org.xdi.oxauth.model.common.AuthorizationGrantList の継承関係図

org.xdi.oxauth.model.common.AuthorizationGrantList 連携図

公開メンバ関数
void	removeAuthorizationGrants (List< AuthorizationGrant > authorizationGrants)

AuthorizationGrant	createAuthorizationGrant (User user, Client client, Date authenticationTime)

AuthorizationCodeGrant	createAuthorizationCodeGrant (User user, Client client, Date authenticationTime)

ImplicitGrant	createImplicitGrant (User user, Client client, Date authenticationTime)

ClientCredentialsGrant	createClientCredentialsGrant (User user, Client client)

ResourceOwnerPasswordCredentialsGrant	createResourceOwnerPasswordCredentialsGrant (User user, Client client)

AuthorizationCodeGrant	getAuthorizationCodeGrant (String clientId, String authorizationCode)

AuthorizationGrant	getAuthorizationGrantByRefreshToken (String clientId, String refreshTokenCode)

AuthorizationGrant	assertTokenType (TokenLdap tokenLdap, TokenType tokenType)

List< AuthorizationGrant >	getAuthorizationGrant (String clientId)

AuthorizationGrant	getAuthorizationGrantByAccessToken (String accessToken)

AuthorizationGrant	getAuthorizationGrantByAccessToken (String accessToken, boolean onlyFromCache)

AuthorizationGrant	getAuthorizationGrantByIdToken (String idToken)

AuthorizationGrant	load (String clientId, String p_code)

String	extractClientIdFromTokenDn (String p_dn)

AuthorizationGrant	asGrant (TokenLdap tokenLdap)

非公開変数類
Logger	log

Instance< AbstractAuthorizationGrant >	grantInstance

GrantService	grantService

UserService	userService

ClientService	clientService

AppConfiguration	appConfiguration

CacheService	cacheService

final Pattern	clientInumPattern = Pattern.compile(".+inum=([\\w\\!\\@\\.]+).+")

詳解

Component to hold in memory authorization grant objects.

著者: Javier Rojas Blum

バージョン: September 6, 2017

関数詳解

◆ asGrant()

AuthorizationGrant org.xdi.oxauth.model.common.AuthorizationGrantList.asGrant ( TokenLdap tokenLdap )

inline

                                                            {
         if (tokenLdap != null) {
             final AuthorizationGrantType grantType = AuthorizationGrantType.fromString(tokenLdap.getGrantType());
             if (grantType != null) {
                 final User user = userService.getUser(tokenLdap.getUserId());
                 final Client client = clientService.getClient(extractClientIdFromTokenDn(tokenLdap.getDn()));
                 final Date authenticationTime = tokenLdap.getAuthenticationTime();
                 final String nonce = tokenLdap.getNonce();
 
                 AuthorizationGrant result;
                 switch (grantType) {
                     case AUTHORIZATION_CODE:
                         AuthorizationCodeGrant authorizationCodeGrant = grantInstance.select(AuthorizationCodeGrant.class).get();
                         authorizationCodeGrant.init(user, client, authenticationTime);
 
                         result = authorizationCodeGrant;
                         break;
                     case CLIENT_CREDENTIALS:
                         ClientCredentialsGrant clientCredentialsGrant = grantInstance.select(ClientCredentialsGrant.class).get();
                         clientCredentialsGrant.init(user, client);
 
                         result = clientCredentialsGrant;
                         break;
                     case IMPLICIT:
                         ImplicitGrant implicitGrant = grantInstance.select(ImplicitGrant.class).get();
                         implicitGrant.init(user, client, authenticationTime);
 
                         result = implicitGrant;
                         break;
                     case RESOURCE_OWNER_PASSWORD_CREDENTIALS:
                         ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant = grantInstance.select(ResourceOwnerPasswordCredentialsGrant.class).get();
                         resourceOwnerPasswordCredentialsGrant.init(user, client);
 
