/** {@inheritDoc} */
public AccessToken readAccessToken(OAuth2Request request, String tokenId)
throws ServerException, InvalidGrantException, NotFoundException {
logger.message("Reading access token");
JsonValue token;
// Read from CTS
try {
token = tokenStore.read(tokenId);
} catch (CoreTokenException e) {
logger.error("Unable to read access token corresponding to id: " + tokenId, e);
throw new ServerException("Could not read token in CTS: " + e.getMessage());
}
if (token == null) {
logger.error("Unable to read access token corresponding to id: " + tokenId);
throw new InvalidGrantException("Could not read token in CTS");
}
OpenAMAccessToken accessToken = new OpenAMAccessToken(token);
validateTokenRealm(accessToken.getRealm(), request);
request.setToken(AccessToken.class, accessToken);
return accessToken;
}
/** {@inheritDoc} */
public AuthorizationCode readAuthorizationCode(OAuth2Request request, String code)
throws InvalidGrantException, ServerException, NotFoundException {
if (logger.messageEnabled()) {
logger.message("Reading Authorization code: " + code);
}
final JsonValue token;
// Read from CTS
try {
token = tokenStore.read(code);
} catch (CoreTokenException e) {
logger.error("Unable to read authorization code corresponding to id: " + code, e);
throw new ServerException("Could not read token from CTS: " + e.getMessage());
}
if (token == null) {
logger.error("Unable to read authorization code corresponding to id: " + code);
throw new InvalidGrantException("The provided access grant is invalid, expired, or revoked.");
}
OpenAMAuthorizationCode authorizationCode = new OpenAMAuthorizationCode(token);
validateTokenRealm(authorizationCode.getRealm(), request);
request.setToken(AuthorizationCode.class, authorizationCode);
return authorizationCode;
}
/** {@inheritDoc} */
public void deleteAuthorizationCode(String authorizationCode) {
if (logger.messageEnabled()) {
logger.message(
"DefaultOAuthTokenStoreImpl::Deleting Authorization code: " + authorizationCode);
}
JsonValue oAuthToken;
// Read from CTS
try {
oAuthToken = tokenStore.read(authorizationCode);
} catch (CoreTokenException e) {
logger.error(
"DefaultOAuthTokenStoreImpl::Unable to read authorization code corresponding to id: "
+ authorizationCode,
e);
throw new OAuthProblemException(
Status.SERVER_ERROR_INTERNAL.getCode(),
"Internal error",
"Could not read token from CTS: " + e.getMessage(),
null);
}
if (oAuthToken == null) {
logger.error(
"DefaultOAuthTokenStoreImpl::Unable to read authorization code corresponding to id: "
+ authorizationCode);
throw new OAuthProblemException(
Status.CLIENT_ERROR_NOT_FOUND.getCode(),
"Not found",
"Could not find token using CTS",
null);
}
// Delete the code
try {
tokenStore.delete(authorizationCode);
} catch (CoreTokenException e) {
logger.error(
"DefaultOAuthTokenStoreImpl::Unable to delete authorization code corresponding to id: "
+ authorizationCode,
e);
throw new OAuthProblemException(
Status.SERVER_ERROR_INTERNAL.getCode(),
"Internal error",
"Could not delete token from CTS: " + e.getMessage(),
null);
}
}
@Override
public DeviceCode readDeviceCode(String clientId, String code, OAuth2Request request)
throws ServerException, NotFoundException, InvalidGrantException {
try {
JsonValue token = tokenStore.read(code);
if (token == null) {
return null;
}
DeviceCode deviceCode = new DeviceCode(token);
if (!clientId.equals(deviceCode.getClientId())) {
throw new InvalidGrantException();
}
validateTokenRealm(deviceCode.getRealm(), request);
request.setToken(DeviceCode.class, deviceCode);
return deviceCode;
} catch (CoreTokenException e) {
logger.error("Unable to read device code corresponding to id: " + code, e);
throw new ServerException("Could not read token in CTS: " + e.getMessage());
}
}
/** {@inheritDoc} */
public RefreshToken readRefreshToken(OAuth2Request request, String tokenId)
throws ServerException, InvalidGrantException, NotFoundException {
logger.message("Read refresh token");
JsonValue token;
try {
token = tokenStore.read(tokenId);
} catch (CoreTokenException e) {
logger.error("Unable to read refresh token corresponding to id: " + tokenId, e);
throw new ServerException("Could not read token in CTS: " + e.getMessage());
}
if (token == null) {
logger.error("Unable to read refresh token corresponding to id: " + tokenId);
throw new InvalidGrantException("grant is invalid");
}
OpenAMRefreshToken refreshToken = new OpenAMRefreshToken(token);
validateTokenRealm(refreshToken.getRealm(), request);
request.setToken(RefreshToken.class, refreshToken);
return refreshToken;
}
