org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS クラス

org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS 連携図

公開メンバ関数
Response	createResource ( @HeaderParam("Authorization") String authorization, @ApiParam(value="Resource description", required=true) UmaResource resource)
Response	updateResource (@HeaderParam("Authorization") String authorization, @PathParam("rsid") @ApiParam(value="Resource description ID", required=true) String rsid, @ApiParam(value="Resource description JSON object", required=true) UmaResource resource)
Response	getResource ( @HeaderParam("Authorization") String authorization, @PathParam("rsid") @ApiParam(value="Resource description object ID", required=true) String rsid)
List< String >	getResourceList ( @HeaderParam("Authorization") String authorization, @QueryParam("scope") @ApiParam(value="Scope uri", required=false) String scope)
Response	deleteResource ( @HeaderParam("Authorization") String authorization, @PathParam("rsid") @ApiParam(value="Resource description ID", required=true) String rsid)
Response	unsupportedHeadMethod ()
Response	unsupportedOptionsMethod ()

静的公開変数類
static final int	DEFAULT_RESOURCE_LIFETIME = 2592000

関数
private< T > T	throwNotFoundException (String rsid)

非公開メンバ関数
Response	putResourceImpl (Response.Status status, String authorization, String rsid, UmaResource resource) throws IOException
String	addResource (String rsid, UmaResource resource, String userDn, String clientDn)
Date	getExpirationDate (Calendar creationCalender)
String	updateResource (String rsid, UmaResource resource)
int	incrementRev (String rev)
Response	throwUmaInternalErrorException ()

非公開変数類
Logger	log
TokenService	tokenService
UmaValidationService	umaValidationService
UmaResourceService	resourceService
ErrorResponseFactory	errorResponseFactory
AuthorizationGrantList	authorizationGrantList
UmaScopeService	umaScopeService
AppConfiguration	appConfiguration

静的非公開変数類
static final int	NOT_ALLOWED_STATUS = 405

詳解

The API available at the resource registration endpoint enables the resource server to put resources under the protection of an authorization server on behalf of the resource owner and manage them over time. Protection of a resource at the authorization server begins on successful registration and ends on successful deregistration.

The resource server uses a RESTful API at the authorization server's resource registration endpoint to create, read, update, and delete resource descriptions, along with retrieving lists of such descriptions. The descriptions consist of JSON documents that are maintained as web resources at the authorization server. (Note carefully the similar but distinct senses in which the word "resource" is used in this section.)

著者

Yuriy Zabrovarnyy

Yuriy Movchan Date: 02/12/2015

関数詳解

addResource()

String org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.addResource ( String  rsid, UmaResource  resource, String  userDn, String  clientDn  )

inlineprivate

                                                                                                  {
        log.debug("Adding new resource: '{}'", rsid);

        final String resourceDn = resourceService.getDnForResource(rsid);
        final List<String> scopeDNs = umaScopeService.getScopeDNsByIdsAndAddToLdapIfNeeded(resource.getScopes());

        final Calendar calendar = Calendar.getInstance();
        final org.xdi.oxauth.model.uma.persistence.UmaResource ldapResource = new org.xdi.oxauth.model.uma.persistence.UmaResource();

        ldapResource.setName(resource.getName());
        ldapResource.setDescription(resource.getDescription());
        ldapResource.setIconUri(resource.getIconUri());
        ldapResource.setId(rsid);
        ldapResource.setRev("1");
        ldapResource.setCreator(userDn);
        ldapResource.setDn(resourceDn);
        ldapResource.setScopes(scopeDNs);
        ldapResource.setScopeExpression(resource.getScopeExpression());
        ldapResource.setClients(new ArrayList<String>(Collections.singletonList(clientDn)));
        ldapResource.setType(resource.getType());
        ldapResource.setCreationDate(calendar.getTime());
        ldapResource.setExpirationDate(getExpirationDate(calendar));

        resourceService.addResource(ldapResource);

        return resourceDn;
    }

createResource()

Response org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.createResource ( @HeaderParam("Authorization") String  authorization, @ApiParam(value="Resource description", required=true) UmaResource  resource  )

inline

                                  {
        try {
            String id = UUID.randomUUID().toString();
            log.trace("Try to create resource, id: {}", id);

            return putResourceImpl(Response.Status.CREATED, authorization, id, resource);
        } catch (Exception ex) {
            log.error("Exception during resource creation", ex);

            if (ex instanceof WebApplicationException) {
                throw (WebApplicationException) ex;
            }

            return throwUmaInternalErrorException();
        }
    }

deleteResource()

