行数:27,代码来源:OAuth20WrapperController.java

示例3: verifyOK

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Test
public void verifyOK() throws Exception {
    clearAllServices();

    final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT
            + OAuthConstants.AUTHORIZE_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setServerName(CAS_SERVER);
    mockRequest.setServerPort(CAS_PORT);
    mockRequest.setScheme(CAS_SCHEME);
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();

    ((OAuth20WrapperController) oauth20WrapperController)
        .getServicesManager().save(getRegisteredService(REDIRECT_URI, SERVICE_NAME));

    final Controller c = ((OAuth20WrapperController) oauth20WrapperController).getAuthorizeController();
    ((OAuth20AuthorizeController) c).setLoginUrl(CAS_URL);

    final ModelAndView modelAndView = oauth20WrapperController.handleRequest(mockRequest, mockResponse);
    final HttpSession session = mockRequest.getSession();
    assertEquals(REDIRECT_URI, session.getAttribute(OAuthConstants.OAUTH20_CALLBACKURL));
    assertEquals(SERVICE_NAME, session.getAttribute(OAuthConstants.OAUTH20_SERVICE_NAME));
    final View view = modelAndView.getView();
    assertTrue(view instanceof RedirectView);
    final RedirectView redirectView = (RedirectView) view;
    
    final MockHttpServletRequest reqSvc = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.CALLBACK_AUTHORIZE_URL);
    reqSvc.setServerName(CAS_SERVER);
    reqSvc.setServerPort(CAS_PORT);
    reqSvc.setScheme(CAS_SCHEME);
    final URL url = new URL(OAuthUtils.addParameter(CAS_URL, "service", reqSvc.getRequestURL().toString()));
    final URL url2 = new URL(redirectView.getUrl());

    assertEquals(url, url2);
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:37,代码来源:OAuth20AuthorizeControllerTests.java

示例4: verifyOKWithState

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Test
public void verifyOKWithState() throws Exception {
    clearAllServices();

    final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT
            + OAuthConstants.AUTHORIZE_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setParameter(OAuthConstants.STATE, STATE);
    mockRequest.setServerName(CAS_SERVER);
    mockRequest.setServerPort(CAS_PORT);
    mockRequest.setScheme(CAS_SCHEME);
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();

    ((OAuth20WrapperController) oauth20WrapperController)
        .getServicesManager().save(getRegisteredService(REDIRECT_URI, SERVICE_NAME));


    final Controller c = ((OAuth20WrapperController) oauth20WrapperController).getAuthorizeController();
    ((OAuth20AuthorizeController) c).setLoginUrl(CAS_URL);


    final ModelAndView modelAndView = oauth20WrapperController.handleRequest(mockRequest, mockResponse);
    final HttpSession session = mockRequest.getSession();
    assertEquals(REDIRECT_URI, session.getAttribute(OAuthConstants.OAUTH20_CALLBACKURL));
    assertEquals(SERVICE_NAME, session.getAttribute(OAuthConstants.OAUTH20_SERVICE_NAME));
    assertEquals(STATE, session.getAttribute(OAuthConstants.OAUTH20_STATE));
    final View view = modelAndView.getView();
    assertTrue(view instanceof RedirectView);
    final RedirectView redirectView = (RedirectView) view;
    
    final MockHttpServletRequest reqSvc = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.CALLBACK_AUTHORIZE_URL);
    reqSvc.setServerName(CAS_SERVER);
    reqSvc.setServerPort(CAS_PORT);
    reqSvc.setScheme(CAS_SCHEME);
    final URL url = new URL(OAuthUtils.addParameter(CAS_URL, "service", reqSvc.getRequestURL().toString()));
    final URL url2 = new URL(redirectView.getUrl());

    assertEquals(url, url2);
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:41,代码来源:OAuth20AuthorizeControllerTests.java

