Class OA2CLCCommands
- java.lang.Object
-
- edu.uiuc.ncsa.security.util.cli.CommonCommands
-
- org.oa4mp.server.admin.myproxy.oauth2.tools.OA2CLCCommands
-
- All Implemented Interfaces:
edu.uiuc.ncsa.security.core.Logable
,edu.uiuc.ncsa.security.util.cli.Commands
,Serializable
public class OA2CLCCommands extends edu.uiuc.ncsa.security.util.cli.CommonCommands
A command line client. Invoke help as needed, but the basic operation is to create the initial request url using theuri(InputLine)
call, paste it in your browser, authenticate (since this is an OIDC client, you must pass through a browser at some point). The call back should fail, so you copy the attempted callback from the service using thegrant(InputLine)
call. You can then do whatever you needed (get an access token, get refresh tokens if the server supports it) inspect id tokens and such.Created by Jeff Gaynor
on 5/11/16 at 2:57 PM- See Also:
- Serialized Form
-
-
Field Summary
-
Constructor Summary
Constructors Constructor Description OA2CLCCommands(boolean silentMode, edu.uiuc.ncsa.security.core.util.MyLoggingFacade logger, OA2CommandLineClient oa2CommandLineClient)
OA2CLCCommands(edu.uiuc.ncsa.security.core.util.MyLoggingFacade logger, OA2CommandLineClient oa2CommandLineClient)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
access(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
asset(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
authz(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
bootMessage()
void
bootstrap()
void
ccf(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
net.sf.json.JSONObject
ccf(Map parameters, boolean useRFC7523)
void
claims(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
clear(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
clear(edu.uiuc.ncsa.security.util.cli.InputLine inputLine, boolean clearParams)
void
clear_all_params(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
protected void
copyToClipboard(String target, String s)
protected String
createURI(String base, HashMap<String,String> args)
void
df(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
net.sf.json.JSONObject
df(Map map)
Do the device flow using the supplied map for extra parameters.void
echo_http_request(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
echo_http_response(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
exchange(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
protected void
exchangeHelp()
void
fromJSON(net.sf.json.JSONObject json)
protected void
fromJSON(net.sf.json.JSONObject json, boolean loadStoredConfig)
void
get_cert(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
get_param(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
protected void
getATHelp()
net.sf.json.JSONObject
getCcfResponse()
org.oa4mp.client.loader.OA2ClientEnvironment
getCe()
protected void
getCertHelp()
protected void
getClearHelp()
String
getConfigFile()
ATResponse2
getCurrentATResponse()
URI
getCurrentURI()
edu.uiuc.ncsa.security.core.util.MetaDebugUtil
getDebugger()
String
getDeviceCode()
long
getDfExpiresIn()
long
getDfInterval()
net.sf.json.JSONObject
getDfResponse()
org.oa4mp.client.loader.OA2Asset
getDummyAsset()
HashMap<String,Object>
getExchangeParameters()
net.sf.json.JSONObject
getExchangeResponse()
protected String
getFromClipboard(boolean silentMode)
AuthorizationGrantImpl
getGrant()
edu.uiuc.ncsa.security.util.cli.HelpUtil
getHelpUtil()
IDTokenImpl
getIdToken()
net.sf.json.JSONObject
getIntrospectResponse()
Throwable
getLastException()
String
getPrompt()
protected String
getRandomString()
HashMap<String,Object>
getRefreshParameters()
RefreshTokenImpl
getRefreshToken()
HashMap<String,Object>
getRequestParameters()
protected void
getRTHelp()
org.oa4mp.client.loader.OA2MPService
getService()
HashMap<String,Object>
getTokenParameters()
protected void
getUIHelp()
void
getURIHelp()
String
getUserCode()
X509Certificate[]
getX509Certificates()
String
getX509CertificateString()
Return the certificate(s) as a single PEM-encoded string.void
grant(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
boolean
hadException()
protected boolean
hasClipboard()
Peeks into clipboard to see if it is there and actually works.boolean
