org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS クラス

org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS 連携図

公開メンバ関数
Response	introspectGet (@HeaderParam("Authorization") String authorization, @QueryParam("token") String token, @QueryParam("token_type_hint") String tokenTypeHint)
Response	introspectPost (@HeaderParam("Authorization") String authorization, @FormParam("token") String token, @FormParam("token_type_hint") String tokenTypeHint)
Response	requestRptStatusGet (@HeaderParam("Authorization") String authorization, @FormParam("token") String rpt, @FormParam("token_type_hint") String tokenTypeHint)

非公開メンバ関数
Response	introspect (String authorization, String token, String tokenTypeHint)
boolean	isValid (UmaRPT p_rpt)
boolean	isValid (UmaPermission permission)
List< org.xdi.oxauth.model.uma.UmaPermission >	buildStatusResponsePermissions (UmaRPT rpt)

非公開変数類
Logger	log
ErrorResponseFactory	errorResponseFactory
UmaRptService	rptService
UmaValidationService	umaValidationService
UmaScopeService	umaScopeService
UmaPctService	pctService

詳解

The endpoint at which the host requests the status of an RPT presented to it by a requester. The endpoint is RPT introspection profile implementation defined by http://docs.kantarainitiative.org/uma/draft-uma-core.html#uma-bearer-token-profile

著者

Yuriy Zabrovarnyy

関数詳解

buildStatusResponsePermissions()

List<org.xdi.oxauth.model.uma.UmaPermission> org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.buildStatusResponsePermissions ( UmaRPT  rpt )

inlineprivate

                                                                                                    {
        final List<org.xdi.oxauth.model.uma.UmaPermission> result = new ArrayList<org.xdi.oxauth.model.uma.UmaPermission>();
        if (rpt != null) {
            final List<UmaPermission> rptPermissions = rptService.getRptPermissions(rpt);
            if (rptPermissions != null && !rptPermissions.isEmpty()) {
                for (UmaPermission permission : rptPermissions) {
                    if (isValid(permission)) {
                        final org.xdi.oxauth.model.uma.UmaPermission toAdd = ServerUtil.convert(permission, umaScopeService);
                        if (toAdd != null) {
                            result.add(toAdd);
                        }
                    } else {
                        log.debug("Ignore permission, skip it in response because permission is not valid. Permission dn: {}, rpt dn: {}",
                                permission.getDn(), rpt.getDn());
                    }
                }
            }
        }
        return result;
    }

introspect()

Response org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.introspect ( String  authorization, String  token, String  tokenTypeHint  )

inlineprivate

                                                                                          {
        try {
            umaValidationService.assertHasProtectionScope(authorization);

            final UmaRPT rpt = rptService.getRPTByCode(token);

            if (!isValid(rpt)) {
                return Response.status(Response.Status.OK).
                        entity(new RptIntrospectionResponse(false)).
                        cacheControl(ServerUtil.cacheControl(true)).
                        build();
            }

            final List<org.xdi.oxauth.model.uma.UmaPermission> permissions = buildStatusResponsePermissions(rpt);

            // active status
            final RptIntrospectionResponse statusResponse = new RptIntrospectionResponse();
            statusResponse.setActive(true);
            statusResponse.setExpiresAt(ServerUtil.dateToSeconds(rpt.getExpirationDate()));
            statusResponse.setIssuedAt(ServerUtil.dateToSeconds(rpt.getCreationDate()));
            statusResponse.setPermissions(permissions);
            statusResponse.setClientId(rpt.getClientId());
            statusResponse.setAud(rpt.getClientId());
            statusResponse.setSub(rpt.getUserId());

            final List<UmaPermission> rptPermissions = rptService.getRptPermissions(rpt);
            if (!rptPermissions.isEmpty()) {
                UmaPermission permission = rptPermissions.iterator().next();
                String pctCode = permission.getAttributes().get(UmaPermission.PCT);
                if (StringHelper.isNotEmpty(pctCode)) {
                    UmaPCT pct = pctService.getByCode(pctCode);
                    if (pct != null) {
                        statusResponse.setPctClaims(pct.getClaims().toMap());
                    } else {
                        log.error("Failed to find PCT with code: " + pctCode + " which is taken from permission object: " + permission.getDn());
                    }
                } else {
                    log.trace("PCT code is blank for RPT: " + rpt.getCode());
                }
            }


            // convert manually to avoid possible conflict between resteasy providers, e.g. jettison, jackson
            final String entity = ServerUtil.asJson(statusResponse);

            return Response.status(Response.Status.OK).entity(entity).cacheControl(ServerUtil.cacheControl(true)).build();
        } catch (Exception ex) {
            log.error("Exception happened", ex);
            if (ex instanceof WebApplicationException) {
                throw (WebApplicationException) ex;
            }

            throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR)
                    .entity(errorResponseFactory.getUmaJsonErrorResponse(UmaErrorResponseType.SERVER_ERROR)).build());
        }
    }

introspectGet()

Response org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.introspectGet ( @HeaderParam("Authorization") String  authorization, @QueryParam("token") String  token, @QueryParam("token_type_hint") String  tokenTypeHint  )

inline

                                                                                       {
        return introspect(authorization, token, tokenTypeHint);
    }

introspectPost()

Response org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.introspectPost ( @HeaderParam("Authorization") String  authorization, @FormParam("token") String  token, @FormParam("token_type_hint") String  tokenTypeHint  )

inline

                                                                                       {
        return introspect(authorization, token, tokenTypeHint);
    }

isValid() [1/2]

boolean org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.isValid ( UmaRPT  p_rpt )

inlineprivate

                                          {
        if (p_rpt != null) {
            p_rpt.checkExpired();
            return p_rpt.isValid();
        }
        return false;
    }

isValid() [2/2]

boolean org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.isValid ( UmaPermission  permission )

inlineprivate

                                                      {
        if (permission != null) {
            permission.checkExpired();
            return permission.isValid();
        }
        return false;
    }

requestRptStatusGet()

Response org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.requestRptStatusGet ( @HeaderParam("Authorization") String  authorization, @FormParam("token") String  rpt, @FormParam("token_type_hint") String  tokenTypeHint  )

inline

                                                                                            {
        throw new WebApplicationException(Response.status(405).entity("Introspection of RPT is not allowed by GET HTTP method.").build());
    }

メンバ詳解

errorResponseFactory

ErrorResponseFactory org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.errorResponseFactory

private

log

Logger org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.log

private

pctService

UmaPctService org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.pctService

private

rptService

UmaRptService org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.rptService

private

umaScopeService

UmaScopeService org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.umaScopeService

private

umaValidationService

UmaValidationService org.xdi.oxauth.uma.ws.rs.UmaRptIntrospectionWS.umaValidationService

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxAuth/Server/src/main/java/org/xdi/oxauth/uma/ws/rs/UmaRptIntrospectionWS.java