List of usage examples for org.springframework.util MultiValueMap add
void add(K key, @Nullable V value);
From source file:org.opentides.rest.impl.BaseCrudRestServiceImpl.java
@Override public void save(T command) { Map<String, String> vars = new HashMap<String, String>(); vars.put("id", command.getId() == null ? "" : command.getId().toString()); // ResponseEntity<T> response = // restTemplate.exchange(serverURL+"/"+sid, HttpMethod.POST, command, entityBeanType); // T resource = response.getBody(); // return resource; // // T response = restTemplate.postForObject(serverURL+"/"+sid, request, entityBeanType); // setup entity(headers) for basic authentication. List<String> restableFields = MTCacheUtil.getRestableFields(command); Map<String, Object> map = CrudUtil.buildMapValues(command, restableFields); MultiValueMap<String, Object> form = new LinkedMultiValueMap<String, Object>(); for (String key : map.keySet()) { form.add(key, map.get(key)); }/* w ww . j a v a 2 s.c om*/ RestResponse<T> r = new RestResponse<T>(); RestResponse<T> response = restTemplate.postForObject(serverURL + "/{id}", form, r.getClass(), vars); response.toString(); }
From source file:com.emergya.spring.security.oauth.google.GoogleAuthorizationCodeAccessTokenProvider.java
@Override public final OAuth2AccessToken refreshAccessToken(final OAuth2ProtectedResourceDetails resource, final OAuth2RefreshToken refreshToken, final AccessTokenRequest request) throws UserRedirectRequiredException, OAuth2AccessDeniedException { MultiValueMap<String, String> form = new LinkedMultiValueMap<>(); form.add("grant_type", "refresh_token"); form.add("refresh_token", refreshToken.getValue()); try {//from ww w.j ava 2s .co m return retrieveToken(request, resource, form, getHeadersForTokenRequest()); } catch (OAuth2AccessDeniedException e) { try { throw getRedirectForAuthorization((GoogleAuthCodeResourceDetails) resource, request); } catch (ClassCastException ex) { throw new IllegalArgumentException( "details is not an instance of class GoogleAuthCodeResourceDetails"); } } }
From source file:org.cloudfoundry.identity.uaa.login.feature.OpenIdTokenGrantsIT.java
private void doOpenIdHybridFlowIdTokenAndCode(Set<String> responseTypes, String responseTypeMatcher) throws Exception { HttpHeaders headers = new HttpHeaders(); // TODO: should be able to handle just TEXT_HTML headers.setAccept(Arrays.asList(MediaType.TEXT_HTML, MediaType.ALL)); StringBuilder responseType = new StringBuilder(); Iterator<String> rTypes = responseTypes.iterator(); while (rTypes.hasNext()) { String type = rTypes.next(); responseType.append(type);// w ww . ja va2 s. c o m if (rTypes.hasNext()) { responseType.append(" "); } } String state = new RandomValueStringGenerator().generate(); String clientId = "app"; String clientSecret = "appclientsecret"; String redirectUri = "http://anywhere.com"; String uri = loginUrl + "/oauth/authorize?response_type={response_type}&" + "state={state}&client_id={client_id}&redirect_uri={redirect_uri}"; ResponseEntity<Void> result = restOperations.exchange(uri, HttpMethod.GET, new HttpEntity<>(null, headers), Void.class, responseType, state, clientId, redirectUri); assertEquals(HttpStatus.FOUND, result.getStatusCode()); String location = UriUtils.decode(result.getHeaders().getLocation().toString(), "UTF-8"); if (result.getHeaders().containsKey("Set-Cookie")) { String cookie = result.getHeaders().getFirst("Set-Cookie"); headers.set("Cookie", cookie); } ResponseEntity<String> response = restOperations.exchange(location, HttpMethod.GET, new HttpEntity<>(null, headers), String.class); // should be directed to the login screen... assertTrue(response.getBody().contains("/login.do")); assertTrue(response.getBody().contains("username")); assertTrue(response.getBody().contains("password")); MultiValueMap<String, String> formData = new LinkedMultiValueMap<>(); formData.add("username", user.getUserName()); formData.add("password", "secret"); // Should be redirected to the original URL, but now authenticated result = restOperations.exchange(loginUrl + "/login.do", HttpMethod.POST, new HttpEntity<>(formData, headers), Void.class); assertEquals(HttpStatus.FOUND, result.getStatusCode()); if (result.getHeaders().containsKey("Set-Cookie")) { String