                         result = resourceOwnerPasswordCredentialsGrant;
                         break;
                     default:
                         return null;
                 }
 
                 final String grantId = tokenLdap.getGrantId();
                 final String jwtRequest = tokenLdap.getJwtRequest();
                 final String authMode = tokenLdap.getAuthMode();
                 final String sessionDn = tokenLdap.getSessionDn();
                 final String claims = tokenLdap.getClaims();
 
                 result.setTokenBindingHash(tokenLdap.getTokenBindingHash());
                 result.setNonce(nonce);
                 result.setTokenLdap(tokenLdap);
                 if (StringUtils.isNotBlank(grantId)) {
                     result.setGrantId(grantId);
                 }
                 result.setScopes(Util.splittedStringAsList(tokenLdap.getScope(), " "));
 
                 result.setCodeChallenge(tokenLdap.getCodeChallenge());
                 result.setCodeChallengeMethod(tokenLdap.getCodeChallengeMethod());
 
                 if (StringUtils.isNotBlank(jwtRequest)) {
                     try {
                         result.setJwtAuthorizationRequest(new JwtAuthorizationRequest(appConfiguration, jwtRequest, client));
                     } catch (Exception e) {
                         log.trace(e.getMessage(), e);
                     }
                 }
 
                 result.setAcrValues(authMode);
                 result.setSessionDn(sessionDn);
                 result.setClaims(claims);
 
                 if (tokenLdap.getTokenTypeEnum() != null) {
                     switch (tokenLdap.getTokenTypeEnum()) {
                         case AUTHORIZATION_CODE:
                             if (result instanceof AuthorizationCodeGrant) {
                                 final AuthorizationCode code = new AuthorizationCode(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate());
                                 final AuthorizationCodeGrant g = (AuthorizationCodeGrant) result;
                                 g.setAuthorizationCode(code);
                             }
                             break;
                         case REFRESH_TOKEN:
                             final RefreshToken refreshToken = new RefreshToken(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate());
                             result.setRefreshTokens(Arrays.asList(refreshToken));
                             break;
                         case ACCESS_TOKEN:
                             final AccessToken accessToken = new AccessToken(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate());
                             result.setAccessTokens(Arrays.asList(accessToken));
                             break;
                         case ID_TOKEN:
                             final IdToken idToken = new IdToken(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate());
                             result.setIdToken(idToken);
                             break;
                         case LONG_LIVED_ACCESS_TOKEN:
                             final AccessToken longLivedAccessToken = new AccessToken(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate());
                             result.setLongLivedAccessToken(longLivedAccessToken);
                             break;
                     }
                 }
                 return result;
             }
         }
         return null;
     }

◆ assertTokenType()

AuthorizationGrant org.xdi.oxauth.model.common.AuthorizationGrantList.assertTokenType	(	TokenLdap	tokenLdap,
		TokenType	tokenType
	)

inline

                                                                                         {
         if (tokenLdap != null && tokenLdap.getTokenTypeEnum() == tokenType) {
             return asGrant(tokenLdap);
         }
         return null;
     }

◆ createAuthorizationCodeGrant()

AuthorizationCodeGrant org.xdi.oxauth.model.common.AuthorizationGrantList.createAuthorizationCodeGrant	(	User	user,
		Client	client,
		Date	authenticationTime
	)

inline

org.xdi.oxauth.model.common.IAuthorizationGrantListを実装しています。

                                                                                                                   {
         AuthorizationCodeGrant grant = grantInstance.select(AuthorizationCodeGrant.class).get();
         grant.init(user, client, authenticationTime);
 
         CacheGrant memcachedGrant = new CacheGrant(grant, appConfiguration);
         cacheService.put(Integer.toString(grant.getAuthorizationCode().getExpiresIn()), memcachedGrant.cacheKey(), memcachedGrant);
         log.trace("Put authorization grant in cache, code: " + grant.getAuthorizationCode().getCode() + ", clientId: " + grant.getClientId());
         return grant;
     }

◆ createAuthorizationGrant()

AuthorizationGrant org.xdi.oxauth.model.common.AuthorizationGrantList.createAuthorizationGrant	(	User	user,
		Client	client,
		Date	authenticationTime
	)

inline

org.xdi.oxauth.model.common.IAuthorizationGrantListを実装しています。

                                                                                                           {
         AuthorizationGrant grant = grantInstance.select(SimpleAuthorizationGrant.class).get();
         grant.init(user, null, client, authenticationTime);
 
         return grant;
     }

◆ createClientCredentialsGrant()

ClientCredentialsGrant org.xdi.oxauth.model.common.AuthorizationGrantList.createClientCredentialsGrant	(	User	user,
		Client	client
	)

inline

org.xdi.oxauth.model.common.IAuthorizationGrantListを実装しています。

                                                                                          {
         ClientCredentialsGrant grant = grantInstance.select(ClientCredentialsGrant.class).get();
         grant.init(user, client);
 
         return grant;
     }

◆ createImplicitGrant()

