OAuth2UserApplications.java revision 8ace0598d7efa128bc0a87d3489da0a26a54291b
/*
* The contents of this file are subject to the terms of the Common Development and
* Distribution License (the License). You may not use this file except in compliance with the
* License.
*
* You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
* specific language governing permission and limitations under the License.
*
* When distributing Covered Software, include this CDDL Header Notice in each file and include
* the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
* Header, with the fields enclosed by brackets [] replaced by your own identifying
* information: "Portions copyright [year] [name of copyright owner]".
*
* Copyright 2015 ForgeRock AS.
*/
/**
* A request handler for inspecting and revoking OAuth2 applications. It requires a user and a realm to be available
* in the request context.
*
* @since 13.0.0
*/
public class OAuth2UserApplications {
private final OAuthTokenStore tokenStore;
private final OAuth2ProviderSettingsFactory oAuth2ProviderSettingsFactory;
private final ClientRegistrationStore clientRegistrationStore;
private final ContextHelper contextHelper;
this.tokenStore = tokenStore;
this.contextHelper = contextHelper;
}
/**
* Allows users to query OAuth2 applications that they have given their consent access to and that have active
*
* <p>Applications consist of an id, a name (the client id), a set of scopes and an expiry time. The scopes field
* is the union of the scopes of the individual access/refresh tokens. The expiry time is the time when the last
* access/refresh token will expire, or null if the server is configured to allow tokens to be refreshed
* indefinitely.</p>
*
* @param context The request context.
* @param queryHandler The query handler.
* @param request Unused but necessary for used of the {@link @Query} annotation.
* @return A promise of a query response.
*/
public Promise<QueryResponse, ResourceException> query(Context context, QueryResourceHandler queryHandler,
try {
if (applicationTokens == null) {
applicationTokens = new HashSet<>();
}
}
}
NotFoundException e) {
return new InternalServerErrorException(e).asPromise();
} catch (InternalServerErrorException e) {
return e.asPromise();
}
}
/**
* Allows users to revoke an OAuth2 application. This will remove their consent and revoke any access and refresh
* tokens with a matching client id.
* @param context The request context.
* @param resourceId The id of the OAuth2 client.
* @return A promise of the removed application.
*/
public Promise<ResourceResponse, ResourceException> deleteInstance(Context context, String resourceId) {
try {
);
}
}
return new InternalServerErrorException(e).asPromise();
} catch (InternalServerErrorException e) {
return e.asPromise();
}
}
private ResourceResponse getResourceResponse(Context context, String clientId, Iterable<JsonValue> tokens)
Map<String, String> scopeDescriptions = clientRegistration.getScopeDescriptions(getLocale(context));
} else {
}
}
}
));
return Responses.newResourceResponse(clientId, String.valueOf(content.getObject().hashCode()), content);
}
private String calculateExpiryDateTime(Iterable<JsonValue> tokens, OAuth2ProviderSettings oAuth2ProviderSettings)
throws ServerException {
long maxExpiryMilliseconds = 0L;
long tokenExpiryMilliseconds = Long.parseLong(getAttributeValue(token, EXPIRY_TIME.getOAuthField()));
if (tokenExpiryMilliseconds == -1) {
return null;
}
return null;
}
}
}
}
}
}
return null;
}
}
return and(
or(
)
);
}
}