hasX509Certificates()
void
introspect(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
boolean
isErsatz()
boolean
isUseClipboard()
void
load(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
protected void
NEWprintToken(TokenImpl tokenImpl, boolean noVerify, boolean printRaw)
protected void
printGrant()
void
printToken(TokenImpl accessToken, boolean noVerify, boolean printRaw)
protected void
printTokens(boolean noVerify, boolean printRaw)
void
read(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
refresh()
void
refresh(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
net.sf.json.JSONObject
resolveFromToken(Token token, boolean noVerify)
Turns a token into a JSONObject if it is a JWT.void
revoke(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
rfc7523(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
net.sf.json.JSONObject
rfc7523(Map parameters)
void
rm_param(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
save_cert(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
If the state supports this, it will save the current cert to a file.protected void
saveCertHelp()
void
set_param(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
setCcfResponse(net.sf.json.JSONObject ccfResponse)
void
setCe(org.oa4mp.client.loader.OA2ClientEnvironment ce)
void
setConfigFile(String configFile)
void
setDebugUtil(edu.uiuc.ncsa.security.core.util.MetaDebugUtil metaDebugUtil)
Use this to explicitly override the debugger in the environment.void
setErsatz(boolean ersatz)
void
setExchangeParameters(HashMap<String,Object> exchangeParameters)
void
setExchangeResponse(net.sf.json.JSONObject exchangeResponse)
protected void
setGrantHelp()
void
setIDToken(IDTokenImpl idToken)
void
setLastException(Throwable lastException)
void
setRefreshParameters(HashMap<String,Object> refreshParameters)
void
setRequestParameters(HashMap<String,Object> requestParameters)
void
setTokenParameters(HashMap<String,Object> tokenParameters)
void
setUseClipboard(boolean useClipboard)
void
show_raw_id_token(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
protected void
showClaimsHelp()
protected void
showIntrospectHelp()
protected void
showRawTokenHelp()
protected void
showRevokeHelp()
net.sf.json.JSONObject
toJSON()
void
tokens(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
void
uri(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
Constructs the URIvoid
user_info(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
UserInfo
user_info2(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
boolean
validateJWT(String rawToken)
void
write(edu.uiuc.ncsa.security.util.cli.InputLine inputLine)
-
Methods inherited from class edu.uiuc.ncsa.security.util.cli.CommonCommands
clear_env, clearEnvHelp, debug, echo, echoHelp, error, get_env, getBufferedReader, getDriver, getInput, getIOInterface, getPlaceHolder, getPropertyHelp, getValue, gracefulExit, indentWidth, info, isBatch, isBatchFile, isBatchMode, isDebugOn, isEmpty, isOk, isPrintOuput, isVerbose, logit, print_env, print_help, printEnvHelp, printGetEnvHelp, printReadEnvHelp, printSaveEnvHelp, printSetEnvHelp, read_env, readFile, readJSON, readline, readline, save_env, say, say, say2, sayi, sayii, sayv, set_env, set_output_on, set_verbose_on, setBatchFile, setBatchMode, setBufferedReader, setDebugOn, setDriver, setHelpUtil, setIOInterface, setOutputOnHelp, setPlaceHolder, setPrintOuput, setVerbose, setVerboseHelp, showHelp, version, versionHelp, warn
-
-
-
-
Field Detail
-
ce
protected org.oa4mp.client.loader.OA2ClientEnvironment ce
-
IS_RFC_8628_KEY
public static final String IS_RFC_8628_KEY
- See Also:
- Constant Field Values
-
service
protected org.oa4mp.client.loader.OA2MPService service
-
NO_VERIFY_GRANT_FLAG
public static String NO_VERIFY_GRANT_FLAG
This is a specific flag for use in proxying only. It turns off the verification that the callback uri is the correct one. The reason is that proxies might have to go through a few forwards etc and there is no way to recover what the original URI was in Tomcat -- it would have to be reconstructed. Therefore, turn off checking this. It is not listed in help and is not normally a user-facing feature.
