public ATResponse2 getAccessToken(OA2Asset asset, AuthorizationGrant ag) { DelegatedAssetRequest dar = new DelegatedAssetRequest(); dar.setAuthorizationGrant(ag); dar.setClient(getEnvironment().getClient()); Map<String, String> m1 = getATParameters(asset, ag, null); dar.setParameters(m1); ATResponse2 atResponse2 = (ATResponse2) getEnvironment().getDelegationService().getAT(dar); asset.setIssuedAt((Date) atResponse2.getParameters().get(OA2Claims.ISSUED_AT)); asset.setUsername((String) atResponse2.getParameters().get(OA2Claims.SUBJECT)); if (!NonceHerder.hasNonce((String) atResponse2.getParameters().get(OA2Constants.NONCE))) { throw new InvalidNonceException("Unknown nonce."); } NonceHerder.removeNonce((String) atResponse2.getParameters().get(OA2Constants.NONCE)); // prevent replay attacks. asset.setAccessToken(atResponse2.getAccessToken()); asset.setRefreshToken(atResponse2.getRefreshToken()); getAssetStore().save(asset); return atResponse2; }
/** * Does the actual work getting the cert. * * @param asset * @param ag * @param v * @return */ protected AssetResponse getCert(Asset asset, AuthorizationGrant ag, Verifier v) { DelegatedAssetRequest dar = new DelegatedAssetRequest(); dar.setAuthorizationGrant(ag); dar.setClient(getEnvironment().getClient()); dar.setVerifier(v); dar.setParameters(getATParameters(asset, ag, v)); Map<String, String> m1 = getAssetParameters(asset); preGetCert(asset, m1); dar.setAssetParameters(m1); DelegatedAssetResponse daResp = (DelegatedAssetResponse) getEnvironment().getDelegationService().process(dar); AssetResponse par = new AssetResponse(); MyX509Certificates myX509Certificate = (MyX509Certificates) daResp.getProtectedAsset(); par.setX509Certificates(myX509Certificate.getX509Certificates()); par.setUsername(daResp.getAdditionalInformation().get("username")); postGetCert(asset, par); asset.setUsername(par.getUsername()); asset.setCertificates(par.getX509Certificates()); getEnvironment().getAssetStore().save(asset); return par; }