org.gluu.oxtrust.service.uma.PassportUmaProtectionService クラス

org.gluu.oxtrust.service.uma.PassportUmaProtectionService の継承関係図

org.gluu.oxtrust.service.uma.PassportUmaProtectionService 連携図

公開メンバ関数
String	getUmaResourceId ()
String	getUmaScope ()
boolean	isEnabled ()
Response	processAuthorization (HttpHeaders headers, ResourceInfo resourceInfo)
Token	getPatToken () throws UmaProtectionException
boolean	isExistPatToken ()
List< String >	getRequestedScopes (ResourceInfo resourceInfo)

限定公開メンバ関数
String	getClientId ()
String	getClientKeyStorePassword ()
String	getClientKeyStoreFile ()
String	getClientKeyId ()
boolean	isEnabledUmaAuthentication ()
long	computeAccessTokenExpirationTime (Integer expiresIn)
Response	getErrorResponse (Response.Status status, String detail)

限定公開変数類
UmaPermissionService	umaPermissionService

関数
Response	processUmaAuthorization (String authorization, ResourceInfo resourceInfo) throws Exception

非公開メンバ関数
boolean	isPassportEnabled ()

非公開変数類
Logger	log
AppConfiguration	appConfiguration
ApplianceService	applianceService

静的非公開変数類
static final long	serialVersionUID = -5547131971095468865L

詳解

Provides service to protect Passport Passport Rest service endpoints

著者

Yuriy Movchan Date: 012/06/2016

関数詳解

computeAccessTokenExpirationTime()

long org.gluu.oxtrust.service.uma.BaseUmaProtectionService.computeAccessTokenExpirationTime ( Integer  expiresIn )

inlineprotectedinherited

                                                                           {
                // Compute "accessToken" expiration timestamp
                Calendar calendar = Calendar.getInstance();
                if (expiresIn != null) {
                        calendar.add(Calendar.SECOND, expiresIn);
                        calendar.add(Calendar.SECOND, -10); // Subtract 10 seconds to avoid expirations during executing request
                }

                return calendar.getTimeInMillis();
        }

getClientId()

String org.gluu.oxtrust.service.uma.PassportUmaProtectionService.getClientId ( )

inlineprotected

                                       {
                return appConfiguration.getPassportUmaClientId();
        }

getClientKeyId()

String org.gluu.oxtrust.service.uma.PassportUmaProtectionService.getClientKeyId ( )

inlineprotected

                                          {
                return appConfiguration.getPassportUmaClientKeyId();
        }

getClientKeyStoreFile()

String org.gluu.oxtrust.service.uma.PassportUmaProtectionService.getClientKeyStoreFile ( )

inlineprotected

                                                 {
                return appConfiguration.getPassportUmaClientKeyStoreFile();
        }

getClientKeyStorePassword()

String org.gluu.oxtrust.service.uma.PassportUmaProtectionService.getClientKeyStorePassword ( )

inlineprotected

                                                     {
                return appConfiguration.getPassportUmaClientKeyStorePassword();
        }

getErrorResponse()

Response org.gluu.oxtrust.service.uma.BaseUmaProtectionService.getErrorResponse ( Response.Status  status, String  detail  )

inlineprotectedinherited

                                                                               {
        return Response.status(status).entity(detail).build();
    }

getPatToken()

Token org.gluu.oxtrust.service.uma.BaseUmaProtectionService.getPatToken ( ) throws UmaProtectionException

inlineinherited

                                                                 {
                if (isValidPatToken(this.umaPat, this.umaPatAccessTokenExpiration)) {
                        return this.umaPat;
                }

                lock.lock();
                try {
                        if (isValidPatToken(this.umaPat, this.umaPatAccessTokenExpiration)) {
                                return this.umaPat;
                        }

                        retrievePatToken();
                } finally {
                  lock.unlock();
                }


                return this.umaPat;
        }

getRequestedScopes()

List<String> org.gluu.oxtrust.service.uma.BaseUmaProtectionService.getRequestedScopes ( ResourceInfo  resourceInfo )

inlineinherited

                                                                          {
                Class<?> resourceClass = resourceInfo.getResourceClass();
                ProtectedApi typeAnnotation = resourceClass.getAnnotation(ProtectedApi.class);
                if (typeAnnotation == null) {
                        return Collections.emptyList();
                }

                List<String> scopes = new ArrayList<String>();
                scopes.addAll(getResourceScopes(typeAnnotation.scopes()));

