CodeClientDetailsValidator.java example

Explorer

oauth2-shiro-master
- authz
  - src
    - main
      - java
        com
        monkeyk
        os
        domain
        oauth
        AuthenticationIdGenerator.java
        DefaultAuthenticationIdGenerator.java
        OauthRepository.java
        users
        PasswordHandler.java
        UsersAuthzRepository.java
        infrastructure
        jdbc
        OauthJdbcRepository.java
        UsersJdbcAuthzRepository.java
        oauth
        OAuthAuthxRequest.java
        OAuthHandler.java
        OAuthTokenxRequest.java
        authorize
        AbstractAuthorizeHandler.java
        CodeAuthorizeHandler.java
        TokenAuthorizeHandler.java
        token
        AbstractOAuthTokenHandler.java
        AuthorizationCodeTokenHandler.java
        ClientCredentialsTokenHandler.java
        OAuthTokenHandleDispatcher.java
        OAuthTokenHandler.java
        PasswordTokenHandler.java
        RefreshTokenHandler.java
        validator
        AbstractClientDetailsValidator.java
        AbstractOauthTokenValidator.java
        AuthorizationCodeClientDetailsValidator.java
        ClientCredentialsClientDetailsValidator.java
        CodeClientDetailsValidator.java
        PasswordClientDetailsValidator.java
        RefreshTokenClientDetailsValidator.java
        TokenClientDetailsValidator.java
        service
        ClientDetailsService.java
        OauthService.java
        UserService.java
        business
        ClientDetailsFormSaver.java
        UsersFormDtoLoader.java
        UsersFormSaver.java
        dto
        ClientDetailsDto.java
        ClientDetailsFormDto.java
        ClientDetailsListDto.java
        LoginDto.java
        RolesDto.java
        UsersDto.java
        UsersFormDto.java
        UsersOverviewDto.java
        impl
        ClientDetailsServiceImpl.java
        OauthServiceImpl.java
        UserServiceImpl.java
        web
        WebUtils.java
        context
        BeanContextLoaderListener.java
        MkkCharacterEncodingFilter.java
        OAuthShiroHandlerExceptionResolver.java
        controller
        ClientDetailsController.java
        ClientDetailsFormDtoValidator.java
        OauthAuthorizeController.java
        OauthTokenController.java
        ShiroController.java
        UsersController.java
        UsersFormDtoValidator.java
    - test
      - java
        com
        monkeyk
        os
        ContextTest.java
        TestApplicationContextInitializer.java
        domain
        oauth
        AccessTokenTest.java
        AuthenticationIdGeneratorTest.java
        users
        PasswordHandlerTest.java
        infrastructure
        jdbc
        OauthJdbcRepositoryTest.java
        UsersJdbcAuthzRepositoryTest.java
        web
        ShiroTest.java
        WebUtilsTest.java
- core
  - src
    - main
      - java
        com
        monkeyk
        os
        domain
        AbstractDomain.java
        oauth
        AccessToken.java
        ClientDetails.java
        Constants.java
        OauthCode.java
        shared
        BeanProvider.java
        GuidGenerator.java
        Repository.java
        users
        Roles.java
        Users.java
        UsersRepository.java
        infrastructure
        DateUtils.java
        ThreadLocalHolder.java
        jdbc
        AbstractJdbcRepository.java
        AccessTokenRowMapper.java
        ClientDetailsRowMapper.java
        OauthCodeRowMapper.java
        RolesRowMapper.java
        UsersRowMapper.java
        shiro
        MkkJdbcRealm.java
        oauth
        shiro
        OAuth2CredentialsMatcher.java
        OAuth2SubjectFactory.java
        OAuth2Token.java
    - test
      - java
        com
        monkeyk
        os
        TestApplicationContextInitializer.java
        domain
        shared
        GuidGeneratorTest.java
        infrastructure
        DateUtilsTest.java
        Jose4JTest.java
- resources
  - src
    - main
      - java
        com
        monkeyk
        os
        domain
        rs
        OAuthRSRepository.java
        RSOAuthClient.java
        infrastructure
        jdbc
        OAuthRSJdbcRepository.java
        oauth
        resources
        MkkOAuthDecision.java
        MkkOAuthPrincipal.java
        MkkOAuthRSProvider.java
        ResourceOAuthFilter.java
        shiro
        OAuth2AuthenticationException.java
        OAuth2Filter.java
        OAuth2JdbcRealm.java
        service
        OAuthRSService.java
        dto
        SystemTimeDto.java
        UsernameDto.java
        impl
        OAuthRSServiceImpl.java
        web
        WebUtils.java
        context
        BeanContextLoaderListener.java
        MkkCharacterEncodingFilter.java
        OAuthShiroHandlerExceptionResolver.java
        controller
        MobileResourcesController.java
        OauthResourcesController.java
    - test
      - java
        com
        monkeyk
        os
        ContextTest.java
        TestApplicationContextInitializer.java
        domain
        oauth
        AccessTokenTest.java
        infrastructure
        jdbc
        OAuthRSJdbcRepositoryTest.java
        web
        ShiroTest.java
        WebUtilsTest.java

package com.monkeyk.os.oauth.validator;

import com.monkeyk.os.domain.oauth.ClientDetails;
import org.apache.commons.lang.StringUtils;
import org.apache.oltu.oauth2.as.request.OAuthAuthzRequest;
import org.apache.oltu.oauth2.common.error.OAuthError;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.servlet.http.HttpServletResponse;
import java.util.Set;

/**
 * 15-6-13
 *
 * @author Shengzhao Li
 */
public class CodeClientDetailsValidator extends AbstractClientDetailsValidator {

    private static final Logger LOG = LoggerFactory.getLogger(CodeClientDetailsValidator.class);

    public CodeClientDetailsValidator(OAuthAuthzRequest oauthRequest) {
        super(oauthRequest);
    }

    /*
    *  grant_type="authorization_code"
    *  ?response_type=code&scope=read,write&client_id=[client_id]&redirect_uri=[redirect_uri]&state=[state]
    * */
    @Override
    public OAuthResponse validateSelf(ClientDetails clientDetails) throws OAuthSystemException {
        //validate redirect_uri
        final String redirectURI = oauthRequest.getRedirectURI();
        if (redirectURI == null || !redirectURI.equals(clientDetails.getRedirectUri())) {
            LOG.debug("Invalid redirect_uri '{}' by response_type = 'code', client_id = '{}'", redirectURI, clientDetails.getClientId());
            return invalidRedirectUriResponse();
        }

        //validate scope
        final Set<String> scopes = oauthRequest.getScopes();
        if (scopes.isEmpty() || excludeScopes(scopes, clientDetails)) {
            return invalidScopeResponse();
        }

        //validate state
        final String state = getState();
        if (StringUtils.isEmpty(state)) {
            LOG.debug("Invalid 'state', it is required, but it is empty");
            return invalidStateResponse();
        }

        return null;
    }

    private String getState() {
        return ((OAuthAuthzRequest) oauthRequest).getState();
    }

    private OAuthResponse invalidStateResponse() throws OAuthSystemException {
        return OAuthResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
                .setError(OAuthError.CodeResponse.INVALID_REQUEST)
                .setErrorDescription("Parameter 'state'  is required")
                .buildJSONMessage();
    }


}