示例5: handleRequestInternal

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Override
protected ModelAndView handleRequestInternal(final HttpServletRequest request, final HttpServletResponse response)
        throws Exception {

    final String redirectUri = request.getParameter(OAuthConstants.REDIRECT_URI);
    LOGGER.debug("{} : {}", OAuthConstants.REDIRECT_URI, redirectUri);

    final String clientId = request.getParameter(OAuthConstants.CLIENT_ID);
    LOGGER.debug("{} : {}", OAuthConstants.CLIENT_ID, clientId);

    final String clientSecret = request.getParameter(OAuthConstants.CLIENT_SECRET);

    final String code = request.getParameter(OAuthConstants.CODE);
    LOGGER.debug("{} : {}", OAuthConstants.CODE, code);

    final boolean isVerified = verifyAccessTokenRequest(response, redirectUri, clientId, clientSecret, code);
    if (!isVerified) {
        return OAuthUtils.writeTextError(response, OAuthConstants.INVALID_REQUEST, HttpStatus.SC_BAD_REQUEST);
    }

    final ServiceTicket serviceTicket = (ServiceTicket) ticketRegistry.getTicket(code);
    // service ticket should be valid
    if (serviceTicket == null || serviceTicket.isExpired()) {
        LOGGER.error("Code expired : {}", code);
        return OAuthUtils.writeTextError(response, OAuthConstants.INVALID_GRANT, HttpStatus.SC_BAD_REQUEST);
    }
    final TicketGrantingTicket ticketGrantingTicket = serviceTicket.getGrantingTicket();
    // remove service ticket
    ticketRegistry.deleteTicket(serviceTicket.getId());

    response.setContentType("text/plain");
    final int expires = (int) (timeout - TimeUnit.MILLISECONDS
            .toSeconds(System.currentTimeMillis() - ticketGrantingTicket.getCreationTime()));

    final String text = String.format("%s=%s&%s=%s", OAuthConstants.ACCESS_TOKEN, ticketGrantingTicket.getId(),
                                                OAuthConstants.EXPIRES, expires);
    LOGGER.debug("text : {}", text);
    return OAuthUtils.writeText(response, text, HttpStatus.SC_OK);
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:40,代码来源:OAuth20AccessTokenController.java

示例6: verifyOK

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Test
public void verifyOK() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT
            + OAuthConstants.AUTHORIZE_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setServerName(CAS_SERVER);
    mockRequest.setServerPort(CAS_PORT);
    mockRequest.setScheme(CAS_SCHEME);
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    final ServicesManager servicesManager = mock(ServicesManager.class);
    final List<RegisteredService> services = new ArrayList<>();
    services.add(getRegisteredService(REDIRECT_URI, SERVICE_NAME));
    when(servicesManager.getAllServices()).thenReturn(services);
    final OAuth20WrapperController oauth20WrapperController = new OAuth20WrapperController();
    oauth20WrapperController.setLoginUrl(CAS_URL);
    oauth20WrapperController.setServicesManager(servicesManager);
    oauth20WrapperController.afterPropertiesSet();
    final ModelAndView modelAndView = oauth20WrapperController.handleRequest(mockRequest, mockResponse);
    final HttpSession session = mockRequest.getSession();
    assertEquals(REDIRECT_URI, session.getAttribute(OAuthConstants.OAUTH20_CALLBACKURL));
    assertEquals(SERVICE_NAME, session.getAttribute(OAuthConstants.OAUTH20_SERVICE_NAME));
    final View view = modelAndView.getView();
    assertTrue(view instanceof RedirectView);
    final RedirectView redirectView = (RedirectView) view;
    
    final MockHttpServletRequest reqSvc = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.CALLBACK_AUTHORIZE_URL);
    reqSvc.setServerName(CAS_SERVER);
    reqSvc.setServerPort(CAS_PORT);
    reqSvc.setScheme(CAS_SCHEME);
    final URL url = new URL(OAuthUtils.addParameter(CAS_URL, "service", reqSvc.getRequestURL().toString()));
    final URL url2 = new URL(redirectView.getUrl());

    assertEquals(url, url2);
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:36,代码来源:OAuth20AuthorizeControllerTests.java

