Example #1
0
 private String cipherDoFinal(Cipher cipher, String base64Encoded) {
   try {
     byte[] encrypted = cipher.doFinal(Base64.decode(base64Encoded));
     return Base64.encodeToString(encrypted);
   } catch (BadPaddingException e) {
     throw new RuntimeException(e);
   } catch (IllegalBlockSizeException e) {
     throw new RuntimeException(e);
   }
 }
Example #2
0
  @Override
  protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token)
      throws AuthenticationException {
    final SimpleAuthenticationInfo authenticationInfo =
        (SimpleAuthenticationInfo) super.doGetAuthenticationInfo(token);

    // We store the salt bytes in Base64 (because the JdbcRealm retrieves it as a String)
    final ByteSource base64Salt = authenticationInfo.getCredentialsSalt();
    authenticationInfo.setCredentialsSalt(
        ByteSource.Util.bytes(Base64.decode(base64Salt.getBytes())));

    return authenticationInfo;
  }
Example #3
0
  public void authenticate(String uname, String paswd, String uri) {
    String encoded = Base64.encodeToString((uname + ":" + paswd).getBytes());

    try {
      URL url = new URL(uri);
      try {
        HttpURLConnection conn = (HttpURLConnection) url.openConnection();
        conn.setRequestProperty("Authorization", "Basic " + encoded);
        System.out.println("response " + conn.getResponseCode());
        new Display().displayBuffer(conn.getInputStream());
      } catch (IOException e) {
        System.out.println("HttpBasicAuth IOException");
        e.printStackTrace();
      }
    } catch (MalformedURLException e) {
      System.out.println("HttpBasicAuth MalformedURLException");
      e.printStackTrace();
    }
  }
Example #4
0
 /**
  * Method description
  *
  * @return
  */
 @Override
 public ByteSource getCredentialsSalt() {
   return ByteSource.Util.bytes(Base64.decode(salt));
 }
Example #5
0
  @GET
  @Path("token")
  public Response getAccessToken(
      @Context UriInfo ui,
      @HeaderParam("Authorization") String authorization,
      @QueryParam("grant_type") String grant_type,
      @QueryParam("username") String username,
      @QueryParam("password") String password,
      @QueryParam("pin") String pin,
      @QueryParam("client_id") String client_id,
      @QueryParam("client_secret") String client_secret,
      @QueryParam("code") String code,
      @QueryParam("ttl") long ttl,
      @QueryParam("redirect_uri") String redirect_uri,
      @QueryParam("callback") @DefaultValue("") String callback)
      throws Exception {

    logger.debug("ApplicationResource.getAccessToken");

    User user = null;

    try {

      if (authorization != null) {
        String type = stringOrSubstringBeforeFirst(authorization, ' ').toUpperCase();
        if ("BASIC".equals(type)) {
          String token = stringOrSubstringAfterFirst(authorization, ' ');
          String[] values = Base64.decodeToString(token).split(":");
          if (values.length >= 2) {
            client_id = values[0].toLowerCase();
            client_secret = values[1];
          }
        }
      }

      // do checking for different grant types
      String errorDescription = "invalid username or password";
      if (GrantType.PASSWORD.toString().equals(grant_type)) {
        try {
          user =
              management.verifyAppUserPasswordCredentials(
                  services.getApplicationId(), username, password);
        } catch (UnactivatedAppUserException uaue) {
          errorDescription = "user not activated";
        } catch (DisabledAppUserException daue) {
          errorDescription = "user disabled";
        } catch (Exception e1) {
        }
      } else if ("pin".equals(grant_type)) {
        try {
          user = management.verifyAppUserPinCredentials(services.getApplicationId(), username, pin);
        } catch (Exception e1) {
        }
      } else if ("client_credentials".equals(grant_type)) {
        try {
          AccessInfo access_info = management.authorizeClient(client_id, client_secret, ttl);
          if (access_info != null) {
            return Response.status(SC_OK)
                .type(jsonMediaType(callback))
                .entity(wrapWithCallback(access_info, callback))
                .build();
          }
        } catch (Exception e1) {
        }
      } else if ("authorization_code".equals(grant_type)) {
        AccessInfo access_info = new AccessInfo();
        access_info.setAccessToken(code);
        return Response.status(SC_OK)
            .type(jsonMediaType(callback))
            .entity(wrapWithCallback(access_info, callback))
            .build();
      }

      if (user == null) {
        OAuthResponse response =
            OAuthResponse.errorResponse(SC_BAD_REQUEST)
                .setError(OAuthError.TokenResponse.INVALID_GRANT)
                .setErrorDescription(errorDescription)
                .buildJSONMessage();
        return Response.status(response.getResponseStatus())
            .type(jsonMediaType(callback))
            .entity(wrapWithCallback(response.getBody(), callback))
            .build();
      }

      String token =
          management.getAccessTokenForAppUser(services.getApplicationId(), user.getUuid(), ttl);

      AccessInfo access_info =
          new AccessInfo()
              .withExpiresIn(tokens.getMaxTokenAge(token) / 1000)
              .withAccessToken(token)
              .withProperty("user", user);

      return Response.status(SC_OK)
          .type(jsonMediaType(callback))
          .entity(wrapWithCallback(access_info, callback))
          .build();

    } catch (OAuthProblemException e) {
      logger.error("OAuth Error", e);
      OAuthResponse res = OAuthResponse.errorResponse(SC_BAD_REQUEST).error(e).buildJSONMessage();
      return Response.status(res.getResponseStatus())
          .type(jsonMediaType(callback))
          .entity(wrapWithCallback(res.getBody(), callback))
          .build();
    }
  }