ImplicitGrant org.xdi.oxauth.model.common.AuthorizationGrantList.createImplicitGrant	(	User	user,
		Client	client,
		Date	authenticationTime
	)

inline

org.xdi.oxauth.model.common.IAuthorizationGrantListを実装しています。

                                                                                                 {
         ImplicitGrant grant = grantInstance.select(ImplicitGrant.class).get();
         grant.init(user, client, authenticationTime);
 
         return grant;
     }

◆ createResourceOwnerPasswordCredentialsGrant()

ResourceOwnerPasswordCredentialsGrant org.xdi.oxauth.model.common.AuthorizationGrantList.createResourceOwnerPasswordCredentialsGrant	(	User	user,
		Client	client
	)

inline

org.xdi.oxauth.model.common.IAuthorizationGrantListを実装しています。

                                                                                                                        {
         ResourceOwnerPasswordCredentialsGrant grant = grantInstance.select(ResourceOwnerPasswordCredentialsGrant.class).get();
         grant.init(user, client);
 
         return grant;
     }

◆ extractClientIdFromTokenDn()

String org.xdi.oxauth.model.common.AuthorizationGrantList.extractClientIdFromTokenDn ( String p_dn )

inline

                                                           {
         Matcher m = clientInumPattern.matcher(p_dn);
         if (m.matches()) {
                 return m.group(1);
         }
 
         return "";
     }

◆ getAuthorizationCodeGrant()

AuthorizationCodeGrant org.xdi.oxauth.model.common.AuthorizationGrantList.getAuthorizationCodeGrant	(	String	clientId,
		String	authorizationCode
	)

inline

org.xdi.oxauth.model.common.IAuthorizationGrantListを実装しています。

                                                                                                        {
         Object cachedGrant = cacheService.get(null, CacheGrant.cacheKey(clientId, authorizationCode, null));
         if (cachedGrant == null) {
             // retry one time : sometimes during high load cache client may be not fast enough
             cachedGrant = cacheService.get(null, CacheGrant.cacheKey(clientId, authorizationCode, null));
             log.trace("Failed to fetch authorization grant from cache, code: " + authorizationCode + ", clientId: " + clientId);
         }
         return cachedGrant instanceof CacheGrant ? ((CacheGrant) cachedGrant).asCodeGrant(grantInstance) : null;
     }

◆ getAuthorizationGrant()

List<AuthorizationGrant> org.xdi.oxauth.model.common.AuthorizationGrantList.getAuthorizationGrant ( String clientId )

inline

org.xdi.oxauth.model.common.IAuthorizationGrantListを実装しています。

                                                                            {
         final List<AuthorizationGrant> result = new ArrayList<AuthorizationGrant>();
         try {
             final List<TokenLdap> entries = new ArrayList<TokenLdap>();
             entries.addAll(grantService.getGrantsOfClient(clientId));
             entries.addAll(grantService.getCacheClientTokensEntries(clientId));
 
             for (TokenLdap t : entries) {
                 final AuthorizationGrant grant = asGrant(t);
                 if (grant != null) {
                     result.add(grant);
                 }
             }
         } catch (Exception e) {
             log.trace(e.getMessage(), e);
         }
         return result;
     }

◆ getAuthorizationGrantByAccessToken() [1/2]

AuthorizationGrant org.xdi.oxauth.model.common.AuthorizationGrantList.getAuthorizationGrantByAccessToken ( String accessToken )

inline

org.xdi.oxauth.model.common.IAuthorizationGrantListを実装しています。

                                                                                      {
         return getAuthorizationGrantByAccessToken(accessToken, false);
     }

◆ getAuthorizationGrantByAccessToken() [2/2]

AuthorizationGrant org.xdi.oxauth.model.common.AuthorizationGrantList.getAuthorizationGrantByAccessToken	(	String	accessToken,
		boolean	onlyFromCache
	)

inline

                                                                                                             {
         final TokenLdap tokenLdap = grantService.getGrantsByCode(accessToken, onlyFromCache);
         if (tokenLdap != null && (tokenLdap.getTokenTypeEnum() == org.xdi.oxauth.model.ldap.TokenType.ACCESS_TOKEN || tokenLdap.getTokenTypeEnum() == org.xdi.oxauth.model.ldap.TokenType.LONG_LIVED_ACCESS_TOKEN)) {
             return asGrant(tokenLdap);
         }
         return null;
     }