示例7: verifyOKWithState

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Test
public void verifyOKWithState() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT
            + OAuthConstants.AUTHORIZE_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setParameter(OAuthConstants.STATE, STATE);
    mockRequest.setServerName(CAS_SERVER);
    mockRequest.setServerPort(CAS_PORT);
    mockRequest.setScheme(CAS_SCHEME);
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    final ServicesManager servicesManager = mock(ServicesManager.class);
    final List<RegisteredService> services = new ArrayList<>();
    services.add(getRegisteredService(REDIRECT_URI, SERVICE_NAME));
    when(servicesManager.getAllServices()).thenReturn(services);
    final OAuth20WrapperController oauth20WrapperController = new OAuth20WrapperController();
    oauth20WrapperController.setLoginUrl(CAS_URL);
    oauth20WrapperController.setServicesManager(servicesManager);
    oauth20WrapperController.afterPropertiesSet();
    final ModelAndView modelAndView = oauth20WrapperController.handleRequest(mockRequest, mockResponse);
    final HttpSession session = mockRequest.getSession();
    assertEquals(REDIRECT_URI, session.getAttribute(OAuthConstants.OAUTH20_CALLBACKURL));
    assertEquals(SERVICE_NAME, session.getAttribute(OAuthConstants.OAUTH20_SERVICE_NAME));
    assertEquals(STATE, session.getAttribute(OAuthConstants.OAUTH20_STATE));
    final View view = modelAndView.getView();
    assertTrue(view instanceof RedirectView);
    final RedirectView redirectView = (RedirectView) view;
    
    final MockHttpServletRequest reqSvc = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.CALLBACK_AUTHORIZE_URL);
    reqSvc.setServerName(CAS_SERVER);
    reqSvc.setServerPort(CAS_PORT);
    reqSvc.setScheme(CAS_SCHEME);
    final URL url = new URL(OAuthUtils.addParameter(CAS_URL, "service", reqSvc.getRequestURL().toString()));
    final URL url2 = new URL(redirectView.getUrl());

    assertEquals(url, url2);
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:38,代码来源:OAuth20AuthorizeControllerTests.java

示例8: handleRequestInternal

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Override
protected ModelAndView handleRequestInternal(final HttpServletRequest request, final HttpServletResponse response)
        throws Exception {

    final String redirectUri = request.getParameter(OAuthConstants.REDIRECT_URI);
    LOGGER.debug("{} : {}", OAuthConstants.REDIRECT_URI, redirectUri);

    final String clientId = request.getParameter(OAuthConstants.CLIENT_ID);
    LOGGER.debug("{} : {}", OAuthConstants.CLIENT_ID, clientId);

    final String clientSecret = request.getParameter(OAuthConstants.CLIENT_SECRET);

    final String code = request.getParameter(OAuthConstants.CODE);
    LOGGER.debug("{} : {}", OAuthConstants.CODE, code);

    final boolean isVerified = verifyAccessTokenRequest(response, redirectUri, clientId, clientSecret, code);
    if (!isVerified) {
        return OAuthUtils.writeTextError(response, OAuthConstants.INVALID_REQUEST, 400);
    }

    final ServiceTicket serviceTicket = (ServiceTicket) ticketRegistry.getTicket(code);
    // service ticket should be valid
    if (serviceTicket == null || serviceTicket.isExpired()) {
        LOGGER.error("Code expired : {}", code);
        return OAuthUtils.writeTextError(response, OAuthConstants.INVALID_GRANT, 400);
    }
    final TicketGrantingTicket ticketGrantingTicket = serviceTicket.getGrantingTicket();
    // remove service ticket
    ticketRegistry.deleteTicket(serviceTicket.getId());

    response.setContentType("text/plain");
    final int expires = (int) (timeout - (System.currentTimeMillis()
            - ticketGrantingTicket.getCreationTime()) / 1000);

    final String text = String.format("%s=%s&%s=%s", OAuthConstants.ACCESS_TOKEN, ticketGrantingTicket.getId(),
                                                OAuthConstants.EXPIRES, expires);
    LOGGER.debug("text : {}", text);
    return OAuthUtils.writeText(response, text, 200);
}
 
