private Optional<ResponseEntity<OAuth20IntrospectionAccessTokenResponse>> validateIntrospectionRequest(final OAuthRegisteredService registeredService, final UsernamePasswordCredentials credentials, final HttpServletRequest request) { val tokenExists = HttpRequestUtils.doesParameterExist(request, OAuth20Constants.TOKEN) || HttpRequestUtils.doesParameterExist(request, OAuth20Constants.ACCESS_TOKEN); if (!tokenExists) { return Optional.of(buildBadRequestResponseEntity(OAuth20Constants.MISSING_ACCESS_TOKEN)); } if (OAuth20Utils.checkClientSecret(registeredService, credentials.getPassword())) { val service = webApplicationServiceServiceFactory.createService(registeredService.getServiceId()); val audit = AuditableContext.builder() .service(service) .registeredService(registeredService) .build(); val accessResult = this.registeredServiceAccessStrategyEnforcer.execute(audit); return accessResult.isExecutionFailure() ? Optional.of(buildUnauthorizedResponseEntity(OAuth20Constants.UNAUTHORIZED_CLIENT, false)) : Optional.empty(); } return Optional.of(buildUnauthorizedResponseEntity(OAuth20Constants.INVALID_CLIENT, true)); }
final ProfileManager manager, final UserProfile uProfile) { val request = context.getRequest(); if (!HttpRequestUtils.doesParameterExist(request, OAuth20Constants.REFRESH_TOKEN) || !HttpRequestUtils.doesParameterExist(request, OAuth20Constants.CLIENT_ID)) { return false;
val request = context.getRequest(); val checkParameterExist = Stream.of(OAuth20Constants.CLIENT_ID, OAuth20Constants.REDIRECT_URI, OAuth20Constants.RESPONSE_TYPE) .allMatch(s -> HttpRequestUtils.doesParameterExist(request, s));
@Override protected boolean validateInternal(final J2EContext context, final String grantType, final ProfileManager manager, final UserProfile uProfile) { val request = context.getRequest(); if (!HttpRequestUtils.doesParameterExist(request, OAuth20Constants.CLIENT_ID)) { return false; } val clientId = request.getParameter(OAuth20Constants.CLIENT_ID); LOGGER.debug("Received grant type [{}] with client id [{}]", grantType, clientId); val registeredService = OAuth20Utils.getRegisteredOAuthServiceByClientId(this.servicesManager, clientId); val service = webApplicationServiceServiceFactory.createService(registeredService.getServiceId()); val audit = AuditableContext.builder() .service(service) .registeredService(registeredService) .build(); val accessResult = this.registeredServiceAccessStrategyEnforcer.execute(audit); accessResult.throwExceptionIfNeeded(); if (!isGrantTypeSupportedBy(registeredService, grantType)) { LOGGER.warn("Requested grant type [{}] is not authorized by service definition [{}]", getGrantType(), registeredService.getServiceId()); return false; } return true; } }
val valid = HttpRequestUtils.doesParameterExist(request, OAuth20Constants.REDIRECT_URI) && HttpRequestUtils.doesParameterExist(request, OAuth20Constants.CODE) && OAuth20Utils.checkCallbackValid(clientRegisteredService, redirectUri);