◆ getAuthorizationGrantByIdToken()

AuthorizationGrant org.xdi.oxauth.model.common.AuthorizationGrantList.getAuthorizationGrantByIdToken ( String idToken )

inline

org.xdi.oxauth.model.common.IAuthorizationGrantListを実装しています。

                                                                              {
         final TokenLdap tokenLdap = grantService.getGrantsByCode(idToken);
         if (tokenLdap != null && (tokenLdap.getTokenTypeEnum() == org.xdi.oxauth.model.ldap.TokenType.ID_TOKEN)) {
             return asGrant(tokenLdap);
         }
         return null;
     }

◆ getAuthorizationGrantByRefreshToken()

AuthorizationGrant org.xdi.oxauth.model.common.AuthorizationGrantList.getAuthorizationGrantByRefreshToken	(	String	clientId,
		String	refreshTokenCode
	)

inline

org.xdi.oxauth.model.common.IAuthorizationGrantListを実装しています。

                                                                                                             {
         if (!ServerUtil.isTrue(appConfiguration.getPersistRefreshTokenInLdap())) {
             return assertTokenType((TokenLdap) cacheService.get(null, TokenHashUtil.getHashedToken(refreshTokenCode)), TokenType.REFRESH_TOKEN);
         }
         return assertTokenType(grantService.getGrantsByCodeAndClient(refreshTokenCode, clientId), TokenType.REFRESH_TOKEN);
     }

◆ load()

AuthorizationGrant org.xdi.oxauth.model.common.AuthorizationGrantList.load	(	String	clientId,
		String	p_code
	)

inline

                                                                    {
         return asGrant(grantService.getGrantsByCodeAndClient(p_code, clientId));
     }

◆ removeAuthorizationGrants()

void org.xdi.oxauth.model.common.AuthorizationGrantList.removeAuthorizationGrants ( List< AuthorizationGrant > authorizationGrants )

inline

org.xdi.oxauth.model.common.IAuthorizationGrantListを実装しています。

                                                                                         {
         if (authorizationGrants != null && !authorizationGrants.isEmpty()) {
             for (AuthorizationGrant r : authorizationGrants) {
                 grantService.remove(r);
             }
         }
     }

メンバ詳解

◆ appConfiguration

AppConfiguration org.xdi.oxauth.model.common.AuthorizationGrantList.appConfiguration

private

◆ cacheService

CacheService org.xdi.oxauth.model.common.AuthorizationGrantList.cacheService

private

◆ clientInumPattern

final Pattern org.xdi.oxauth.model.common.AuthorizationGrantList.clientInumPattern = Pattern.compile(".+inum=([\\w\\!\\@\\.]+).+")

private

◆ clientService

ClientService org.xdi.oxauth.model.common.AuthorizationGrantList.clientService

private

◆ grantInstance

Instance<AbstractAuthorizationGrant> org.xdi.oxauth.model.common.AuthorizationGrantList.grantInstance

private

◆ grantService

GrantService org.xdi.oxauth.model.common.AuthorizationGrantList.grantService

private

◆ log

Logger org.xdi.oxauth.model.common.AuthorizationGrantList.log

private

◆ userService

UserService org.xdi.oxauth.model.common.AuthorizationGrantList.userService

private

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/gluu/src/oxAuth/Server/src/main/java/org/xdi/oxauth/model/common/AuthorizationGrantList.java

公開メンバ関数

非公開変数類

詳解

関数詳解

◆ asGrant()

◆ assertTokenType()

◆ createAuthorizationCodeGrant()

◆ createAuthorizationGrant()

◆ createClientCredentialsGrant()

◆ createImplicitGrant()

◆ createResourceOwnerPasswordCredentialsGrant()

◆ extractClientIdFromTokenDn()

◆ getAuthorizationCodeGrant()

◆ getAuthorizationGrant()

◆ getAuthorizationGrantByAccessToken() [1/2]

◆ getAuthorizationGrantByAccessToken() [2/2]

◆ getAuthorizationGrantByIdToken()

◆ getAuthorizationGrantByRefreshToken()

◆ load()

◆ removeAuthorizationGrants()

メンバ詳解

◆ appConfiguration

◆ cacheService

◆ clientInumPattern

◆ clientService

◆ grantInstance

◆ grantService

◆ log

◆ userService