TokenResource.java revision 109d6d2dfb8e7b925aafcd3a1f43dcb1658f3f28
/*
* DO NOT REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright 2012-2015 ForgeRock AS.
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions copyright [year] [name of copyright owner]"
*/
public class TokenResource implements CollectionResourceProvider {
private static final DateFormat DATE_FORMATTER = (new SimpleDateFormat()).getDateTimeInstance(DateFormat.MEDIUM,
private final OAuthTokenStore tokenStore;
private final OpenAMOAuth2ProviderSettingsFactory oAuth2ProviderSettingsFactory;
private static SSOToken token = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
static {
}
}
private final IdentityManager identityManager;
public TokenResource(OAuthTokenStore tokenStore, ClientDAO clientDao, IdentityManager identityManager,
this.tokenStore = tokenStore;
this.identityManager = identityManager;
}
public void actionCollection(ServerContext context, ActionRequest actionRequest, ResultHandler<JsonValue> handler) {
}
}
} else {
if (debug.errorEnabled()) {
debug.error("TokenResource :: ACTION : Unsupported action request performed, " + actionId + " on " +
}
}
}
public void createInstance(ServerContext context, CreateRequest createRequest, ResultHandler<Resource> handler) {
}
/**
* Deletes the token with the provided token id.
*
* @param context The context.
* @param tokenId The token id.
* @param handler The handler.
* @param deleteRefreshToken Whether to delete associated refresh token, if token id is for an access token.
* @return {@code true} if the token has been deleted.
*/
boolean deleteRefreshToken) {
try {
if (debug.errorEnabled()) {
}
}
if (debug.errorEnabled()) {
}
}
if (deleteRefreshToken) {
}
} else {
if (deleteRefreshToken) {
}
} else {
if (debug.errorEnabled()) {
}
}
}
return true;
} catch (CoreTokenException e) {
} catch (ResourceException e) {
handler.handleError(e);
} catch (SSOException e) {
debug.error("TokenResource :: DELETE : Unable to retrieve identity of the requesting user. Unauthorized.");
} catch (IdRepoException e) {
debug.error("TokenResource :: DELETE : Unable to retrieve identity of the requesting user. Unauthorized.");
} catch (UnauthorizedClientException e) {
}
return false;
}
/**
* Deletes the provided access token's refresh token.
*
* @param token The access token.
* @throws CoreTokenException If there was a problem deleting the refresh token.
*/
if (refreshTokenId != null) {
}
}
}
/**
* Gets the value of the named attribute from the provided token.
*
* @param token The token.
* @param attributeName The attribute name.
* @return The attribute value.
*/
}
return null;
}
/**
* Gets the {@code Set<String>} of values for the given attributeName.
*
* @param value The {@code JsonValue}.
* @param attributeName The attribute name.
* @return The attribute set.
*/
@SuppressWarnings("unchecked")
}
return null;
}
}
}
}
public void queryCollection(ServerContext context, QueryRequest queryRequest, QueryResultHandler handler) {
try {
//get uid of submitter
try {
}
} catch (Exception e) {
if (debug.errorEnabled()) {
"for requesting user.");
}
}
queryString = "tokenName=access_token";
} else {
queryString = id;
}
}
}
} catch (UnauthorizedClientException e) {
debug.error("TokenResource :: QUERY : Unable to query collection as the client is not authorized.", e);
} catch (CoreTokenException e) {
debug.error("TokenResource :: QUERY : Unable to query collection as the token store is not available.", e);
} catch (InternalServerErrorException e) {
debug.error("TokenResource :: QUERY : Unable to query collection as writing the response failed.", e);
handler.handleError(e);
} catch (NotFoundException e) {
debug.error("TokenResource :: QUERY : Unable to query collection as realm does not have OAuth 2 provider.", e);
handler.handleError(e);
}
}
}
}
}
private void handleResponse(QueryResultHandler handler, JsonValue response, ServerContext context) throws UnauthorizedClientException,
}
}
}
return client.get(OAuth2Constants.ShortClientAttributeNames.DISPLAY_NAME.getType()).get(0).asString();
}
private String getScopes(Client client, JsonValue entry, String acceptLanguage) throws UnauthorizedClientException {
}
}
private String getDisplayName(String allowedScope, JsonValue allScopes, java.util.Locale serverLocale) {
}
return displayName;
}
}
}
}
if (defaultDisplayName != null) {
return defaultDisplayName;
}
return allowedScope;
}
}
return new OAuth2Request() {
public <T> T getRequest() {
throw new UnsupportedOperationException("Realm parameter only OAuth2Request");
}
return (T) realm;
}
throw new UnsupportedOperationException("Realm parameter only OAuth2Request");
}
return null;
}
throw new UnsupportedOperationException();
}
};
}
private String getExpiryDate(JsonValue token) throws CoreTokenException, InternalServerErrorException, NotFoundException {
try {
throw new NotFoundException(e.getMessage());
}
try {
return "Indefinitely";
} else {
//Use refresh token expiry
}
} else {
//Use access token expiry
}
} catch (ServerException e) {
throw new InternalServerErrorException(e);
}
}
try {
try {
} catch (CoreTokenException e) {
if (debug.errorEnabled()) {
}
throw new NotFoundException("Could not find valid token with given ID", e);
}
if (debug.errorEnabled()) {
}
throw new NotFoundException("Could not find valid token with given ID");
}
long expireTime;
if (expireTimeValue.isNumber()) {
} else {
}
throw new NotFoundException("Could not find valid token with given ID");
}
if (grantType != null && grantType.equalsIgnoreCase(OAuth2Constants.TokenEndpoint.CLIENT_CREDENTIALS)) {
resource =
} else {
if (debug.errorEnabled()) {
}
throw new NotFoundException("Could not find valid token with given ID");
}
resource =
} else {
if (debug.errorEnabled()) {
}
}
}
} catch (ResourceException e) {
handler.handleError(e);
} catch (SSOException e) {
"failed to return a valid user.", e);
} catch (IdRepoException e) {
"failed to return a valid user.", e);
} catch (UnauthorizedClientException e) {
debug.error("TokenResource :: READ : Unable to query collection as the client is not authorized.", e);
}
}
}
/**
* Returns TokenID from headers
*
* @param context ServerContext which contains the headers.
* @return String with TokenID
*/
}
private AMIdentity getUid(ServerContext context) throws SSOException, IdRepoException, UnauthorizedClientException {
return identityManager.getResourceOwnerIdentity(token.getProperty("UserToken"), token.getProperty("Organization"));
}
}