@Test
public void testCase1() throws OAuthException, IOException, JSONException {
FacebookAccessTokenClientResource tokenResource =
new FacebookAccessTokenClientResource(new Reference(baseURI, "/oauth/token1"));
tokenResource.setClientCredentials(STUB_CLIENT_ID, STUB_CLIENT_SECRET);
Token token = tokenResource.requestToken(new OAuthParameters());
assertThat(token.getAccessToken(), is("foo"));
assertThat(token.getExpirePeriod(), is(3600));
}
// TODO The secret should be a char[].
private Representation doRefreshFlow(
String clientId, String clientSecret, Series<Parameter> params) {
String rToken = params.getFirstValue(REFRESH_TOKEN);
if ((rToken == null) || (rToken.length() == 0)) {
setStatus(Status.CLIENT_ERROR_BAD_REQUEST);
return sendError(
OAuthError.invalid_request, "Mandatory parameter refresh_token is missing", null);
}
Client client = validate(clientId, clientSecret);
// null check on failed
if (client == null) {
setStatus(Status.CLIENT_ERROR_FORBIDDEN);
return sendError(OAuthError.invalid_client, "Client id verification failed.", null);
}
Token token = generator.findToken(rToken);
if ((token != null) && (token instanceof ExpireToken)) {
AuthenticatedUser user = token.getUser();
// Make sure that the user owning the token is owned by this client
if (client.containsUser(user.getId())) {
// refresh the token
generator.refreshToken((ExpireToken) token);
JSONObject body = createJsonToken(token, null); // Scopes N/A
// Sets the no-store Cache-Control header
getResponse().setCacheDirectives(noStore);
return new JsonStringRepresentation(body);
} else { // error not owner
setStatus(Status.CLIENT_ERROR_FORBIDDEN);
return sendError(OAuthError.unauthorized_client, "User does not match.", null);
}
} else { // error no such token.
setStatus(Status.CLIENT_ERROR_UNAUTHORIZED);
return sendError(OAuthError.invalid_grant, "Refresh token.", null);
}
}
@Post("json")
public Representation authenticate(Representation input) throws Exception {
getLogger().fine("In Authenticate resource");
if (isLocalAcessOnly()) { // Check that protocol = RIAP
String scheme = getOriginalRef().getScheme();
if (!Protocol.RIAP.getSchemeName().equals(scheme)) {
throw new ResourceException(
Status.CLIENT_ERROR_BAD_REQUEST, "Auth server only allows local resource validation");
}
}
JSONObject call = new JsonRepresentation(input).getJsonObject();
if (!call.has(TOKEN_TYPE)) {
throw new OAuthException(OAuthError.invalid_request, "No token_type", null);
}
String tokenType = call.getString(TOKEN_TYPE);
final Token token;
if (tokenType.equals(OAuthServerResource.TOKEN_TYPE_BEARER)) {
token = tokens.validateToken(call.get(ACCESS_TOKEN).toString());
} /*
* else if (tokenType.equals(OAuthServerResource.TOKEN_TYPE_MAC)) { //
* TODO }
*/ else {
throw new OAuthException(OAuthError.invalid_request, "Unsupported token_type", null);
}
JSONObject resp = new JSONObject();
resp.put(USERNAME, ((ServerToken) token).getUsername());
resp.put(SCOPE, Scopes.toString(token.getScope()));
return new JsonRepresentation(resp);
}
/**
* Converts a {@link Token} to its equivalent as a {@link JSONObject}.
*
* @param token The token.
* @param scopes The list of scopes.
* @return An instance of {@link Token} equivalent to the given token.
* @throws ResourceException
*/
private JSONObject createJsonToken(Token token, String scopes) throws ResourceException {
JSONObject body = new JSONObject();
try {
body.put(ACCESS_TOKEN, token.getToken());
if (token instanceof ExpireToken) {
ExpireToken et = (ExpireToken) token;
body.put(EXPIRES_IN, et.getExpirePeriod());
body.put(REFRESH_TOKEN, et.getRefreshToken());
}
// TODO add scope
} catch (JSONException e) {
throw new ResourceException(Status.SERVER_ERROR_INTERNAL, "Failed to generate JSON", e);
}
return body;
}