cookie = result.getHeaders().getFirst("Set-Cookie"); headers.set("Cookie", cookie); } location = UriUtils.decode(result.getHeaders().getLocation().toString(), "UTF-8"); response = restOperations.exchange(location, HttpMethod.GET, new HttpEntity<>(null, headers), String.class); if (response.getStatusCode() == HttpStatus.OK) { // The grant access page should be returned assertTrue(response.getBody().contains("You can change your approval of permissions")); formData.clear(); formData.add("user_oauth_approval", "true"); result = restOperations.exchange(loginUrl + "/oauth/authorize", HttpMethod.POST, new HttpEntity<>(formData, headers), Void.class); assertEquals(HttpStatus.FOUND, result.getStatusCode()); location = UriUtils.decode(result.getHeaders().getLocation().toString(), "UTF-8"); } else { // Token cached so no need for second approval assertEquals(HttpStatus.FOUND, response.getStatusCode()); location = UriUtils.decode(response.getHeaders().getLocation().toString(), "UTF-8"); } assertTrue("Wrong location: " + location, location.matches(redirectUri + responseTypeMatcher.toString())); formData.clear(); formData.add("client_id", clientId); formData.add("redirect_uri", redirectUri); formData.add("grant_type", "authorization_code"); formData.add("code", location.split("code=")[1].split("&")[0]); HttpHeaders tokenHeaders = new HttpHeaders(); String basicDigestHeaderValue = "Basic " + new String(Base64.encodeBase64((clientId + ":" + clientSecret).getBytes())); tokenHeaders.set("Authorization", basicDigestHeaderValue); @SuppressWarnings("rawtypes") ResponseEntity<Map> tokenResponse = restOperations.exchange(loginUrl + "/oauth/token", HttpMethod.POST, new HttpEntity<>(formData, tokenHeaders), Map.class); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); @SuppressWarnings("unchecked") Map<String, String> body = tokenResponse.getBody(); Jwt token = JwtHelper.decode(body.get("access_token")); assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"aud\"")); assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"user_id\"")); }
From source file:org.mitreid.multiparty.web.ClientController.java
@RequestMapping(value = "claims_submitted") public String claimsSubmissionCallback(@RequestParam("authorization_state") String authorizationState, @RequestParam("state") String returnState, @RequestParam("ticket") String ticket, HttpSession session, Model m) {//from ww w .ja v a 2 s. c o m // get our saved information out of the session String savedState = (String) session.getAttribute(STATE_SESSION_VAR); String savedResource = (String) session.getAttribute(RESOURCE_SESSION_VAR); String savedAuthServerUri = (String) session.getAttribute(AUTHSERVERURI_SESSION_VAR); // make sure the state matches if (Strings.isNullOrEmpty(returnState) || !returnState.equals(savedState)) { // it's an error if it doesn't logger.error("Unable to match states"); return "home"; } if (authorizationState.equals("claims_submitted")) { // claims have been submitted, let's go try to get a token again // find the AS we need to talk to (maybe discover) MultipartyServerConfiguration server = serverConfig.getServerConfiguration(savedAuthServerUri); // find the client configuration (maybe register) RegisteredClient client = clientConfig.getClientConfiguration(server); HttpHeaders tokenHeaders = new HttpHeaders(); tokenHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED); // send request to the token endpoint MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("client_id", client.getClientId()); params.add("client_secret", client.getClientSecret()); params.add("grant_type", "urn:ietf:params:oauth:grant_type:multiparty-delegation"); params.add("ticket", ticket); //params.add("scope", "read write"); HttpEntity<MultiValueMap<String, String>> tokenRequest = new HttpEntity<>(params, tokenHeaders); ResponseEntity<String> tokenResponse = restTemplate.postForEntity(server.getTokenEndpointUri(), tokenRequest, String.class); JsonObject o = parser.parse(tokenResponse.getBody()).getAsJsonObject(); if (o.has("error")) { if (o.get("error").getAsString().equals("need_info")) { // if we get need info, redirect JsonObject details = o.get("error_details").getAsJsonObject(); // this is the URL to send the user to String