org.mitre.uma.web.PermissionRegistrationEndpoint クラス

org.mitre.uma.web.PermissionRegistrationEndpoint 連携図

公開メンバ関数
String	getPermissionTicket (@RequestBody String jsonString, Model m, Authentication auth)

静的公開変数類
static final String	URL = "permission"

非公開変数類
PermissionService	permissionService
ResourceSetService	resourceSetService
SystemScopeService	scopeService
JsonParser	parser = new JsonParser()

静的非公開変数類
static final Logger	logger = LoggerFactory.getLogger(PermissionRegistrationEndpoint.class)

詳解

著者

jricher

関数詳解

getPermissionTicket()

String org.mitre.uma.web.PermissionRegistrationEndpoint.getPermissionTicket ( @RequestBody String  jsonString, Model  m, Authentication  auth  )

inline

                                                                                                        {

                ensureOAuthScope(auth, SystemScopeService.UMA_PROTECTION_SCOPE);

                try {

                        // parse the permission request

                        JsonElement el = parser.parse(jsonString);
                        if (el.isJsonObject()) {
                                JsonObject o = el.getAsJsonObject();

                                Long rsid = getAsLong(o, "resource_set_id");
                                Set<String> scopes = getAsStringSet(o, "scopes");

                                if (rsid == null || scopes == null || scopes.isEmpty()){
                                        // missing information
                                        m.addAttribute("code", HttpStatus.BAD_REQUEST);
                                        m.addAttribute("errorMessage", "Missing required component of permission registration request.");
                                        return JsonErrorView.VIEWNAME;
                                }

                                // trim any restricted scopes
                                Set<SystemScope> scopesRequested = scopeService.fromStrings(scopes);
                                scopesRequested = scopeService.removeRestrictedAndReservedScopes(scopesRequested);
                                scopes = scopeService.toStrings(scopesRequested);

                                ResourceSet resourceSet = resourceSetService.getById(rsid);

                                // requested resource set doesn't exist
                                if (resourceSet == null) {
                                        m.addAttribute("code", HttpStatus.NOT_FOUND);
                                        m.addAttribute("errorMessage", "Requested resource set not found: " + rsid);
                                        return JsonErrorView.VIEWNAME;
                                }

                                // authorized user of the token doesn't match owner of the resource set
                                if (!resourceSet.getOwner().equals(auth.getName())) {
                                        m.addAttribute("code", HttpStatus.FORBIDDEN);
                                        m.addAttribute("errorMessage", "Party requesting permission is not owner of resource set, expected " + resourceSet.getOwner() + " got " + auth.getName());
                                        return JsonErrorView.VIEWNAME;
                                }

                                // create the permission
                                PermissionTicket permission = permissionService.createTicket(resourceSet, scopes);

                                if (permission != null) {
                                        // we've created the permission, return the ticket
                                        JsonObject out = new JsonObject();
                                        out.addProperty("ticket", permission.getTicket());
                                        m.addAttribute("entity", out);

                                        m.addAttribute("code", HttpStatus.CREATED);

                                        return JsonEntityView.VIEWNAME;
                                } else {
                                        // there was a failure creating the permission object

                                        m.addAttribute("code", HttpStatus.INTERNAL_SERVER_ERROR);
                                        m.addAttribute("errorMessage", "Unable to save permission and generate ticket.");

                                        return JsonErrorView.VIEWNAME;
                                }

                        } else {
                                // malformed request
                                m.addAttribute("code", HttpStatus.BAD_REQUEST);
                                m.addAttribute("errorMessage", "Malformed JSON request.");
                                return JsonErrorView.VIEWNAME;
                        }
                } catch (JsonParseException e) {
                        // malformed request
                        m.addAttribute("code", HttpStatus.BAD_REQUEST);
                        m.addAttribute("errorMessage", "Malformed JSON request.");
                        return JsonErrorView.VIEWNAME;
                }

        }

メンバ詳解

logger

final Logger org.mitre.uma.web.PermissionRegistrationEndpoint.logger = LoggerFactory.getLogger(PermissionRegistrationEndpoint.class)

staticprivate

parser

JsonParser org.mitre.uma.web.PermissionRegistrationEndpoint.parser = new JsonParser()

private

permissionService

PermissionService org.mitre.uma.web.PermissionRegistrationEndpoint.permissionService

private

resourceSetService

ResourceSetService org.mitre.uma.web.PermissionRegistrationEndpoint.resourceSetService

private

scopeService

SystemScopeService org.mitre.uma.web.PermissionRegistrationEndpoint.scopeService

private

URL

final String org.mitre.uma.web.PermissionRegistrationEndpoint.URL = "permission"

static

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/mitreid-connect/src/uma-server/src/main/java/org/mitre/uma/web/PermissionRegistrationEndpoint.java