                Method resourceMethod = resourceInfo.getResourceMethod();
                ProtectedApi methodAnnotation = resourceMethod.getAnnotation(ProtectedApi.class);
                if (methodAnnotation != null) {
                        scopes.addAll(getResourceScopes(methodAnnotation.scopes()));
                }

                return scopes;
        }

getUmaResourceId()

String org.gluu.oxtrust.service.uma.PassportUmaProtectionService.getUmaResourceId ( )

inline

                                         {
                return appConfiguration.getPassportUmaResourceId();
        }

getUmaScope()

String org.gluu.oxtrust.service.uma.PassportUmaProtectionService.getUmaScope ( )

inline

                                    {
                return appConfiguration.getPassportUmaScope();
        }

isEnabled()

boolean org.gluu.oxtrust.service.uma.PassportUmaProtectionService.isEnabled ( )

inline

                                   {
                return isPassportEnabled() && isEnabledUmaAuthentication();
        }

isEnabledUmaAuthentication()

boolean org.gluu.oxtrust.service.uma.BaseUmaProtectionService.isEnabledUmaAuthentication ( )

inlineprotectedinherited

                                                       {
        return (umaMetadata != null) && isExistPatToken();
        }

isExistPatToken()

boolean org.gluu.oxtrust.service.uma.BaseUmaProtectionService.isExistPatToken ( )

inlineinherited

                                         {
                try {
                        return getPatToken() != null;
                } catch (UmaProtectionException ex) {
                        log.error("Failed to check UMA PAT token status", ex);
                }

                return false;
        }

isPassportEnabled()

boolean org.gluu.oxtrust.service.uma.PassportUmaProtectionService.isPassportEnabled ( )

inlineprivate

                                            {
                GluuAppliance appliance = applianceService.getAppliance();
                GluuBoolean passportEnbaled = appliance.getPassportEnabled();
                
                return GluuBoolean.ENABLED.equals(passportEnbaled) || GluuBoolean.TRUE.equals(passportEnbaled);
        }

processAuthorization()

Response org.gluu.oxtrust.service.uma.PassportUmaProtectionService.processAuthorization ( HttpHeaders  headers, ResourceInfo  resourceInfo  )

inline

                                                                                        {

        if (isEnabled()) {
            try {
                return processUmaAuthorization(headers.getHeaderString("Authorization"), resourceInfo);
            }
            catch (Exception e){
                log.error(e.getMessage(), e);
                return getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, e.getMessage());
            }
        }
        else{
            log.info("UMA passport authentication is disabled");
            return getErrorResponse(Response.Status.SERVICE_UNAVAILABLE, "Passport configuration was disabled");
        }

    }

processUmaAuthorization()

Response org.gluu.oxtrust.service.uma.BaseUmaProtectionService.processUmaAuthorization ( String  authorization, ResourceInfo  resourceInfo  ) throws Exception

inlinepackageinherited

                                                                                                       {
                List<String> scopes = getRequestedScopes(resourceInfo);

        Token patToken = null;
        try {
            patToken = getPatToken();
        }
        catch (UmaProtectionException ex) {
            return getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Failed to obtain PAT token");
        }

        Pair<Boolean, Response> rptTokenValidationResult;
        if (scopes.isEmpty()) {
                rptTokenValidationResult = umaPermissionService.validateRptToken(patToken, authorization, getUmaResourceId(), scopes);
        } else {
                rptTokenValidationResult = umaPermissionService.validateRptToken(patToken, authorization, getUmaResourceId(), getUmaScope());
        }

        if (rptTokenValidationResult.getFirst()) {
            if (rptTokenValidationResult.getSecond() != null) {
                return rptTokenValidationResult.getSecond();
            }
        }
        else {
            return getErrorResponse(Response.Status.UNAUTHORIZED, "Invalid GAT/RPT token");
        }
        return null;

    }

メンバ詳解

appConfiguration

AppConfiguration org.gluu.oxtrust.service.uma.PassportUmaProtectionService.appConfiguration

private

applianceService

ApplianceService org.gluu.oxtrust.service.uma.PassportUmaProtectionService.applianceService

private

log

Logger org.gluu.oxtrust.service.uma.PassportUmaProtectionService.log

private

serialVersionUID

final long org.gluu.oxtrust.service.uma.PassportUmaProtectionService.serialVersionUID = -5547131971095468865L

staticprivate

umaPermissionService

UmaPermissionService org.gluu.oxtrust.service.uma.BaseUmaProtectionService.umaPermissionService

protectedinherited

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxTrust/server/src/main/java/org/gluu/oxtrust/service/uma/PassportUmaProtectionService.java