claimsEndpoint = details.get("requesting_party_claims_endpoint").getAsString(); String newTicket = details.get("ticket").getAsString(); // set a state value for our return String state = UUID.randomUUID().toString(); session.setAttribute(STATE_SESSION_VAR, state); // save bits about the request we were trying to make session.setAttribute(RESOURCE_SESSION_VAR, savedResource); session.setAttribute(AUTHSERVERURI_SESSION_VAR, savedAuthServerUri); UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(claimsEndpoint) .queryParam("client_id", client.getClientId()).queryParam("ticket", newTicket) .queryParam("claims_redirect_uri", client.getClaimsRedirectUris().iterator().next()) // get the first one and punt .queryParam("state", state); return "redirect:" + builder.build(); } else { // it's an error we don't know how to deal with, give up logger.error("Unknown error from token endpoint: " + o.get("error").getAsString()); return "home"; } } else { // if we get an access token, try it again String accessTokenValue = o.get("access_token").getAsString(); acccessTokenService.saveAccesstoken(savedResource, accessTokenValue); HttpHeaders headers = new HttpHeaders(); if (!Strings.isNullOrEmpty(accessTokenValue)) { headers.add("Authorization", "Bearer " + accessTokenValue); } HttpEntity<Object> request = new HttpEntity<>(headers); ResponseEntity<String> responseEntity = restTemplate.exchange(savedResource, HttpMethod.GET, request, String.class); if (responseEntity.getStatusCode().equals(HttpStatus.OK)) { // if we get back data, display it JsonObject rso = parser.parse(responseEntity.getBody()).getAsJsonObject(); m.addAttribute("label", rso.get("label").getAsString()); m.addAttribute("value", rso.get("value").getAsString()); return "home"; } else { logger.error("Unable to get a token"); return "home"; } } } else { logger.error("Unknown response from claims endpoing: " + authorizationState); return "home"; } }
From source file:org.mitreid.multiparty.web.ResourceController.java
/** * @param incomingAccessToken//from www .j a v a 2 s . co m * @param server * @param client * @param protectionAccessTokenValue * @return */ private JsonObject introspectToken(String incomingAccessToken, MultipartyServerConfiguration server, RegisteredClient client, String protectionAccessTokenValue) { // POST to the introspection endpoint and get the results MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("token", incomingAccessToken); HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); headers.add("Authorization", "Bearer " + protectionAccessTokenValue); HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(params, headers); HttpEntity<String> responseEntity = restTemplate.postForEntity(server.getIntrospectionEndpointUri(), request, String.class); JsonObject rso = parser.parse(responseEntity.getBody()).getAsJsonObject(); return rso; }
From source file:org.mitreid.multiparty.web.ResourceController.java
@RequestMapping("/pat_callback") @PreAuthorize("hasRole('ROLE_USER')") public String patCallback(@RequestParam("code") String code, @RequestParam("state") String state, Principal p, HttpSession session) {//from w w w. j a va 2 s. c o m String savedState = (String) session.getAttribute("STATE"); if (!state.equals(savedState)) { throw new IllegalArgumentException("State doesn't match: shenanigans!"); } String issuer = (String) session.getAttribute("SHARE_ISSUER"); MultipartyServerConfiguration server = serverConfig.getServerConfiguration(issuer); RegisteredClient client = clientConfig.getClientConfiguration(server); MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("client_id", client.getClientId()); params.add("client_secret", client.getClientSecret()); params.add("redirect_uri", "http://localhost:8080/multiparty-resource/pat_callback"); params.add("grant_type", "authorization_code"); params.add("code", code); String responseString = restTemplate.postForObject(server.getTokenEndpointUri(), params, String.class); JsonObject o = parser.parse(responseString).getAsJsonObject(); String accessTokenValue = o.get("access_token").getAsString(); acccessTokenService.saveAccesstoken(server, client, accessTokenValue); // now we register the resource set return registerResourceSet(p, issuer, server, accessTokenValue); }