-
CLEAR_PARAMETERS_FLAG
public static String CLEAR_PARAMETERS_FLAG
-
NO_VERIFY_JWT
public static final String NO_VERIFY_JWT
- See Also:
- Constant Field Values
-
RAW_FLAG
public static final String RAW_FLAG
- See Also:
- Constant Field Values
-
CLAIMS_FLAG
public static final String CLAIMS_FLAG
- See Also:
- Constant Field Values
-
ASSET_KEY
protected String ASSET_KEY
-
AT_RESPONSE_KEY
protected String AT_RESPONSE_KEY
-
AUTHZ_GRANT_KEY
protected String AUTHZ_GRANT_KEY
-
AUTHZ_PARAMETERS_KEY
protected String AUTHZ_PARAMETERS_KEY
-
IS_ERSATZ_KEY
protected String IS_ERSATZ_KEY
Used if the client ID was used with another stored configuration to do a fork.
-
CLAIMS_KEY
public String CLAIMS_KEY
-
CONFIG_NAME_KEY
protected String CONFIG_NAME_KEY
-
CONFIG_FILE_KEY
protected String CONFIG_FILE_KEY
-
CURRENT_URI_KEY
protected String CURRENT_URI_KEY
-
DF_RESPONSE_KEY
protected String DF_RESPONSE_KEY
-
EXCHANGE_PARAMETERS_KEY
protected String EXCHANGE_PARAMETERS_KEY
-
INTROSPECT_RESPONSE_KEY
protected String INTROSPECT_RESPONSE_KEY
-
PRINT_OUTPUT_ON_KEY
protected String PRINT_OUTPUT_ON_KEY
-
REFRESH_PARAMETERS_KEY
protected String REFRESH_PARAMETERS_KEY
-
SYSTEM_MESSAGE_KEY
protected String SYSTEM_MESSAGE_KEY
-
TOKEN_PARAMETERS_KEY
protected String TOKEN_PARAMETERS_KEY
-
USER_MESSAGE_KEY
protected String USER_MESSAGE_KEY
-
VERBOSE_ON_KEY
protected String VERBOSE_ON_KEY
-
PROVISION_ONLY_FLAG
public static String PROVISION_ONLY_FLAG
-
PROVISION_ONLY_SHORT_FLAG
public static String PROVISION_ONLY_SHORT_FLAG
-
REQ_PARAM_SWITCH
public static final String REQ_PARAM_SWITCH
- See Also:
- Constant Field Values
-
SHORT_REQ_PARAM_SWITCH
public static final String SHORT_REQ_PARAM_SWITCH
- See Also:
- Constant Field Values
-
TOKEN_PARAM_SWITCH
public static final String TOKEN_PARAM_SWITCH
- See Also:
- Constant Field Values
-
SHORT_TOKEN_PARAM_SWITCH
public static final String SHORT_TOKEN_PARAM_SWITCH
- See Also:
- Constant Field Values
-
EXCHANGE_PARAM_SWITCH
public static final String EXCHANGE_PARAM_SWITCH
- See Also:
- Constant Field Values
-
SHORT_EXCHANGE_PARAM_SWITCH
public static final String SHORT_EXCHANGE_PARAM_SWITCH
- See Also:
- Constant Field Values
-
REFRESH_PARAM_SWITCH
public static final String REFRESH_PARAM_SWITCH
- See Also:
- Constant Field Values
-
SHORT_REFRESH_PARAM_SWITCH
public static final String SHORT_REFRESH_PARAM_SWITCH
- See Also:
- Constant Field Values
-
USERNAME_FLAG
public String USERNAME_FLAG
-
ALT_USERNAME_FLAG
public String ALT_USERNAME_FLAG
-
CCF_RFC7523
public static final String CCF_RFC7523
- See Also:
- Constant Field Values
-
CCF_SUB
public static final String CCF_SUB
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
OA2CLCCommands
public OA2CLCCommands(boolean silentMode, edu.uiuc.ncsa.security.core.util.MyLoggingFacade logger, OA2CommandLineClient oa2CommandLineClient) throws Throwable
- Throws:
Throwable
-
OA2CLCCommands
public OA2CLCCommands(edu.uiuc.ncsa.security.core.util.MyLoggingFacade logger, OA2CommandLineClient oa2CommandLineClient) throws Throwable
- Throws:
Throwable
-
-
Method Detail
-
getPrompt
public String getPrompt()
-
getCe
public org.oa4mp.client.loader.OA2ClientEnvironment getCe()
-
setCe
public void setCe(org.oa4mp.client.loader.OA2ClientEnvironment ce)
-
bootstrap
public void bootstrap() throws Throwable
- Specified by:
bootstrap
in interfaceedu.uiuc.ncsa.security.util.cli.Commands
- Overrides:
bootstrap
in classedu.uiuc.ncsa.security.util.cli.CommonCommands
- Throws:
Throwable
-
getHelpUtil
public edu.uiuc.ncsa.security.util.cli.HelpUtil getHelpUtil()
- Specified by:
getHelpUtil
in interfaceedu.uiuc.ncsa.security.util.cli.Commands
- Overrides:
getHelpUtil
in classedu.uiuc.ncsa.security.util.cli.CommonCommands
-
getDebugger
public edu.uiuc.ncsa.security.core.util.MetaDebugUtil getDebugger() throws Exception
