• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

Java OIDCTokenResponse类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Java中com.nimbusds.openid.connect.sdk.OIDCTokenResponse的典型用法代码示例。如果您正苦于以下问题:Java OIDCTokenResponse类的具体用法?Java OIDCTokenResponse怎么用?Java OIDCTokenResponse使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



OIDCTokenResponse类属于com.nimbusds.openid.connect.sdk包,在下文中一共展示了OIDCTokenResponse类的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: validate

import com.nimbusds.openid.connect.sdk.OIDCTokenResponse; //导入依赖的package包/类
@Override
public void validate(final OidcCredentials credentials, final WebContext context) throws HttpAction {
    init(context);

    final AuthorizationCode code = credentials.getCode();
    // if we have a code
    if (code != null) {
        try {
            // Token request
            final TokenRequest request = new TokenRequest(configuration.getProviderMetadata().getTokenEndpointURI(), this.clientAuthentication,
                    new AuthorizationCodeGrant(code, new URI(configuration.getCallbackUrl())));
            HTTPRequest tokenHttpRequest = request.toHTTPRequest();
            tokenHttpRequest.setConnectTimeout(configuration.getConnectTimeout());
            tokenHttpRequest.setReadTimeout(configuration.getReadTimeout());

            final HTTPResponse httpResponse = tokenHttpRequest.send();
            logger.debug("Token response: status={}, content={}", httpResponse.getStatusCode(),
                    httpResponse.getContent());

            final TokenResponse response = OIDCTokenResponseParser.parse(httpResponse);
            if (response instanceof TokenErrorResponse) {
                throw new TechnicalException("Bad token response, error=" + ((TokenErrorResponse) response).getErrorObject());
            }
            logger.debug("Token response successful");
            final OIDCTokenResponse tokenSuccessResponse = (OIDCTokenResponse) response;

            // save tokens in credentials
            final OIDCTokens oidcTokens = tokenSuccessResponse.getOIDCTokens();
            credentials.setAccessToken(oidcTokens.getAccessToken());
            credentials.setRefreshToken(oidcTokens.getRefreshToken());
            credentials.setIdToken(oidcTokens.getIDToken());

        } catch (final URISyntaxException | IOException | ParseException e) {
            throw new TechnicalException(e);
        }
    }
}
 
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:38,代码来源:OidcAuthenticator.java


示例2: tokenRequestInt

import com.nimbusds.openid.connect.sdk.OIDCTokenResponse; //导入依赖的package包/类
@Nullable
protected OIDCTokenResponse tokenRequestInt(TokenRequest tokenReq, HttpServletResponse resp)
		throws GeneralSecurityException, JOSEException, ParseException {
	ClientAuthentication auth = tokenReq.getClientAuthentication();
	ClientID clientId = auth != null ? auth.getClientID() : tokenReq.getClientID();
	AuthorizationGrant grant = tokenReq.getAuthorizationGrant();
	CodeHash cHash = null;
	if (grant != null && grant.getType() == GrantType.AUTHORIZATION_CODE) {
		AuthorizationCodeGrant codeGrant = (AuthorizationCodeGrant) grant;
		cHash = CodeHash.compute(codeGrant.getAuthorizationCode(), JWSAlgorithm.RS256);
	}

	AccessToken at = new BearerAccessToken();
	AccessTokenHash atHash = AccessTokenHash.compute(at, JWSAlgorithm.RS256);
	// save access token if honest op
	if (type == OPType.HONEST) {
		stepCtx.put(OPContextConstants.HONEST_ACCESSTOKEN, at);
	}

	Nonce nonce = (Nonce) stepCtx.get(OPContextConstants.AUTH_REQ_NONCE);

	JWT idToken = getIdToken(clientId, nonce, atHash, cHash);