From source file:de.zib.gndms.gndmc.AbstractClient.java
/** * Upload (POST) a file on a url./*from w w w . ja va2 s .com*/ * * The request header contains a given user name, the body of the request contains * a given object of type P. * * @param <T> The body type of the response. * @param clazz The type of the return value. * @param fileName Remote filename. * @param originalFileName Path to local file. * @param url The url of the request. * @param dn The user name. * @return The response as entity. */ protected final <T> ResponseEntity<T> postFile(final Class<T> clazz, final String fileName, final String originalFileName, final String url, final String dn) { GNDMSResponseHeader requestHeaders = new GNDMSResponseHeader(); MultiValueMap<String, Object> form = new LinkedMultiValueMap<String, Object>(); final HttpEntity requestEntity; if (dn != null) { requestHeaders.setDN(dn); } form.add("file", new FileSystemResource(originalFileName)); requestEntity = new HttpEntity(form, requestHeaders); if (null == restTemplate) throw new NullPointerException("Please set RestTemplate in Client!"); return restTemplate.postForEntity(url, requestEntity, clazz); }
From source file:de.uni_koeln.spinfo.maalr.webapp.controller.WebMVCController.java
@RequestMapping(value = "/persona/login", method = RequestMethod.POST) @ResponseBody/*from w ww . j av a 2s. c om*/ public String authenticateWithPersona(@RequestParam String assertion, HttpServletRequest request, Model model) throws IOException { String contextPath = Configuration.getInstance().getDictContext(); if (SecurityContextHolder.getContext().getAuthentication() != null) { if (!SecurityContextHolder.getContext().getAuthentication().getName().equals("anonymousUser")) { Collection<? extends GrantedAuthority> authorities = SecurityContextHolder.getContext() .getAuthentication().getAuthorities(); for (GrantedAuthority grantedAuthority : authorities) { logger.info("GrantedAuthority: " + grantedAuthority.getAuthority()); if (grantedAuthority.getAuthority().equals("ROLE_ADMIN")) return contextPath + "/admin/admin"; if (grantedAuthority.getAuthority().equals("ROLE_TRUSTED_IN")) return contextPath + "/editor/editor"; return contextPath; } } } MultiValueMap<String, String> params = new LinkedMultiValueMap<String, String>(); params.add("assertion", assertion); params.add("audience", request.getScheme() + "://" + request.getServerName() + ":" + (request.getServerPort() == 80 ? "" : request.getServerPort())); // Initialize RestTamplate RestTemplate restTemplate = new RestTemplate(); restTemplate.getMessageConverters().add(new MappingJackson2HttpMessageConverter()); restTemplate.getMessageConverters().add(new StringHttpMessageConverter()); PersonaVerificationResponse response = restTemplate.postForObject( "https://verifier.login.persona.org/verify", params, PersonaVerificationResponse.class); logger.info("PersonaAuth: PersonaVerificationResponse={}", response.toString()); if (response.getStatus().equals("okay")) { request.getSession().setMaxInactiveInterval(30 * 60); // Set session timeout to 30 minutes MaalrUserInfo user = users.getByEmail(response.getEmail()); if (user == null) { user = register(response); logger.info("PersonaAuth: signed up new user for email={}", user.getEmail()); authUser(user); return contextPath; } else { logger.info("PersonaAuth: user found by email={}", user.getEmail()); authUser(user); return contextPath; } } else { logger.warn("Persona authentication failed due to reason: " + response.getReason()); throw new IllegalStateException("Authentication failed"); } }
From source file:org.mitreid.multiparty.web.ClientController.java