- Throws:
Exception
-
setDebugUtil
public void setDebugUtil(edu.uiuc.ncsa.security.core.util.MetaDebugUtil metaDebugUtil)
Use this to explicitly override the debugger in the environment. This is needed if, e.g. QDL is running this as a utility and you want o have the same debugger.- Parameters:
metaDebugUtil
-
-
bootMessage
public void bootMessage()
-
getService
public org.oa4mp.client.loader.OA2MPService getService()
-
getConfigFile
public String getConfigFile()
-
setConfigFile
public void setConfigFile(String configFile)
-
getURIHelp
public void getURIHelp()
-
getRandomString
protected String getRandomString()
-
load
public void load(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Throwable
- Throws:
Throwable
-
df
public void df(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
df
public net.sf.json.JSONObject df(Map map) throws Exception
Do the device flow using the supplied map for extra parameters. This returns the raw response (parsed as JSON) from the server. If this is to send headers, set them with theServiceClient.HEADER_KEY
.- Parameters:
map
-- Returns:
- Throws:
Exception
-
getDfInterval
public long getDfInterval()
-
getDfExpiresIn
public long getDfExpiresIn()
-
getDfResponse
public net.sf.json.JSONObject getDfResponse()
-
getUserCode
public String getUserCode()
-
getDeviceCode
public String getDeviceCode()
-
getCurrentURI
public URI getCurrentURI()
-
uri
public void uri(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
Constructs the URI- Parameters:
inputLine
-- Throws:
Exception
-
isUseClipboard
public boolean isUseClipboard()
-
setUseClipboard
public void setUseClipboard(boolean useClipboard)
-
echo_http_request
public void echo_http_request(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
echo_http_response
public void echo_http_response(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
getFromClipboard
protected String getFromClipboard(boolean silentMode)
-
hasClipboard
protected boolean hasClipboard()
Peeks into clipboard to see if it is there and actually works. This is far from a perfect test since it only looks for a string in the clipboard, but actually testing every case for a supported flavor would be much more of a task.- Returns:
-
createURI
protected String createURI(String base, HashMap<String,String> args) throws UnsupportedEncodingException
- Throws:
UnsupportedEncodingException
-
getGrant
public AuthorizationGrantImpl getGrant()
-
printGrant
protected void printGrant()
-
grant
public void grant(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
getDummyAsset
public org.oa4mp.client.loader.OA2Asset getDummyAsset()
-
clear
public void clear(edu.uiuc.ncsa.security.util.cli.InputLine inputLine, boolean clearParams) throws Exception
- Throws:
Exception
-
clear
public void clear(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
getClearHelp
protected void getClearHelp()
-
saveCertHelp
protected void saveCertHelp()
-
save_cert
public void save_cert(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
If the state supports this, it will save the current cert to a file. The complete filename must be supplied, including any path.- Parameters:
inputLine
-- Throws:
Exception
-
getX509CertificateString
public String getX509CertificateString()
Return the certificate(s) as a single PEM-encoded string.- Returns:
-
getX509Certificates
public X509Certificate[] getX509Certificates()
-
hasX509Certificates
public boolean hasX509Certificates()
-
showRawTokenHelp
protected void showRawTokenHelp()
-
show_raw_id_token
public void show_raw_id_token(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
getIdToken
public IDTokenImpl getIdToken()
-
setIDToken
public void setIDToken(IDTokenImpl idToken)
-
getRefreshToken
public RefreshTokenImpl getRefreshToken()
