/** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getScope() */ public Set<String> getScope() { return client.getScope(); } /**
/** * Make sure the client has the appropriate scope and grant type. * @param client */ private void ensureRefreshTokenConsistency(ClientDetailsEntity client) { if (client.getAuthorizedGrantTypes().contains("refresh_token") || client.getScope().contains(SystemScopeService.OFFLINE_ACCESS)) { client.getScope().add(SystemScopeService.OFFLINE_ACCESS); client.getAuthorizedGrantTypes().add("refresh_token"); } }
private ClientDetailsEntity validateScopes(ClientDetailsEntity newClient) throws ValidationException { // scopes that the client is asking for Set<SystemScope> requestedScopes = scopeService.fromStrings(newClient.getScope()); // the scopes that the client can have must be a subset of the dynamically allowed scopes Set<SystemScope> allowedScopes = scopeService.removeRestrictedAndReservedScopes(requestedScopes); // if the client didn't ask for any, give them the defaults if (allowedScopes == null || allowedScopes.isEmpty()) { allowedScopes = scopeService.getDefaults(); } newClient.setScope(scopeService.toStrings(allowedScopes)); return newClient; }
private ClientDetailsEntity validateScopes(ClientDetailsEntity newClient) throws ValidationException { // scopes that the client is asking for Set<SystemScope> requestedScopes = scopeService.fromStrings(newClient.getScope()); // the scopes that the client can have must be a subset of the dynamically allowed scopes Set<SystemScope> allowedScopes = scopeService.removeRestrictedAndReservedScopes(requestedScopes); // if the client didn't ask for any, give them the defaults if (allowedScopes == null || allowedScopes.isEmpty()) { allowedScopes = scopeService.getDefaults(); } newClient.setScope(scopeService.toStrings(allowedScopes)); return newClient; }
/** * Make sure the client doesn't request any system reserved scopes */ private void ensureNoReservedScopes(ClientDetailsEntity client) { // make sure a client doesn't get any special system scopes Set<SystemScope> requestedScope = scopeService.fromStrings(client.getScope()); requestedScope = scopeService.removeReservedScopes(requestedScope); client.setScope(scopeService.toStrings(requestedScope)); }
Set<String> clientScopes = client.getScope(); request.setScope(clientScopes);
writeNullSafeArray(writer, client.getScope());
Set<String> allowedScopes = client.getScope();
private ClientDetailsEntity validateGrantTypes(ClientDetailsEntity newClient) throws ValidationException { if (newClient.getScope().contains("offline_access")) { // client asked for offline access newClient.setGrantTypes(Sets.newHashSet("authorization_code", "refresh_token")); // allow authorization code and refresh token grant types by default } else { newClient.getScope().remove(SystemScopeService.OFFLINE_ACCESS); newClient.getScope().remove(SystemScopeService.OFFLINE_ACCESS); newClient.getScope().remove(SystemScopeService.OPENID_SCOPE);
/** * Make sure the client has the appropriate scope and grant type. * @param client */ private void ensureRefreshTokenConsistency(ClientDetailsEntity client) { if (client.getAuthorizedGrantTypes().contains("refresh_token") || client.getScope().contains(SystemScopeService.OFFLINE_ACCESS)) { client.getScope().add(SystemScopeService.OFFLINE_ACCESS); client.getAuthorizedGrantTypes().add("refresh_token"); } }
private ClientDetailsEntity validateScopes(ClientDetailsEntity newClient) throws ValidationException { // scopes that the client is asking for Set<SystemScope> requestedScopes = scopeService.fromStrings(newClient.getScope()); // the scopes that the client can have must be a subset of the dynamically allowed scopes Set<SystemScope> allowedScopes = scopeService.removeRestrictedAndReservedScopes(requestedScopes); // if the client didn't ask for any, give them the defaults if (allowedScopes == null || allowedScopes.isEmpty()) { allowedScopes = scopeService.getDefaults(); } newClient.setScope(scopeService.toStrings(allowedScopes)); return newClient; }
private ClientDetailsEntity validateScopes(ClientDetailsEntity newClient) throws ValidationException { // scopes that the client is asking for Set<SystemScope> requestedScopes = scopeService.fromStrings(newClient.getScope()); // the scopes that the client can have must be a subset of the dynamically allowed scopes Set<SystemScope> allowedScopes = scopeService.removeRestrictedAndReservedScopes(requestedScopes); // if the client didn't ask for any, give them the defaults if (allowedScopes == null || allowedScopes.isEmpty()) { allowedScopes = scopeService.getDefaults(); } newClient.setScope(scopeService.toStrings(allowedScopes)); return newClient; }
/** * Make sure the client doesn't request any system reserved scopes */ private void ensureNoReservedScopes(ClientDetailsEntity client) { // make sure a client doesn't get any special system scopes Set<SystemScope> requestedScope = scopeService.fromStrings(client.getScope()); requestedScope = scopeService.removeReservedScopes(requestedScope); client.setScope(scopeService.toStrings(requestedScope)); }
Set<String> clientScopes = client.getScope(); request.setScope(clientScopes);
Set<String> allowedScopes = client.getScope();
writeNullSafeArray(writer, client.getScope());
private ClientDetailsEntity validateGrantTypes(ClientDetailsEntity newClient) throws ValidationException { if (newClient.getScope().contains("offline_access")) { // client asked for offline access newClient.setGrantTypes(Sets.newHashSet("authorization_code", "refresh_token")); // allow authorization code and refresh token grant types by default } else { newClient.getScope().remove(SystemScopeService.OFFLINE_ACCESS); newClient.getScope().remove(SystemScopeService.OFFLINE_ACCESS); newClient.getScope().remove(SystemScopeService.OPENID_SCOPE);