@RequestMapping(value = "/fetch", method = RequestMethod.POST, consumes = MimeTypeUtils.APPLICATION_FORM_URLENCODED_VALUE) public String fetch(@RequestParam("resource") String resource, Model m, HttpSession session) { // get the access token if we have one String accessTokenValue = acccessTokenService.getAccessToken(resource); // send our request to the resource HttpHeaders headers = new HttpHeaders(); if (!Strings.isNullOrEmpty(accessTokenValue)) { headers.add("Authorization", "Bearer " + accessTokenValue); }/*from w ww . j a v a2s. co m*/ @SuppressWarnings("rawtypes") HttpEntity request = new HttpEntity<>(headers); ResponseEntity<String> responseEntity = restTemplate.exchange(resource, HttpMethod.GET, request, String.class); if (responseEntity.getStatusCode().equals(HttpStatus.OK)) { // if we get back data, display it JsonObject rso = parser.parse(responseEntity.getBody()).getAsJsonObject(); m.addAttribute("label", rso.get("label").getAsString()); m.addAttribute("value", rso.get("value").getAsString()); return "home"; } else { // if we get back an error, try to get an access token List<String> authHeaders = responseEntity.getHeaders().get(HttpHeaders.WWW_AUTHENTICATE); // assume there's only one auth header for now String authHeader = Iterators.getOnlyElement(authHeaders.iterator()); // parse the header to get the good bits String authServerUri = null; String ticket = null; Iterable<String> parts = Splitter.on(",").split(authHeader.substring("UMA ".length())); for (String part : parts) { List<String> subparts = Splitter.on("=").splitToList(part.trim()); if (subparts.get(0).equals("as_uri")) { authServerUri = subparts.get(1); // strip quotes authServerUri = authServerUri.substring(1, authServerUri.length() - 1); } else if (subparts.get(0).equals("ticket")) { ticket = subparts.get(1); // strip quotes ticket = ticket.substring(1, ticket.length() - 1); } } // find the AS we need to talk to (maybe discover) MultipartyServerConfiguration server = serverConfig.getServerConfiguration(authServerUri); // find the client configuration (maybe register) RegisteredClient client = clientConfig.getClientConfiguration(server); HttpHeaders tokenHeaders = new HttpHeaders(); tokenHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED); // send request to the token endpoint MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("client_id", client.getClientId()); params.add("client_secret", client.getClientSecret()); params.add("grant_type", "urn:ietf:params:oauth:grant_type:multiparty-delegation"); params.add("ticket", ticket); //params.add("scope", "read write"); HttpEntity<MultiValueMap<String, String>> tokenRequest = new HttpEntity<>(params, tokenHeaders); ResponseEntity<String> tokenResponse = restTemplate.postForEntity(server.getTokenEndpointUri(), tokenRequest, String.class); JsonObject o = parser.parse(tokenResponse.getBody()).getAsJsonObject(); if (o.has("error")) { if (o.get("error").getAsString().equals("need_info")) { // if we get need info, redirect JsonObject details = o.get("error_details").getAsJsonObject(); // this is the URL to send the user to String claimsEndpoint = details.get("requesting_party_claims_endpoint").getAsString(); String newTicket = details.get("ticket").getAsString(); // set a state value for our return String state = UUID.randomUUID().toString(); session.setAttribute(STATE_SESSION_VAR, state); // save bits about the request we were trying to make session.setAttribute(RESOURCE_SESSION_VAR, resource); session.setAttribute(AUTHSERVERURI_SESSION_VAR, authServerUri); UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(claimsEndpoint) .queryParam("client_id", client.getClientId()).queryParam("ticket", newTicket) .queryParam("claims_redirect_uri", client.getClaimsRedirectUris().iterator().next()) // get the first one and punt .queryParam("state", state); return "redirect:" + builder.build(); } else { // it's an error we don't know how to deal with, give up logger.error("Unknown error from token endpoint: " + o.get("error").getAsString()); return "home"; } } else { // if we get an access token, try it again accessTokenValue = o.get("access_token").getAsString(); acccessTokenService.saveAccesstoken(resource, accessTokenValue); headers = new HttpHeaders(); if (!Strings.isNullOrEmpty(accessTokenValue)) { headers.add("Authorization", "Bearer " + accessTokenValue); } request = new HttpEntity<>(headers); responseEntity = restTemplate.exchange(resource, HttpMethod.GET, request, String.class); if (responseEntity.getStatusCode().equals(HttpStatus.OK)) { // if we get back data, display it JsonObject rso = parser.parse(responseEntity.getBody()).getAsJsonObject(); m.addAttribute("label", rso.get("label").getAsString()); m.addAttribute("value", rso.get("value").getAsString()); return "home"; } else { logger.error("Unable to get a token"); return "home"; } } } }