-
claims
public void claims(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
showClaimsHelp
protected void showClaimsHelp()
-
showRevokeHelp
protected void showRevokeHelp()
-
revoke
public void revoke(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
showIntrospectHelp
protected void showIntrospectHelp()
-
introspect
public void introspect(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
getIntrospectResponse
public net.sf.json.JSONObject getIntrospectResponse()
-
asset
public void asset(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
access
public void access(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
getLastException
public Throwable getLastException()
-
setLastException
public void setLastException(Throwable lastException)
-
hadException
public boolean hadException()
-
getCurrentATResponse
public ATResponse2 getCurrentATResponse()
-
getCertHelp
protected void getCertHelp()
-
getUIHelp
protected void getUIHelp()
-
user_info
public void user_info(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
user_info2
public UserInfo user_info2(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
get_cert
public void get_cert(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
getRTHelp
protected void getRTHelp()
-
resolveFromToken
public net.sf.json.JSONObject resolveFromToken(Token token, boolean noVerify)
Turns a token into a JSONObject if it is a JWT. Otherwise, it returns a null.- Parameters:
token
-noVerify
-- Returns:
-
validateJWT
public boolean validateJWT(String rawToken)
-
authz
public void authz(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
tokens
public void tokens(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
printToken
public void printToken(TokenImpl accessToken, boolean noVerify, boolean printRaw)
-
NEWprintToken
protected void NEWprintToken(TokenImpl tokenImpl, boolean noVerify, boolean printRaw)
-
printTokens
protected void printTokens(boolean noVerify, boolean printRaw)
-
refresh
public void refresh(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
getATHelp
protected void getATHelp()
-
setGrantHelp
protected void setGrantHelp()
-
exchangeHelp
protected void exchangeHelp()
-
exchange
public void exchange(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
getExchangeResponse
public net.sf.json.JSONObject getExchangeResponse()
-
setExchangeResponse
public void setExchangeResponse(net.sf.json.JSONObject exchangeResponse)
-
fromJSON
protected void fromJSON(net.sf.json.JSONObject json, boolean loadStoredConfig) throws Throwable
- Throws:
Throwable
-
isErsatz
public boolean isErsatz()
-
setErsatz
public void setErsatz(boolean ersatz)
-
read
public void read(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Throwable
- Throws:
Throwable
-
toJSON
public net.sf.json.JSONObject toJSON()
-
write
public void write(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
setExchangeParameters
public void setExchangeParameters(HashMap<String,Object> exchangeParameters)
-
set_param
public void set_param(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
get_param
public void get_param(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
clear_all_params
public void clear_all_params(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
rm_param
public void rm_param(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
rfc7523
public void rfc7523(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
ccf
public void ccf(edu.uiuc.ncsa.security.util.cli.InputLine inputLine) throws Exception
- Throws:
Exception
-
ccf
public net.sf.json.JSONObject ccf(Map parameters, boolean useRFC7523) throws Exception
- Throws:
Exception
-
getCcfResponse
public net.sf.json.JSONObject getCcfResponse()
-
setCcfResponse
public void setCcfResponse(net.sf.json.JSONObject ccfResponse)
-
-