开发者ID:luotuo,项目名称:cas4.0.x-server-wechat,代码行数:40,代码来源:OAuth20AccessTokenController.java

示例9: handleRequestInternal

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Override
protected ModelAndView handleRequestInternal(final HttpServletRequest request, final HttpServletResponse response)
        throws Exception {
    // get CAS ticket
    final String ticket = request.getParameter(OAuthConstants.TICKET);
    logger.debug("{} : {}", OAuthConstants.TICKET, ticket);

    // retrieve callback url from session
    final HttpSession session = request.getSession();
    String callbackUrl = (String) session.getAttribute(OAuthConstants.OAUTH20_CALLBACKURL);
    logger.debug("{} : {}", OAuthConstants.OAUTH20_CALLBACKURL, callbackUrl);
    session.removeAttribute(OAuthConstants.OAUTH20_CALLBACKURL);

    if (StringUtils.isBlank(callbackUrl)) {
        logger.error("{} is missing from the session and can not be retrieved.", OAuthConstants.OAUTH20_CALLBACKURL);
        return new ModelAndView(OAuthConstants.ERROR_VIEW);
    }
    // and state
    final String state = (String) session.getAttribute(OAuthConstants.OAUTH20_STATE);
    logger.debug("{} : {}", OAuthConstants.OAUTH20_STATE, state);
    session.removeAttribute(OAuthConstants.OAUTH20_STATE);

    // return callback url with code & state
    callbackUrl = OAuthUtils.addParameter(callbackUrl, OAuthConstants.CODE, ticket);
    if (state != null) {
        callbackUrl = OAuthUtils.addParameter(callbackUrl, OAuthConstants.STATE, state);
    }
    logger.debug("{} : {}", OAuthConstants.OAUTH20_CALLBACKURL, callbackUrl);

    final Map<String, Object> model = new HashMap<String, Object>();
    model.put("callbackUrl", callbackUrl);

    // retrieve service name from session
    final String serviceName = (String) session.getAttribute(OAuthConstants.OAUTH20_SERVICE_NAME);
    logger.debug("serviceName : {}", serviceName);
    model.put("serviceName", serviceName);
    return new ModelAndView(OAuthConstants.CONFIRM_VIEW, model);
}
 
开发者ID:luotuo,项目名称:cas4.0.x-server-wechat,代码行数:39,代码来源:OAuth20CallbackAuthorizeController.java

示例10: testOK

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Test
public void testOK() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT
            + OAuthConstants.AUTHORIZE_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setServerName(CAS_SERVER);
    mockRequest.setServerPort(CAS_PORT);
    mockRequest.setScheme(CAS_SCHEME);
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    final ServicesManager servicesManager = mock(ServicesManager.class);
    final List<RegisteredService> services = new ArrayList<RegisteredService>();
    services.add(getRegisteredService(REDIRECT_URI, SERVICE_NAME));
    when(servicesManager.getAllServices()).thenReturn(services);
    final OAuth20WrapperController oauth20WrapperController = new OAuth20WrapperController();
    oauth20WrapperController.setLoginUrl(CAS_URL);
    oauth20WrapperController.setServicesManager(servicesManager);
    oauth20WrapperController.afterPropertiesSet();
    final ModelAndView modelAndView = oauth20WrapperController.handleRequest(mockRequest, mockResponse);
    final HttpSession session = mockRequest.getSession();
    assertEquals(REDIRECT_URI, session.getAttribute(OAuthConstants.OAUTH20_CALLBACKURL));
    assertEquals(SERVICE_NAME, session.getAttribute(OAuthConstants.OAUTH20_SERVICE_NAME));
    final View view = modelAndView.getView();
    assertTrue(view instanceof RedirectView);
    final RedirectView redirectView = (RedirectView) view;
    assertEquals(
            OAuthUtils.addParameter(CAS_URL, "service", CAS_URL + CONTEXT + OAuthConstants.CALLBACK_AUTHORIZE_URL),
            redirectView.getUrl());
}
 