	OIDCTokens tokens = new OIDCTokens(idToken, at, null);
	OIDCTokenResponse tokenRes = new OIDCTokenResponse(tokens);

	return tokenRes;
}
 
开发者ID:RUB-NDS,项目名称:PrOfESSOS,代码行数:29,代码来源:DefaultOP.java


示例3: processOIDCAuthResponse

import com.nimbusds.openid.connect.sdk.OIDCTokenResponse; //导入依赖的package包/类
protected AuthenticationMechanismOutcome processOIDCAuthResponse(HttpServerExchange exchange) {
	try {
		AuthenticationResponse authResp = authenticate(exchange);

		if (authResp instanceof AuthenticationErrorResponse) {
			ErrorObject error = ((AuthenticationErrorResponse) authResp).getErrorObject();
			throw new IllegalStateException(String.format("OIDC Authentication error: code %s description: %s", error.getCode(), error.getDescription()));
		}

		AuthenticationSuccessResponse successResponse = (AuthenticationSuccessResponse) authResp;

		// could store returnURL/state
		// in session but state is encrypted
		State state = successResponse.getState();
		String returnURL = restoreState(state != null ? state.getValue() : null, exchange);

		AuthorizationCode authCode = successResponse.getAuthorizationCode();
		JWT idToken = successResponse.getIDToken();
		AccessToken accessToken = successResponse.getAccessToken();

		if (idToken == null && authCode != null) {
			OIDCTokenResponse tokenResponse = fetchToken(authCode, exchange);
			idToken = tokenResponse.getOIDCTokens().getIDToken();
			accessToken = tokenResponse.getOIDCTokens().getAccessToken();
		}
		validateToken(idToken, exchange, true);
		return complete(idToken.getJWTClaimsSet(), accessToken, returnURL, exchange, true);

	} catch (Exception e) {
		LOG.log(Level.SEVERE, "", e);
		OIDCContext oidcContext = exchange.getAttachment(OIDCContext.ATTACHMENT_KEY);
		oidcContext.setError(true);
		exchange.getSecurityContext().authenticationFailed("OIDC auth response processing failed", mechanismName);
		return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
	}

}
 
开发者ID:aaronanderson,项目名称:swarm-oidc,代码行数:38,代码来源:OIDCAuthenticationMechanism.java


示例4: fetchToken

import com.nimbusds.openid.connect.sdk.OIDCTokenResponse; //导入依赖的package包/类
protected OIDCTokenResponse fetchToken(AuthorizationCode authCode, HttpServerExchange exchange) throws Exception {
	URI redirectURI = new URI(RedirectBuilder.redirect(exchange, redirectPath));
	TokenRequest tokenReq = new TokenRequest(oidcProvider.getTokenURI(), oidcProvider.getClientId(), new AuthorizationCodeGrant(authCode, redirectURI));
	HTTPResponse tokenHTTPResp = tokenReq.toHTTPRequest().send();
	TokenResponse tokenResponse = OIDCTokenResponseParser.parse(tokenHTTPResp);
	if (tokenResponse instanceof TokenErrorResponse) {
		ErrorObject error = ((TokenErrorResponse) tokenResponse).getErrorObject();
		throw new IllegalStateException(String.format("OIDC TokenRequest error: code %s description: %s", error.getCode(), error.getDescription()));
	}
	return (OIDCTokenResponse) tokenResponse;
}
 
开发者ID:aaronanderson,项目名称:swarm-oidc,代码行数:12,代码来源:OIDCAuthenticationMechanism.java


示例5: handle

import com.nimbusds.openid.connect.sdk.OIDCTokenResponse; //导入依赖的package包/类
@Override
public Response handle(HTTPRequest httpRequest, OIDCResourceReference reference) throws Exception
{
    this.logger.debug("OIDC: Entering [token] endpoint");

    // Parse the request
    TokenRequest request = TokenRequest.parse(httpRequest);

    AuthorizationGrant authorizationGrant = request.getAuthorizationGrant();

    ClientID clientID = request.getClientID();

