Пример #1
0
 private Response sendAuthorizationCodeResponse(AuthorizationRequest authReq) {
   String uri = authReq.getRedirectUri();
   String authorizationCode = getAuthorizationCodeValue();
   authReq.setAuthorizationCode(authorizationCode);
   authorizationRequestRepository.save(authReq);
   uri = uri + appendQueryMark(uri) + "code=" + authorizationCode + appendStateParameter(authReq);
   return Response.seeOther(UriBuilder.fromUri(uri).build())
       .cacheControl(cacheControlNoStore())
       .header("Pragma", "no-cache")
       .build();
 }
Пример #2
0
 private AuthorizationRequest authorizationCodeToken(AccessTokenRequest accessTokenRequest) {
   AuthorizationRequest authReq =
       authorizationRequestRepository.findByAuthorizationCode(accessTokenRequest.getCode());
   if (authReq == null) {
     throw new ValidationResponseException(ValidationResponse.INVALID_GRANT_AUTHORIZATION_CODE);
   }
   String uri = accessTokenRequest.getRedirectUri();
   if (!authReq.getRedirectUri().equalsIgnoreCase(uri)) {
     throw new ValidationResponseException(ValidationResponse.REDIRECT_URI_DIFFERENT);
   }
   authorizationRequestRepository.delete(authReq);
   return authReq;
 }
Пример #3
0
 private Response sendImplicitGrantResponse(
     AuthorizationRequest authReq, AccessToken accessToken) {
   String uri = authReq.getRedirectUri();
   String fragment =
       String.format(
               "access_token=%s&token_type=bearer&expires_in=%s&scope=%s",
               accessToken.getToken(),
               accessToken.getExpiresIn(),
               StringUtils.join(authReq.getGrantedScopes(), ','))
           + appendStateParameter(authReq);
   if (authReq.getClient().isIncludePrincipal()) {
     fragment += String.format("&principal=%s", authReq.getPrincipal().getDisplayName());
   }
   return Response.seeOther(UriBuilder.fromUri(uri).fragment(fragment).build())
       .cacheControl(cacheControlNoStore())
       .header("Pragma", "no-cache")
       .build();
 }