开发者ID:luotuo,项目名称:cas4.0.x-server-wechat,代码行数:30,代码来源:OAuth20AuthorizeControllerTests.java

示例11: testOKWithState

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Test
public void testOKWithState() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT
            + OAuthConstants.AUTHORIZE_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setParameter(OAuthConstants.STATE, STATE);
    mockRequest.setServerName(CAS_SERVER);
    mockRequest.setServerPort(CAS_PORT);
    mockRequest.setScheme(CAS_SCHEME);
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    final ServicesManager servicesManager = mock(ServicesManager.class);
    final List<RegisteredService> services = new ArrayList<RegisteredService>();
    services.add(getRegisteredService(REDIRECT_URI, SERVICE_NAME));
    when(servicesManager.getAllServices()).thenReturn(services);
    final OAuth20WrapperController oauth20WrapperController = new OAuth20WrapperController();
    oauth20WrapperController.setLoginUrl(CAS_URL);
    oauth20WrapperController.setServicesManager(servicesManager);
    oauth20WrapperController.afterPropertiesSet();
    final ModelAndView modelAndView = oauth20WrapperController.handleRequest(mockRequest, mockResponse);
    final HttpSession session = mockRequest.getSession();
    assertEquals(REDIRECT_URI, session.getAttribute(OAuthConstants.OAUTH20_CALLBACKURL));
    assertEquals(SERVICE_NAME, session.getAttribute(OAuthConstants.OAUTH20_SERVICE_NAME));
    assertEquals(STATE, session.getAttribute(OAuthConstants.OAUTH20_STATE));
    final View view = modelAndView.getView();
    assertTrue(view instanceof RedirectView);
    final RedirectView redirectView = (RedirectView) view;
    assertEquals(
            OAuthUtils.addParameter(CAS_URL, "service", CAS_URL + CONTEXT + OAuthConstants.CALLBACK_AUTHORIZE_URL),
            redirectView.getUrl());
}
 
开发者ID:luotuo,项目名称:cas4.0.x-server-wechat,代码行数:32,代码来源:OAuth20AuthorizeControllerTests.java

示例12: internalHandleRequest

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Override
protected ModelAndView internalHandleRequest(final String method, final HttpServletRequest request,
                                             final HttpServletResponse response) throws Exception {

    final String redirectUri = request.getParameter(OAuthConstants.REDIRECT_URI);
    logger.debug("{} : {}", OAuthConstants.REDIRECT_URI, redirectUri);

    final String clientId = request.getParameter(OAuthConstants.CLIENT_ID);
    logger.debug("{} : {}", OAuthConstants.CLIENT_ID, clientId);

    final String clientSecret = request.getParameter(OAuthConstants.CLIENT_SECRET);

    final String code = request.getParameter(OAuthConstants.CODE);
    logger.debug("{} : {}", OAuthConstants.CODE, code);

    final boolean isVerified = verifyAccessTokenRequest(response, redirectUri, clientId, clientSecret, code);
    if (!isVerified) {
        return OAuthUtils.writeTextError(response, OAuthConstants.INVALID_REQUEST, HttpStatus.SC_BAD_REQUEST);
    }

    final ServiceTicket serviceTicket = (ServiceTicket) ticketRegistry.getTicket(code);
    // service ticket should be valid
    if (serviceTicket == null || serviceTicket.isExpired()) {
        logger.error("Code expired : {}", code);
        return OAuthUtils.writeTextError(response, OAuthConstants.INVALID_GRANT, HttpStatus.SC_BAD_REQUEST);
    }
    final TicketGrantingTicket ticketGrantingTicket = serviceTicket.getGrantingTicket();
    // remove service ticket
    ticketRegistry.deleteTicket(serviceTicket.getId());

    final OAuthRegisteredService registeredService = OAuthUtils.getRegisteredOAuthService(this.servicesManager, clientId);
    final OAuthWebApplicationService service = new OAuthWebApplicationService(registeredService.getId());
    final String accessTokenEncoded = this.accessTokenGenerator.generate(service, ticketGrantingTicket);
    final int expires = (int) (this.timeout - TimeUnit.MILLISECONDS
            .toSeconds(System.currentTimeMillis() - ticketGrantingTicket.getCreationTime()));
    final String text = String.format("%s=%s&%s=%s", OAuthConstants.ACCESS_TOKEN, accessTokenEncoded, OAuthConstants.EXPIRES, expires);
    logger.debug("OAuth access token response: {}", text);
    response.setContentType("text/plain");
    return OAuthUtils.writeText(response, text, HttpStatus.SC_OK);
}
 
