org.xdi.oxd.server.service.ValidationService クラス

org.xdi.oxd.server.service.ValidationService 連携図

公開メンバ関数
void	notNull (IParams params)
void	notBlankOxdId (String oxdId)
void	notBlankOpHost (String opHost)
Pair< Rp, Boolean >	validate (IParams params)
IntrospectionResponse	introspect (String accessToken, String oxdId)
void	validate (HasOxdIdParams params)
Rp	validate (Rp rp)

非公開メンバ関数
boolean	validate (HasProtectionAccessTokenParams params)

静的非公開変数類
static final Logger	LOG = LoggerFactory.getLogger(ValidationService.class)

詳解

著者

Yuriy Zabrovarnyy

関数詳解

introspect()

IntrospectionResponse org.xdi.oxd.server.service.ValidationService.introspect ( String  accessToken, String  oxdId  )

inline

                                                                              {
        if (StringUtils.isBlank(accessToken)) {
            throw new ErrorResponseException(ErrorResponseCode.BLANK_PROTECTION_ACCESS_TOKEN);
        }

        final RpService rpService = ServerLauncher.getInjector().getInstance(RpService.class);
        final Rp rp = rpService.getRp(oxdId);
        if (StringUtils.isNotBlank(rp.getSetupOxdId())) {
            oxdId = rp.getSetupOxdId();
        } else {
            Rp firstSetupClient = rpService.getFirstSetupClient();
            if (firstSetupClient != null) {
                oxdId = firstSetupClient.getOxdId();
            }
        }
        LOG.trace("Introspect token with rp: " + rpService.getRp(oxdId));

        final IntrospectionService introspectionService = ServerLauncher.getInjector().getInstance(IntrospectionService.class);
        final IntrospectionResponse response = introspectionService.introspectToken(oxdId, accessToken);

        if (!response.isActive()) {
            LOG.debug("access_token is not active.");
            throw new ErrorResponseException(ErrorResponseCode.INACTIVE_PROTECTION_ACCESS_TOKEN);
        }
        return response;
    }

notBlankOpHost()

void org.xdi.oxd.server.service.ValidationService.notBlankOpHost ( String  opHost )

inline

                                              {
        if (Strings.isNullOrEmpty(opHost)) {
            throw new ErrorResponseException(ErrorResponseCode.INVALID_OP_HOST);
        }
    }

notBlankOxdId()

void org.xdi.oxd.server.service.ValidationService.notBlankOxdId ( String  oxdId )

inline

                                            {
        if (Strings.isNullOrEmpty(oxdId)) {
            throw new ErrorResponseException(ErrorResponseCode.BAD_REQUEST_NO_OXD_ID);
        }
    }

notNull()

void org.xdi.oxd.server.service.ValidationService.notNull ( IParams  params )

inline

                                        {
        if (params == null) {
            throw new ErrorResponseException(ErrorResponseCode.INTERNAL_ERROR_NO_PARAMS);
        }
    }

validate() [1/4]

Pair<Rp, Boolean> org.xdi.oxd.server.service.ValidationService.validate ( IParams  params )

inline

                                                      {
        Boolean isClientLocal = null;
        notNull(params);
        if (params instanceof HasOxdIdParams) {
            validate((HasOxdIdParams) params);
            isClientLocal = true;
        }
        if (params instanceof HasProtectionAccessTokenParams) {
            if (validate((HasProtectionAccessTokenParams) params)) {
                isClientLocal = false;
            }
        }

        if (isClientLocal != null && !(params instanceof RegisterSiteParams)) {
            try {
                String oxdId = ((HasOxdIdParams) params).getOxdId();
                if (StringUtils.isNotBlank(oxdId)) {
                    final RpService rpService = ServerLauncher.getInjector().getInstance(RpService.class);
                    final Rp rp = rpService.getRp(oxdId);
                    if (rp != null) {
                        return new Pair<>(rp, isClientLocal);
                    }
                }
            } catch (ErrorResponseException e) {
                if (e.getErrorResponseCode() == ErrorResponseCode.EXPIRED_CLIENT) {
                    throw e;
                }
                // ignore
            } catch (Exception e) {
                LOG.error("Failed to invoke license service client update. Message: " + e.getMessage(), e);
            }
        }
        return null;
    }

validate() [2/4]

boolean org.xdi.oxd.server.service.ValidationService.validate ( HasProtectionAccessTokenParams  params )

inlineprivate

Returns whether has valid token

引数

params

params

戻り値

true - client is remote, false - client is local. If validation does not pass exception must be thrown

                                                                    {
        if (params instanceof SetupClientParams) {
            return false;
        }
        if (params instanceof UpdateSiteParams) {
            final RpService rpService = ServerLauncher.getInjector().getInstance(RpService.class);
            final Rp rp = rpService.getRp(params.getOxdId());
            if (rp.getSetupClient() != null && rp.getSetupClient()) {
                return false; // skip validation if client is setup client (if we can setup client without protection access token then we allow also update it)
            }
        }

        final OxdServerConfiguration configuration = ServerLauncher.getInjector().getInstance(ConfigurationService.class).get();
        if (configuration.getProtectCommandsWithAccessToken() != null && !configuration.getProtectCommandsWithAccessToken()) {
            if (StringUtils.isBlank(params.getProtectionAccessToken())) {
                return false; // skip validation since protectCommandsWithAccessToken=false
            } // otherwise if token is not blank then let it validate it
        }

        final String accessToken = params.getProtectionAccessToken();

        if (StringUtils.isBlank(accessToken)) {
            throw new ErrorResponseException(ErrorResponseCode.BLANK_PROTECTION_ACCESS_TOKEN);
        }
        if (params instanceof RegisterSiteParams) {
            return false; // skip validation for site registration because we have to associate oxd_id with client_id, validation is performed inside operation
        }

        final RpService rpService = ServerLauncher.getInjector().getInstance(RpService.class);

        final Rp rp = rpService.getRp(params.getOxdId());
        if (StringUtils.isBlank(rp.getSetupClientId())) {
            throw new ErrorResponseException(ErrorResponseCode.NO_SETUP_CLIENT_FOR_OXD_ID);
        }

        final IntrospectionResponse introspectionResponse = introspect(accessToken, params.getOxdId());

        LOG.trace("access_token: " + accessToken + ", introspection: " + introspectionResponse + ", setupClientId: " + rp.getSetupClientId());
        if (StringUtils.isBlank(introspectionResponse.getClientId())) {
            throw new ErrorResponseException(ErrorResponseCode.NO_CLIENT_ID_IN_INTROSPECTION_RESPONSE);
        }

        if (introspectionResponse.getClientId().equals(rp.getSetupClientId())) {
            return true;
        }

        throw new ErrorResponseException(ErrorResponseCode.INVALID_PROTECTION_ACCESS_TOKEN);
    }

validate() [3/4]

void org.xdi.oxd.server.service.ValidationService.validate ( HasOxdIdParams  params )

inline

                                                {
        notNull(params);
        notBlankOxdId(params.getOxdId());
    }

validate() [4/4]

Rp org.xdi.oxd.server.service.ValidationService.validate ( Rp  rp )

inline

                              {
        if (rp == null) {
            throw new ErrorResponseException(ErrorResponseCode.INVALID_OXD_ID);
        }

        notBlankOxdId(rp.getOxdId());
        notBlankOpHost(rp.getOpHost());
        return rp;
    }

メンバ詳解

LOG

final Logger org.xdi.oxd.server.service.ValidationService.LOG = LoggerFactory.getLogger(ValidationService.class)

staticprivate

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxd/oxd-server/src/main/java/org/xdi/oxd/server/service/ValidationService.java