public final class OAuthUtils extends Object
| Modifier and Type | Method and Description |
|---|---|
static boolean |
checkRequestURI(String servletPath,
String uri) |
static boolean |
compareCertificateThumbprints(X509Certificate cert,
String encodedThumbprint) |
static boolean |
compareTlsCertificates(org.apache.cxf.security.transport.TLSSessionInfo tlsInfo,
List<String> base64EncodedCerts) |
static String |
convertListOfScopesToString(List<String> registeredScopes) |
static String |
convertPermissionsToScope(List<OAuthPermission> perms) |
static List<String> |
convertPermissionsToScopeList(List<OAuthPermission> perms) |
static byte[] |
createCertificateThumbprint(X509Certificate cert) |
static UserSubject |
createSubject(org.apache.cxf.jaxrs.ext.MessageContext mc,
org.apache.cxf.security.SecurityContext sc) |
static UserSubject |
createSubject(org.apache.cxf.security.SecurityContext securityContext) |
static String |
generateRandomTokenKey() |
static String |
generateRandomTokenKey(int byteSize) |
static org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider |
getClientSecretDecryptionProvider(String clientSecret) |
static org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider |
getClientSecretEncryptionProvider(String clientSecret) |
static org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm |
getClientSecretSignatureAlgorithm(Properties sigProps) |
static org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider |
getClientSecretSignatureProvider(String clientSecret) |
static org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier |
getClientSecretSignatureVerifier(String clientSecret) |
static long |
getIssuedAt() |
static String |
getIssuerDnFromTLSCertificates(X509Certificate cert) |
static List<String> |
getRequestedScopes(Client client,
String scopeParameter,
boolean useAllClientScopes,
boolean partialMatchScopeValidation) |
static List<String> |
getRequestedScopes(Client client,
String scopeParameter,
boolean useAllClientScopes,
boolean partialMatchScopeValidation,
boolean defaultToRegisteredScopes) |
static X509Certificate |
getRootTLSCertificate(org.apache.cxf.security.transport.TLSSessionInfo tlsInfo) |
static String |
getSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc) |
static String |
getSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc,
String attribute) |
static String |
getSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc,
String attribute,
boolean remove) |
static String |
getSubjectDnFromTLSCertificates(X509Certificate cert) |
static void |
injectContextIntoOAuthProvider(org.apache.cxf.jaxrs.ext.MessageContext context,
Object provider) |
static boolean |
isExpired(Long issuedAt,
Long lifetime) |
static boolean |
isGrantSupportedForClient(Client client,
boolean canSupportPublicClients,
String grantType) |
static boolean |
isMutualTls(javax.ws.rs.core.SecurityContext sc,
org.apache.cxf.security.transport.TLSSessionInfo tlsSessionInfo) |
static List<String> |
parseScope(String requestedScope) |
static void |
setCertificateThumbprintConfirmation(org.apache.cxf.jaxrs.ext.MessageContext mc,
X509Certificate cert) |
static String |
setSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc) |
static String |
setSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc,
int maxInactiveInterval) |
static String |
setSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc,
String sessionToken) |
static String |
setSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc,
String sessionToken,
int maxInactiveInterval) |
static String |
setSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc,
String sessionToken,
String attribute,
int maxInactiveInterval) |
static ClientAccessToken |
toClientAccessToken(ServerAccessToken serverToken,
boolean supportOptionalParams) |
static boolean |
validateAudience(String providedAudience,
List<String> allowedAudiences) |
static boolean |
validateAudiences(List<String> providedAudiences,
List<String> allowedAudiences) |
static boolean |
validateScopes(List<String> requestScopes,
List<String> registeredScopes,
boolean partialMatchScopeValidation) |
public static byte[] createCertificateThumbprint(X509Certificate cert) throws Exception
Exceptionpublic static void setCertificateThumbprintConfirmation(org.apache.cxf.jaxrs.ext.MessageContext mc,
X509Certificate cert)
public static boolean compareCertificateThumbprints(X509Certificate cert, String encodedThumbprint)
public static boolean compareTlsCertificates(org.apache.cxf.security.transport.TLSSessionInfo tlsInfo,
List<String> base64EncodedCerts)
public static boolean isMutualTls(javax.ws.rs.core.SecurityContext sc,
org.apache.cxf.security.transport.TLSSessionInfo tlsSessionInfo)
public static String getSubjectDnFromTLSCertificates(X509Certificate cert)
public static String getIssuerDnFromTLSCertificates(X509Certificate cert)
public static X509Certificate getRootTLSCertificate(org.apache.cxf.security.transport.TLSSessionInfo tlsInfo)
public static void injectContextIntoOAuthProvider(org.apache.cxf.jaxrs.ext.MessageContext context,
Object provider)
public static String setSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc)
public static String setSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc, int maxInactiveInterval)
public static String setSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc, String sessionToken)
public static String setSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc, String sessionToken, int maxInactiveInterval)
public static String setSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc, String sessionToken, String attribute, int maxInactiveInterval)
public static String getSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc)
public static String getSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc, String attribute)
public static String getSessionToken(org.apache.cxf.jaxrs.ext.MessageContext mc, String attribute, boolean remove)
public static UserSubject createSubject(org.apache.cxf.jaxrs.ext.MessageContext mc, org.apache.cxf.security.SecurityContext sc)
public static UserSubject createSubject(org.apache.cxf.security.SecurityContext securityContext)
public static String convertPermissionsToScope(List<OAuthPermission> perms)
public static List<String> convertPermissionsToScopeList(List<OAuthPermission> perms)
public static boolean isGrantSupportedForClient(Client client, boolean canSupportPublicClients, String grantType)
public static String generateRandomTokenKey() throws OAuthServiceException
OAuthServiceExceptionpublic static String generateRandomTokenKey(int byteSize)
public static long getIssuedAt()
public static boolean validateAudience(String providedAudience, List<String> allowedAudiences)
public static boolean validateAudiences(List<String> providedAudiences, List<String> allowedAudiences)
public static List<String> getRequestedScopes(Client client, String scopeParameter, boolean useAllClientScopes, boolean partialMatchScopeValidation)
public static List<String> getRequestedScopes(Client client, String scopeParameter, boolean useAllClientScopes, boolean partialMatchScopeValidation, boolean defaultToRegisteredScopes)
public static boolean validateScopes(List<String> requestScopes, List<String> registeredScopes, boolean partialMatchScopeValidation)
public static ClientAccessToken toClientAccessToken(ServerAccessToken serverToken, boolean supportOptionalParams)
public static org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider getClientSecretSignatureProvider(String clientSecret)
public static org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier getClientSecretSignatureVerifier(String clientSecret)
public static org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider getClientSecretDecryptionProvider(String clientSecret)
public static org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider getClientSecretEncryptionProvider(String clientSecret)
public static org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm getClientSecretSignatureAlgorithm(Properties sigProps)
Apache CXF