开发者ID:yuweijun,项目名称:cas-server-4.2.1,代码行数:41,代码来源:OAuth20AccessTokenController.java

示例13: internalHandleRequest

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Override
protected ModelAndView internalHandleRequest(final String method, final HttpServletRequest request,
                                             final HttpServletResponse response) throws Exception {

    final String redirectUri = request.getParameter(OAuthConstants.REDIRECT_URI);
    logger.debug("{} : {}", OAuthConstants.REDIRECT_URI, redirectUri);

    final String clientId = request.getParameter(OAuthConstants.CLIENT_ID);
    logger.debug("{} : {}", OAuthConstants.CLIENT_ID, clientId);

    final String clientSecret = request.getParameter(OAuthConstants.CLIENT_SECRET);

    final String code = request.getParameter(OAuthConstants.CODE);
    logger.debug("{} : {}", OAuthConstants.CODE, code);

    final boolean isVerified = verifyAccessTokenRequest(response, redirectUri, clientId, clientSecret, code);
    if (!isVerified) {
        return OAuthUtils.writeTextError(response, OAuthConstants.INVALID_REQUEST, HttpStatus.SC_BAD_REQUEST);
    }

    final ServiceTicket serviceTicket = (ServiceTicket) ticketRegistry.getTicket(code);
    // service ticket should be valid
    if (serviceTicket == null || serviceTicket.isExpired()) {
        logger.error("Code expired : {}", code);
        return OAuthUtils.writeTextError(response, OAuthConstants.INVALID_GRANT, HttpStatus.SC_BAD_REQUEST);
    }
    final TicketGrantingTicket ticketGrantingTicket = serviceTicket.getGrantingTicket();
    // remove service ticket
    ticketRegistry.deleteTicket(serviceTicket.getId());

    final OAuthRegisteredService registeredService = OAuthUtils.getRegisteredOAuthService(this.servicesManager, clientId);
    final OAuthWebApplicationService service = new OAuthWebApplicationService(registeredService.getId());
    final String accessTokenEncoded = this.accessTokenGenerator.generate(service, ticketGrantingTicket);
    final int expires = (int) (this.timeout - TimeUnit.MILLISECONDS
            .toSeconds(System.currentTimeMillis() - ticketGrantingTicket.getCreationTime()));
    final String text = String.format("%s=%s&%s=%s", OAuthConstants.ACCESS_TOKEN, 
            accessTokenEncoded, OAuthConstants.EXPIRES_IN, expires);
    logger.debug("OAuth access token response: {}", text);
    response.setContentType("text/plain");
    return OAuthUtils.writeText(response, text, HttpStatus.SC_OK);
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:42,代码来源:OAuth20AccessTokenController.java

示例14: verifyAccessTokenRequest

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
/**
 * Verify access token request by reviewing the values of
 * client id, redirect uri, client secret, code, etc.
 *
 * @param response the response
 * @param redirectUri the redirect uri
 * @param clientId the client id
 * @param clientSecret the client secret
 * @param code the code
 * @return true, if successful
 */
private boolean verifyAccessTokenRequest(final HttpServletResponse response, final String redirectUri,
                                         final String clientId, final String clientSecret, final String code) {