Response org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.deleteResource ( @HeaderParam("Authorization") String  authorization, @PathParam("rsid") @ApiParam(value="Resource description ID", required=true) String  rsid  )

inline

                         {
        try {
            log.debug("Deleting resource descriptions'");

            final AuthorizationGrant authorizationGrant = umaValidationService.assertHasProtectionScope(authorization);
            umaValidationService.validateRestrictedByClient(authorizationGrant.getClientDn(), rsid);
            resourceService.remove(rsid);

            return Response.status(Response.Status.NO_CONTENT).build();
        } catch (Exception ex) {
            log.error("Error on DELETE Resource - " + ex.getMessage(), ex);

            if (ex instanceof WebApplicationException) {
                throw (WebApplicationException) ex;
            }

            return throwUmaInternalErrorException();
        }
    }

getExpirationDate()

Date org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.getExpirationDate ( Calendar  creationCalender )

inlineprivate

                                                              {
        int lifetime = appConfiguration.getUmaResourceLifetime();
        if (lifetime <= 0) {
            lifetime = DEFAULT_RESOURCE_LIFETIME;
        }
        creationCalender.add(Calendar.SECOND, lifetime);
        return creationCalender.getTime();
    }

getResource()

Response org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.getResource ( @HeaderParam("Authorization") String  authorization, @PathParam("rsid") @ApiParam(value="Resource description object ID", required=true) String  rsid  )

inline

                         {
        try {
            final AuthorizationGrant authorizationGrant = umaValidationService.assertHasProtectionScope(authorization);
            umaValidationService.validateRestrictedByClient(authorizationGrant.getClientDn(), rsid);
            log.debug("Getting resource description: '{}'", rsid);

            final org.xdi.oxauth.model.uma.persistence.UmaResource ldapResource = resourceService.getResourceById(rsid);

            final UmaResourceWithId response = new UmaResourceWithId();

            response.setId(ldapResource.getId());
            response.setName(ldapResource.getName());
            response.setDescription(ldapResource.getDescription());
            response.setIconUri(ldapResource.getIconUri());
            response.setScopes(umaScopeService.getScopeIdsByDns(ldapResource.getScopes()));
            response.setScopeExpression(ldapResource.getScopeExpression());
            response.setType(ldapResource.getType());
            response.setIat(ServerUtil.dateToSeconds(ldapResource.getCreationDate()));
            response.setExp(ServerUtil.dateToSeconds(ldapResource.getExpirationDate()));

            final ResponseBuilder builder = Response.ok();
            builder.entity(ServerUtil.asJson(response)); // convert manually to avoid possible conflicts between resteasy providers, e.g. jettison, jackson

            return builder.build();
        } catch (Exception ex) {
            log.error("Exception happened", ex);
            if (ex instanceof WebApplicationException) {
                throw (WebApplicationException) ex;
            }

            errorResponseFactory.throwUmaInternalErrorException();
            return null;// redundant but required statement by java

        }
    }

getResourceList()

List<String> org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.getResourceList ( @HeaderParam("Authorization") String  authorization, @QueryParam("scope") @ApiParam(value="Scope uri", required=false) String  scope  )

inline

Gets resource set lists. ATTENTION: "scope" is parameter added by gluu to have additional filtering. There is no such parameter in UMA specification.

引数

authorization	authorization
scope	scope of resource set for additional filtering, can blank string.

戻り値

resource set ids.

                          {
        try {
            log.trace("Getting list of resource descriptions.");

            final AuthorizationGrant authorizationGrant = umaValidationService.assertHasProtectionScope(authorization);
            final String clientDn = authorizationGrant.getClientDn();

            final List<org.xdi.oxauth.model.uma.persistence.UmaResource> ldapResources = resourceService
                    .getResourcesByAssociatedClient(clientDn);

            final List<String> result = new ArrayList<String>(ldapResources.size());
            for (org.xdi.oxauth.model.uma.persistence.UmaResource ldapResource : ldapResources) {

                // if scope parameter is not null then filter by it, otherwise just add to result
                if (StringUtils.isNotBlank(scope)) {
                    final List<String> scopeUrlsByDns = umaScopeService.getScopeIdsByDns(ldapResource.getScopes());
                    if (scopeUrlsByDns != null && scopeUrlsByDns.contains(scope)) {
                        result.add(ldapResource.getId());
                    }
                } else {
                    result.add(ldapResource.getId());
                }
            }

            return result;

        } catch (Exception ex) {
            log.error("Exception happened on getResourceList()", ex);
            if (ex instanceof WebApplicationException) {
                throw (WebApplicationException) ex;
            }
        }

        errorResponseFactory.throwUmaInternalErrorException();
        return Lists.newArrayList(); // redundant but required by java
    }

incrementRev()

int org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.incrementRev ( String  rev )

inlineprivate

                                         {
        try {
            return Integer.parseInt(rev) + 1;
        } catch (Exception e) {
            log.error(e.getMessage(), e);
        }
        return 1; // fallback
    }

putResourceImpl()

Response org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.putResourceImpl ( Response.Status  status, String  authorization, String  rsid, UmaResource  resource  ) throws IOException

inlineprivate

                                                                                                                                         {
        log.trace("putResourceImpl, rsid: {}, status:", rsid, status.name());