    ClientAuthentication authentication = request.getClientAuthentication();
    if (authentication != null) {
        clientID = authentication.getClientID();
    }

    if (authorizationGrant.getType().requiresClientAuthentication()) {
        // TODO: authenticate the client if needed
    }

    if (authorizationGrant.getType() == GrantType.AUTHORIZATION_CODE) {
        AuthorizationCodeGrant grant = (AuthorizationCodeGrant) authorizationGrant;

        this.logger.debug("OIDC.token: Grant request: code={} redirectionURI={} clientID={}",
            grant.getAuthorizationCode(), grant.getRedirectionURI(), clientID);

        OIDCConsent consent =
            this.store.getConsent(clientID, grant.getRedirectionURI(), grant.getAuthorizationCode());

        if (consent == null) {
            return new TokenErrorResponse(OAuth2Error.INVALID_GRANT);
        }

        // Generate new access token if none exist
        if (consent.getAccessToken() == null) {
            // TODO: set a configurable lifespan ?
            consent.setAccessToken(new BearerAccessToken());

            // Store new access token
            this.store.saveConsent(consent, "Store new OIDC access token");
        }

        // Get rid of the temporary authorization code
        this.store.removeAuthorizationCode(grant.getAuthorizationCode());

        JWT idToken = this.manager.createdIdToken(request.getClientID(), consent.getUserReference(), null,
            consent.getClaims());
        OIDCTokens tokens = new OIDCTokens(idToken, consent.getAccessToken(), null);

        return new OIDCTokenResponse(tokens);
    }

    return new TokenErrorResponse(OAuth2Error.UNSUPPORTED_GRANT_TYPE);
}
 
开发者ID:xwiki-contrib,项目名称:oidc,代码行数:56,代码来源:TokenOIDCEndpoint.java


示例6: tokenRequestInt

import com.nimbusds.openid.connect.sdk.OIDCTokenResponse; //导入依赖的package包/类
@Override
protected OIDCTokenResponse tokenRequestInt(TokenRequest tokenReq, HttpServletResponse resp)
		throws GeneralSecurityException, JOSEException, ParseException {
	// extract values from request
	ClientAuthentication auth = tokenReq.getClientAuthentication();
	ClientID clientId = auth != null ? auth.getClientID() : tokenReq.getClientID();
	AuthorizationGrant grant = tokenReq.getAuthorizationGrant();
	AuthorizationCode code = null;
	if (grant != null && grant.getType() == GrantType.AUTHORIZATION_CODE) {
		AuthorizationCodeGrant codeGrant = (AuthorizationCodeGrant) grant;
		code = codeGrant.getAuthorizationCode();
	}

	// get values from honest OP for comparison
	OIDCClientInformation info = (OIDCClientInformation) suiteCtx.get(OPContextConstants.REGISTERED_CLIENT_INFO_HONEST);
	ClientID refClientId = info.getID();
	AuthorizationCode refCode = (AuthorizationCode) stepCtx.get(OPContextConstants.HONEST_CODE);

	// compare values
	Object fo = stepCtx.get(OPContextConstants.TOKEN_INFORMATIONLEAK_FUTURE);
	CompletableFuture<TestStepResult> f = (CompletableFuture<TestStepResult>) fo;
	if (f != null) {
		TestStepResult result = null;
		if (refClientId != null && refClientId.equals(clientId)) {
			logger.log("Detected Honest ClientID in Evil OP.");
			result = TestStepResult.FAIL;
		} else if (clientId != null) {
			logger.log("Detected unknown ClientID in Evil OP.");
			result = TestStepResult.UNDETERMINED;
		}
		if (refCode != null && refCode.equals(code)) {
			logger.log("Detected Honest Code in Evil OP.");
			result = TestStepResult.FAIL;
		} else if (code != null) {
			logger.log("Detected unknown Code in Evil OP.");
			result = Misc.getWorst(TestStepResult.UNDETERMINED, result);
		}

		f.complete(result);
	}

	return super.tokenRequestInt(tokenReq, resp);
}
 
开发者ID:RUB-NDS,项目名称:PrOfESSOS,代码行数:44,代码来源:MaliciousEndpointOP.java


示例7: handle

import com.nimbusds.openid.connect.sdk.OIDCTokenResponse; //导入依赖的package包/类
@Override
public Response handle(HTTPRequest httpRequest, OIDCResourceReference reference) throws Exception
{
    // Parse the request
    AuthorizationResponse authorizationResponse = AuthorizationResponse.parse(httpRequest);