    // clientId is required
    if (StringUtils.isBlank(clientId)) {
        logger.error("Missing {}", OAuthConstants.CLIENT_ID);
        return false;
    }
    // redirectUri is required
    if (StringUtils.isBlank(redirectUri)) {
        logger.error("Missing {}", OAuthConstants.REDIRECT_URI);
        return false;
    }
    // clientSecret is required
    if (StringUtils.isBlank(clientSecret)) {
        logger.error("Missing {}", OAuthConstants.CLIENT_SECRET);
        return false;
    }
    // code is required
    if (StringUtils.isBlank(code)) {
        logger.error("Missing {}", OAuthConstants.CODE);
        return false;
    }

    final OAuthRegisteredService service = OAuthUtils.getRegisteredOAuthService(this.servicesManager, clientId);
    if (service == null) {
        logger.error("Unknown {} : {}", OAuthConstants.CLIENT_ID, clientId);
        return false;
    }

    final String serviceId = service.getServiceId();
    if (!redirectUri.matches(serviceId)) {
        logger.error("Unsupported {} : {} for serviceId : {}", OAuthConstants.REDIRECT_URI, redirectUri, serviceId);
        return false;
    }

    if (!StringUtils.equals(service.getClientSecret(), clientSecret)) {
        logger.error("Wrong client secret for service {}", service);
        return false;
    }
    return true;
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:54,代码来源:OAuth20AccessTokenController.java

示例15: internalHandleRequest

import org.jasig.cas.support.oauth.OAuthUtils; //导入依赖的package包/类
@Override
protected ModelAndView internalHandleRequest(final String method, final HttpServletRequest request,
                                             final HttpServletResponse response) throws Exception {
    // get CAS ticket
    final String ticket = request.getParameter(OAuthConstants.TICKET);
    logger.debug("{} : {}", OAuthConstants.TICKET, ticket);

    // retrieve callback url from session
    final HttpSession session = request.getSession();
    String callbackUrl = (String) session.getAttribute(OAuthConstants.OAUTH20_CALLBACKURL);
    logger.debug("{} : {}", OAuthConstants.OAUTH20_CALLBACKURL, callbackUrl);
    session.removeAttribute(OAuthConstants.OAUTH20_CALLBACKURL);

    if (StringUtils.isBlank(callbackUrl)) {
        logger.error("{} is missing from the session and can not be retrieved.", OAuthConstants.OAUTH20_CALLBACKURL);
        return new ModelAndView(OAuthConstants.ERROR_VIEW);
    }
    // and state
    final String state = (String) session.getAttribute(OAuthConstants.OAUTH20_STATE);
    logger.debug("{} : {}", OAuthConstants.OAUTH20_STATE, state);
    session.removeAttribute(OAuthConstants.OAUTH20_STATE);

    // return callback url with code & state
    callbackUrl = OAuthUtils.addParameter(callbackUrl, OAuthConstants.CODE, ticket);
    if (state != null) {
        callbackUrl = OAuthUtils.addParameter(callbackUrl, OAuthConstants.STATE, state);
    }
    logger.debug("{} : {}", OAuthConstants.OAUTH20_CALLBACKURL, callbackUrl);

    final Map<String, Object> model = new HashMap<>();
    model.put("callbackUrl", callbackUrl);

    final Boolean bypassApprovalPrompt = (Boolean) session.getAttribute(OAuthConstants.BYPASS_APPROVAL_PROMPT);
    logger.debug("bypassApprovalPrompt : {}", bypassApprovalPrompt);
    session.removeAttribute(OAuthConstants.BYPASS_APPROVAL_PROMPT);

    // Clients that auto-approve do not need authorization.
    if (bypassApprovalPrompt != null && bypassApprovalPrompt) {
        return OAuthUtils.redirectTo(callbackUrl);
    }

    // retrieve service name from session
    final String serviceName = (String) session.getAttribute(OAuthConstants.OAUTH20_SERVICE_NAME);
    logger.debug("serviceName : {}", serviceName);
    model.put("serviceName", serviceName);

    return new ModelAndView(OAuthConstants.CONFIRM_VIEW, model);

}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:50,代码来源:OAuth20CallbackAuthorizeController.java


注:本文中的org.jasig.cas.support.oauth.OAuthUtils类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。