        AuthorizationGrant authorizationGrant = umaValidationService.assertHasProtectionScope(authorization);
        umaValidationService.validateResource(resource);

        String userDn = authorizationGrant.getUserDn();
        String clientDn = authorizationGrant.getClientDn();

        final String resourceDn;

        if (status == Response.Status.CREATED) {
            resourceDn = addResource(rsid, resource, userDn, clientDn);
        } else {
            umaValidationService.validateRestrictedByClient(clientDn, rsid);
            resourceDn = updateResource(rsid, resource);
        }

        // Load resource description
        org.xdi.oxauth.model.uma.persistence.UmaResource ldapUpdatedResource = resourceService.getResourceByDn(resourceDn);

        UmaResourceResponse response = new UmaResourceResponse();
        response.setId(ldapUpdatedResource.getId());

        return Response.status(status).
                entity(ServerUtil.asJson(response)).
                build();
    }

throwNotFoundException()

private<T> T org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.throwNotFoundException ( String  rsid )

inlinepackage

                                                      {
        log.error("Specified resource set description doesn't exist, id: " + rsid);
        errorResponseFactory.throwUmaNotFoundException();
        return null;
    }

throwUmaInternalErrorException()

Response org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.throwUmaInternalErrorException ( )

inlineprivate

                                                      {
        errorResponseFactory.throwUmaInternalErrorException();
        return null;
    }

unsupportedHeadMethod()

Response org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.unsupportedHeadMethod ( )

inline

                                            {
        log.error("HEAD method is not allowed");
        throw new WebApplicationException(Response.status(NOT_ALLOWED_STATUS).entity("HEAD Method Not Allowed").build());
    }

unsupportedOptionsMethod()

Response org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.unsupportedOptionsMethod ( )

inline

                                               {
        log.error("OPTIONS method is not allowed");
        throw new WebApplicationException(Response.status(NOT_ALLOWED_STATUS).entity("OPTIONS Method Not Allowed").build());
    }

updateResource() [1/2]

Response org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.updateResource ( @HeaderParam("Authorization") String  authorization, @PathParam("rsid") @ApiParam(value="Resource description ID", required=true) String  rsid, @ApiParam(value="Resource description JSON object", required=true) UmaResource  resource  )

inline

                                                             {
        try {
            return putResourceImpl(Response.Status.OK, authorization, rsid, resource);
        } catch (Exception ex) {
            log.error("Exception during resource update, rsId: " + rsid + ", message: " + ex.getMessage(), ex);

            if (ex instanceof WebApplicationException) {
                throw (WebApplicationException) ex;
            }

            return throwUmaInternalErrorException();
        }
    }

updateResource() [2/2]

String org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.updateResource ( String  rsid, UmaResource  resource  )

inlineprivate

                                                                     {
        log.debug("Updating resource description: '{}'.", rsid);

        org.xdi.oxauth.model.uma.persistence.UmaResource ldapResource = resourceService.getResourceById(rsid);
        if (ldapResource == null) {
            return throwNotFoundException(rsid);
        }

        ldapResource.setName(resource.getName());
        ldapResource.setDescription(resource.getDescription());
        ldapResource.setIconUri(resource.getIconUri());
        ldapResource.setScopes(umaScopeService.getScopeDNsByIdsAndAddToLdapIfNeeded(resource.getScopes()));
        ldapResource.setScopeExpression(resource.getScopeExpression());
        ldapResource.setRev(String.valueOf(incrementRev(ldapResource.getRev())));
        ldapResource.setType(resource.getType());
        if (resource.getExp() != null && resource.getExp() > 0) {
            ldapResource.setExpirationDate(new Date(resource.getExp() * 1000));
        }

        resourceService.updateResource(ldapResource);

        return ldapResource.getDn();
    }

メンバ詳解

appConfiguration

AppConfiguration org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.appConfiguration

private

authorizationGrantList

AuthorizationGrantList org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.authorizationGrantList

private

DEFAULT_RESOURCE_LIFETIME

final int org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.DEFAULT_RESOURCE_LIFETIME = 2592000

static

errorResponseFactory

ErrorResponseFactory org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.errorResponseFactory

private

log

Logger org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.log

private

NOT_ALLOWED_STATUS

final int org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.NOT_ALLOWED_STATUS = 405

staticprivate

resourceService

UmaResourceService org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.resourceService

private

tokenService

TokenService org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.tokenService

private

umaScopeService

UmaScopeService org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.umaScopeService

private

umaValidationService

UmaValidationService org.xdi.oxauth.uma.ws.rs.UmaResourceRegistrationWS.umaValidationService

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxAuth/Server/src/main/java/org/xdi/oxauth/uma/ws/rs/UmaResourceRegistrationWS.java