    // Validate state
    State state = authorizationResponse.getState();
    if (!Objects.equal(state, this.configuration.getSessionState())) {
        throw new OIDCException("Invalid state [" + state + "]");
    }
    // TODO: remove the state from the session ?

    // Deal with errors
    if (!authorizationResponse.indicatesSuccess()) {
        // Cast to error response
        AuthorizationErrorResponse errorResponse = (AuthorizationErrorResponse) authorizationResponse;

        // If impossible to authenticate without prompt, just ignore and redirect
        if (OIDCError.INTERACTION_REQUIRED.getCode().equals(errorResponse.getErrorObject().getCode())
            || OIDCError.LOGIN_REQUIRED.getCode().equals(errorResponse.getErrorObject().getCode())) {
            // Redirect to original request
            return new RedirectResponse(new URI(authorizationResponse.getState().getValue()));
        }
    }

    // Cast to success response
    AuthorizationSuccessResponse successResponse = (AuthorizationSuccessResponse) authorizationResponse;

    // Get authorization code
    AuthorizationCode code = successResponse.getAuthorizationCode();

    // Generate callback URL
    URI callback = this.oidc.createEndPointURI(CallbackOIDCEndpoint.HINT);

    // Get access token
    AuthorizationGrant authorizationGrant = new AuthorizationCodeGrant(code, callback);
    // TODO: setup some client authentication, secret, all that
    TokenRequest tokeRequest = new TokenRequest(this.configuration.getTokenOIDCEndpoint(),
        this.configuration.getClientID(), authorizationGrant);
    HTTPRequest tokenHTTP = tokeRequest.toHTTPRequest();
    tokenHTTP.setHeader("User-Agent", this.getClass().getPackage().getImplementationTitle() + '/'
        + this.getClass().getPackage().getImplementationVersion());
    HTTPResponse httpResponse = tokenHTTP.send();

    if (httpResponse.getStatusCode() != HTTPResponse.SC_OK) {
        TokenErrorResponse error = TokenErrorResponse.parse(httpResponse);
        throw new OIDCException("Failed to get access token", error.getErrorObject());
    }

    OIDCTokenResponse tokenResponse = OIDCTokenResponse.parse(httpResponse);

    IDTokenClaimsSet idToken = new IDTokenClaimsSet(tokenResponse.getOIDCTokens().getIDToken().getJWTClaimsSet());
    BearerAccessToken accessToken = tokenResponse.getTokens().getBearerAccessToken();

    HttpSession session = ((ServletSession) this.container.getSession()).getHttpSession();

    // Store the access token in the session
    this.configuration.setIdToken(idToken);
    this.configuration.setAccessToken(accessToken);

    // Update/Create XWiki user
    Principal principal = this.users.updateUserInfo(accessToken);

    // Remember user in the session
    session.setAttribute(SecurityRequestWrapper.PRINCIPAL_SESSION_KEY, principal);

    // TODO: put enough information in the cookie to automatically authenticate when coming back

    // Redirect to original request
    return new RedirectResponse(this.configuration.getSuccessRedirectURI());
}
 
开发者ID:xwiki-contrib,项目名称:oidc,代码行数:73,代码来源:CallbackOIDCEndpoint.java



注:本文中的com.nimbusds.openid.connect.sdk.OIDCTokenResponse类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Java JDOMSource类代码示例发布时间:2022-05-23
下一篇:
Java AnchorLocation类代码示例发布时间:2022-05-23
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap