Search in sources :

Example 1 with Request

use of com.auth0.net.Request in project sda-dropwizard-commons by SDA-SE.

the class OpaAuthFilter method filter.

@Override
public void filter(ContainerRequestContext requestContext) {
    Span span = tracer.buildSpan("authorizeUsingOpa").withTag("opa.allow", false).withTag(COMPONENT, "OpaAuthFilter").start();
    try (Scope ignored = tracer.scopeManager().activate(span)) {
        // collect input parameters for Opa request
        UriInfo uriInfo = requestContext.getUriInfo();
        String method = requestContext.getMethod();
        String trace = requestContext.getHeaderString(RequestTracing.TOKEN_HEADER);
        String jwt = null;
        // if security context already exist and if it is a jwt security context,
        // we include the jwt in the request
        SecurityContext securityContext = requestContext.getSecurityContext();
        Map<String, Claim> claims = null;
        if (null != securityContext) {
            JwtPrincipal jwtPrincipal = getJwtPrincipal(requestContext.getSecurityContext());
            if (jwtPrincipal != null) {
                // JWT principal found, this means that JWT has been validated by
                // auth bundle
                // and can be used within this bundle
                jwt = jwtPrincipal.getJwt();
                claims = jwtPrincipal.getClaims();
            }
        }
        JsonNode constraints = null;
        if (!isDisabled && !isExcluded(uriInfo)) {
            // process the actual request to the open policy agent server
            String[] path = uriInfo.getPathSegments().stream().map(PathSegment::getPath).toArray(String[]::new);
            OpaInput opaInput = new OpaInput(jwt, path, method, trace);
            ObjectNode objectNode = om.convertValue(opaInput, ObjectNode.class);
            // append the input extensions to the input object
            inputExtensions.forEach((namespace, extension) -> objectNode.set(namespace, om.valueToTree(extension.createAdditionalInputContent(requestContext))));
            OpaRequest request = OpaRequest.request(objectNode);
            constraints = authorizeWithOpa(request, span);
        }
        OpaJwtPrincipal principal = OpaJwtPrincipal.create(jwt, claims, constraints, om);
        replaceSecurityContext(requestContext, securityContext, principal);
    } finally {
        span.finish();
    }
}
Also used : OpaJwtPrincipal(org.sdase.commons.server.opa.OpaJwtPrincipal) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) JwtPrincipal(org.sdase.commons.server.auth.JwtPrincipal) OpaJwtPrincipal(org.sdase.commons.server.opa.OpaJwtPrincipal) JsonNode(com.fasterxml.jackson.databind.JsonNode) Span(io.opentracing.Span) Scope(io.opentracing.Scope) SecurityContext(javax.ws.rs.core.SecurityContext) OpaRequest(org.sdase.commons.server.opa.filter.model.OpaRequest) UriInfo(javax.ws.rs.core.UriInfo) Claim(com.auth0.jwt.interfaces.Claim) OpaInput(org.sdase.commons.server.opa.filter.model.OpaInput)

Example 2 with Request

use of com.auth0.net.Request in project gravitee-api-management by gravitee-io.

the class UserServiceImpl method resetPassword.

private void resetPassword(final String id, final String resetPageUrl) {
    try {
        LOGGER.debug("Resetting password of user id {}", id);
        Optional<User> optionalUser = userRepository.findById(id);
        if (!optionalUser.isPresent()) {
            throw new UserNotFoundException(id);
        }
        final User user = optionalUser.get();
        if (!isInternalUser(user)) {
            throw new UserNotInternallyManagedException(id);
        }
        // do not perform this check if the request comes from an authenticated user (ie. admin or someone with right permission)
        if (!isAuthenticated() || !canResetPassword()) {
            AuditQuery query = new AuditQuery();
            query.setEvents(Arrays.asList(User.AuditEvent.PASSWORD_RESET.name()));
            query.setFrom(Instant.now().minus(1, ChronoUnit.HOURS).toEpochMilli());
            query.setPage(1);
            query.setSize(100);
            MetadataPage<AuditEntity> events = auditService.search(query);
            if (events != null) {
                if (events.getContent().size() == 100) {
                    LOGGER.warn("More than 100 reset password received in less than 1 hour", user.getId());
                }
                Optional<AuditEntity> optReset = events.getContent().stream().filter(evt -> user.getId().equals(evt.getProperties().get(USER.name()))).findFirst();
                if (optReset.isPresent()) {
                    LOGGER.warn("Multiple reset password received for user '{}' in less than 1 hour", user.getId());
                    throw new PasswordAlreadyResetException();
                }
            }
        }
        final Map<String, Object> params = getTokenRegistrationParams(convert(user, false), RESET_PASSWORD_PATH, RESET_PASSWORD, resetPageUrl);
        notifierService.trigger(PortalHook.PASSWORD_RESET, params);
        auditService.createOrganizationAuditLog(GraviteeContext.getCurrentOrganization(), Collections.singletonMap(USER, user.getId()), User.AuditEvent.PASSWORD_RESET, new Date(), null, null);
        emailService.sendAsyncEmailNotification(new EmailNotificationBuilder().to(user.getEmail()).template(EmailNotificationBuilder.EmailTemplate.TEMPLATES_FOR_ACTION_USER_PASSWORD_RESET).params(params).build(), GraviteeContext.getCurrentContext());
    } catch (TechnicalException ex) {
        final String message = "An error occurs while trying to reset password for user " + id;
        LOGGER.error(message, ex);
        throw new TechnicalManagementException(message, ex);
    }
}
Also used : BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder) Page(io.gravitee.common.data.domain.Page) TechnicalException(io.gravitee.repository.exceptions.TechnicalException) LoggerFactory(org.slf4j.LoggerFactory) MembershipRepository(io.gravitee.repository.management.api.MembershipRepository) Autowired(org.springframework.beans.factory.annotation.Autowired) SocialIdentityProviderEntity(io.gravitee.rest.api.model.configuration.identity.SocialIdentityProviderEntity) RoleScope(io.gravitee.rest.api.model.permissions.RoleScope) StringUtils(org.apache.commons.lang3.StringUtils) UPDATE(io.gravitee.rest.api.model.permissions.RolePermissionAction.UPDATE) IdentityProviderService(io.gravitee.rest.api.service.configuration.identity.IdentityProviderService) TemplateEngine(io.gravitee.el.TemplateEngine) Algorithm(com.auth0.jwt.algorithms.Algorithm) AuditQuery(io.gravitee.rest.api.model.audit.AuditQuery) PageableBuilder(io.gravitee.repository.management.api.search.builder.PageableBuilder) RoleMappingEntity(io.gravitee.rest.api.model.configuration.identity.RoleMappingEntity) Duration(java.time.Duration) PortalHook(io.gravitee.rest.api.service.notification.PortalHook) GroupMappingEntity(io.gravitee.rest.api.model.configuration.identity.GroupMappingEntity) Collectors.toSet(java.util.stream.Collectors.toSet) ApplicationSettings(io.gravitee.rest.api.model.application.ApplicationSettings) RolePermissionAction(io.gravitee.rest.api.model.permissions.RolePermissionAction) JsonPathFunction(io.gravitee.el.spel.function.json.JsonPathFunction) Instant(java.time.Instant) SimpleApplicationSettings(io.gravitee.rest.api.model.application.SimpleApplicationSettings) Collectors(java.util.stream.Collectors) Key(io.gravitee.rest.api.model.parameters.Key) NotificationParamsBuilder(io.gravitee.rest.api.service.notification.NotificationParamsBuilder) EmailNotificationBuilder(io.gravitee.rest.api.service.builder.EmailNotificationBuilder) UrlSanitizerUtils(io.gravitee.rest.api.service.sanitizer.UrlSanitizerUtils) DatatypeConverter(javax.xml.bind.DatatypeConverter) AuditEntity(io.gravitee.rest.api.model.audit.AuditEntity) RolePermission(io.gravitee.rest.api.model.permissions.RolePermission) SearchEngineService(io.gravitee.rest.api.service.search.SearchEngineService) JWT(com.auth0.jwt.JWT) io.gravitee.rest.api.service(io.gravitee.rest.api.service) java.util(java.util) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Pageable(io.gravitee.rest.api.model.common.Pageable) GraviteeContext(io.gravitee.rest.api.service.common.GraviteeContext) DEFAULT_JWT_EMAIL_REGISTRATION_EXPIRE_AFTER(io.gravitee.rest.api.service.common.JWTHelper.DefaultValues.DEFAULT_JWT_EMAIL_REGISTRATION_EXPIRE_AFTER) InitializingBean(org.springframework.beans.factory.InitializingBean) Value(org.springframework.beans.factory.annotation.Value) JWTVerifier(com.auth0.jwt.JWTVerifier) ReadContext(com.jayway.jsonpath.ReadContext) ConfigurableEnvironment(org.springframework.core.env.ConfigurableEnvironment) UserRepository(io.gravitee.repository.management.api.UserRepository) Claims(io.gravitee.rest.api.service.common.JWTHelper.Claims) UserStatus(io.gravitee.repository.management.model.UserStatus) io.gravitee.rest.api.model(io.gravitee.rest.api.model) Membership(io.gravitee.repository.management.model.Membership) Query(io.gravitee.rest.api.service.search.query.Query) UuidString(io.gravitee.rest.api.service.common.UuidString) Logger(org.slf4j.Logger) ParameterReferenceType(io.gravitee.rest.api.model.parameters.ParameterReferenceType) JsonPath(com.jayway.jsonpath.JsonPath) Maps(io.gravitee.common.util.Maps) DEFAULT_JWT_ISSUER(io.gravitee.rest.api.service.common.JWTHelper.DefaultValues.DEFAULT_JWT_ISSUER) MetadataPage(io.gravitee.common.data.domain.MetadataPage) Collectors.toList(java.util.stream.Collectors.toList) Component(org.springframework.stereotype.Component) USER(io.gravitee.repository.management.model.Audit.AuditProperties.USER) ChronoUnit(java.time.temporal.ChronoUnit) PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder) StringUtils.isBlank(org.apache.commons.lang3.StringUtils.isBlank) io.gravitee.rest.api.service.exceptions(io.gravitee.rest.api.service.exceptions) UserCriteria(io.gravitee.repository.management.api.search.UserCriteria) User(io.gravitee.repository.management.model.User) ACTION(io.gravitee.rest.api.service.common.JWTHelper.ACTION) QueryBuilder(io.gravitee.rest.api.service.search.query.QueryBuilder) SearchResult(io.gravitee.rest.api.service.impl.search.SearchResult) User(io.gravitee.repository.management.model.User) AuditQuery(io.gravitee.rest.api.model.audit.AuditQuery) TechnicalException(io.gravitee.repository.exceptions.TechnicalException) UuidString(io.gravitee.rest.api.service.common.UuidString) EmailNotificationBuilder(io.gravitee.rest.api.service.builder.EmailNotificationBuilder) AuditEntity(io.gravitee.rest.api.model.audit.AuditEntity)

Example 3 with Request

use of com.auth0.net.Request in project chemvantage by chuckwight.

the class Token method doGet.

// This servlet is the OpenID Connection starting point for platforms to reach ChemVantage
// The servlet identifies the deployment corresponding to the request, and returns a Java Web Token
// containing information needed for the subsequent launch request or other service request.
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    StringBuffer debug = new StringBuffer("Issuing auth token:<br>");
    try {
        // store parameters required by third-party initiated login procedure:
        // this should be the platform_id URL (aud)
        String platform_id = request.getParameter("iss");
        debug.append("iss: " + platform_id + "<br>");
        String login_hint = request.getParameter("login_hint");
        debug.append("login_hint: " + login_hint + "<br>");
        String target_link_uri = request.getParameter("target_link_uri");
        debug.append("target_link_uri: " + target_link_uri + "<br>");
        debug.append("parameters: " + request.getParameterMap().keySet().toString() + "<br>");
        if (platform_id == null)
            throw new Exception("Missing required iss parameter.");
        if (login_hint == null)
            throw new Exception("Missing required login_hint parameter.");
        if (target_link_uri == null)
            throw new Exception("Missing required target_link_uri parameter.");
        String deployment_id = request.getParameter("lti_deployment_id");
        debug.append("deployment_id: " + deployment_id + "<br>");
        String client_id = request.getParameter("client_id");
        debug.append("client_id: " + client_id + "<br>");
        Deployment d = getDeployment(platform_id, deployment_id, client_id);
        if (d == null)
            throw new Exception("ChemVantage was unable to identify the deployment from your LMS. " + "Please check the registration to ensure the correct deployment_id and client_id. If your " + "platform registered multiple deployments with ChemVantage, it must provide the client_id " + "and/or deployment_id to uniquely identify one of them with each auth token request.<br/>" + "Contact admin@chemvantage.org for assistance.");
        String redirect_uri = target_link_uri;
        Date now = new Date();
        // 5 minutes from now
        Date exp = new Date(now.getTime() + 300000L);
        String nonce = Nonce.generateNonce();
        Algorithm algorithm = Algorithm.HMAC256(Subject.getHMAC256Secret());
        debug.append("JWT algorithm loaded OK.<br>");
        String iss = "https://" + request.getServerName();
        String token = JWT.create().withIssuer(iss).withSubject(login_hint).withAudience(platform_id).withExpiresAt(exp).withIssuedAt(now).withClaim("nonce", nonce).withClaim("deployment_id", d.getDeploymentId()).withClaim("client_id", d.client_id).withClaim("redirect_uri", redirect_uri).sign(algorithm);
        debug.append("JWT constructed and signed OK<br>");
        String lti_message_hint = request.getParameter("lti_message_hint");
        String oidc_auth_url = d.oidc_auth_url + "?response_type=id_token" + "&response_mode=form_post" + "&scope=openid" + "&prompt=none" + "&login_hint=" + login_hint + "&redirect_uri=" + redirect_uri + (lti_message_hint == null ? "" : "&lti_message_hint=" + lti_message_hint) + "&client_id=" + d.client_id + "&state=" + token + "&nonce=" + nonce;
        debug.append("Sending token: " + oidc_auth_url + "<p>");
        response.sendRedirect(oidc_auth_url);
    // d.claims = oidc_auth_url;
    // ofy().save().entity(d);
    } catch (Exception e) {
        response.getWriter().println("<h3>Failed Auth Token</h3>" + e.toString() + " " + e.getMessage() + "<br>" + debug.toString());
    }
}
Also used : Algorithm(com.auth0.jwt.algorithms.Algorithm) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) Date(java.util.Date)

Example 4 with Request

use of com.auth0.net.Request in project chemvantage by chuckwight.

the class LTIDeepLinks method validateDeepLinkRequest.

JsonObject validateDeepLinkRequest(HttpServletRequest request) throws Exception {
    // returns the validated Deployment
    Deployment d = validateIdToken(request);
    // Decode the JWT id_token payload as a JsonObject:
    JsonObject claims = null;
    try {
        DecodedJWT id_token = JWT.decode(request.getParameter("id_token"));
        String json = new String(Base64.getUrlDecoder().decode(id_token.getPayload()));
        claims = JsonParser.parseString(json).getAsJsonObject();
        d.claims = claims.toString();
        ofy().save().entity(d);
    } catch (Exception e) {
        throw new Exception("The id_token was not a valid JWT.");
    }
    try {
        verifyLtiMessageClaims(claims);
    } catch (Exception e) {
        throw new Exception("LTI message claims were invalid. " + e.getMessage());
    }
    try {
        verifyIsInstructor(claims);
    } catch (Exception e) {
        throw new Exception("Unauthorized: " + e.getMessage());
    }
    return claims;
}
Also used : JsonObject(com.google.gson.JsonObject) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) ServletException(javax.servlet.ServletException) IOException(java.io.IOException)

Example 5 with Request

use of com.auth0.net.Request in project chemvantage by chuckwight.

the class LTILaunch method basicLtiLaunchRequest.

void basicLtiLaunchRequest(HttpServletRequest request, HttpServletResponse response) throws IOException {
    // check for required LTI launch parameters:
    try {
        String lti_message_type = request.getParameter("lti_message_type");
        if (lti_message_type == null || !"basic-lti-launch-request".contentEquals(lti_message_type)) {
            doError(request, response, "Invalid lti_message_type parameter.", null, null);
            return;
        }
        String lti_version = request.getParameter("lti_version");
        if (lti_version == null) {
            doError(request, response, "Missing lti_version parameter.", null, null);
            return;
        } else if (!lti_version.equals("LTI-1p0")) {
            doError(request, response, "Invalid lti_version parameter.", null, null);
            return;
        }
        String oauth_consumer_key = request.getParameter("oauth_consumer_key");
        if (oauth_consumer_key == null) {
            doError(request, response, "Missing oauth_consumer_key.", null, null);
            return;
        }
        String resource_link_id = request.getParameter("resource_link_id");
        if (resource_link_id == null) {
            doError(request, response, "Missing resource_link_id.", null, null);
            return;
        }
        Date now = new Date();
        BLTIConsumer tc;
        try {
            tc = ofy().load().type(BLTIConsumer.class).id(oauth_consumer_key).safe();
            if ("suspended".equals(tc.status)) {
                response.getWriter().println(Subject.header("ChemVantage Account Management") + suspendedAccount(tc) + Subject.footer);
                return;
            } else if (tc.expires != null && tc.expires.before(now)) {
                response.getWriter().println(Subject.header("ChemVantage Account Management") + expiredAccount(tc, request.getServerName()) + Subject.footer);
                return;
            }
            if (tc.secret == null)
                throw new Exception("Shared secret was not found in the ChemVantage database.");
            // 24 hrs ago
            Date yesterday = new Date(now.getTime() - 86400000L);
            if (tc.lastLogin == null || tc.lastLogin.before(yesterday)) {
                tc.lastLogin = now;
                tc.launchParameters = request.getParameterMap();
                try {
                    // this section synchronizes expiration dates from a single domain
                    String domain = new URL(tc.launchParameters.get("lis_outcome_service_url")[0]).getHost();
                    // domain may be null for instructors
                    if (domain != null)
                        tc.domain = domain;
                    if (tc.domain != null) {
                        // tc.domain may be null if grades are never returned to the LMS
                        List<BLTIConsumer> companions = ofy().load().type(BLTIConsumer.class).filter("domain", tc.domain).list();
                        companions.remove(tc);
                        for (BLTIConsumer tcc : companions) {
                            // assign the shortest expiration time found for this domain
                            if (tcc.expires != null && (tc.expires == null || tcc.expires.before(tc.expires)))
                                tc.expires = tcc.expires;
                        }
                    }
                } catch (Exception e) {
                }
                // update the lastLogin value and possibly the domain and expires fields
                ofy().save().entity(tc);
            }
        } catch (Exception e) {
            String use = request.getServerName().contains("dev-vantage") ? "dev" : "prod";
            throw new Exception("Invalid oauth_consumer_key. " + "Please verify that the oauth_consumer_key is entered into your LMS exactly as you are registered with ChemVantage. " + "If your account has been inactive for more than " + ("dev".equals(use) ? "30 days" : "six months") + ", it may have been " + "deleted in accordance with our <a href=https://www.chemvantage.org/About#privacy target=_blank>privacy policy</a>.<br/>" + "Please use the <a href=https://www.chemvantage.org/lti/registration target=_blank>ChemVantage Registration Page</a> " + "to reregister your LMS.");
        }
        OAuthMessage oam = OAuthServlet.getMessage(request, null);
        OAuthValidator oav = new SimpleOAuthValidator();
        OAuthConsumer cons = new OAuthConsumer("about:blank#OAuth+CallBack+NotUsed", oauth_consumer_key, tc.secret, null);
        OAuthAccessor acc = new OAuthAccessor(cons);
        OAuthSignatureMethod.getBaseString(oam);
        if (!Nonce.isUnique(request.getParameter("oauth_nonce"), request.getParameter("oauth_timestamp")))
            throw new Exception("Invalid nonce or timestamp.");
        try {
            oav.validateMessage(oam, acc);
        } catch (Exception e) {
            throw new Exception("OAuth validation failed, most likely due to an invalid shared_secret value in your LMS. Check carefully to eliminate leading or trailing blank spaces.");
        }
        // BLTI Launch message was validated successfully at this point
        // debug.append("Basic LTI launch message validated...");
        // Detect whether this is an anonymous LTI launch request per LTIv1p1p2. This is a security patch that
        // prevents a cross-site request forgery threat applicable to versions of LTI released prior to v1.3.
        // The launch procedure is for the TC to issue an anonymous BLTI launch request with no user information.
        // The TP wraps the TC-defined platform_state into an encrypted JSON Web Token (JWT) and redircects the browser
        // to the TC-specified relaunch_url with the original platform_state and the new tool_state parameters, where
        // tool_state is the encrypted JWT. The TC then relaunches to the TP with the user information and the
        // two state parameters, which must be verified by the TP to proceed with the launch. This security patch makes
        // ChemVantage compliant with LTIv1p1p2. If the parameters are not included, the TP may proceed with a
        // normal v1p0 BLTI launch; however this is subject to the following deprecation schedule:
        // LTIv1p0		last certification 12/31/2019 and last market availability 12/31/2020
        // LTIv1p1p2 	last certification 06/30/2021 and last market availability 06/30/2022
        String relaunch_url = request.getParameter("relaunch_url");
        String platform_state = request.getParameter("platform_state");
        String tool_state = request.getParameter("tool_state");
        Algorithm algorithm = Algorithm.HMAC256(Subject.getHMAC256Secret());
        if (tool_state != null && platform_state != null) {
            // This is a LTIv1.1.2 relaunch response. Validate the tool_state value
            try {
                JWT.require(algorithm).withIssuer("https://www.chemvantage.org").withClaim("platform_state", platform_state).build().verify(tool_state);
                if (tc.lti_version == null || !tc.lti_version.equals("LTI-1p1p2")) {
                    tc.lti_version = "LTI-1p1p2";
                    // should have to do this only once
                    ofy().save().entity(tc);
                }
            } catch (Exception e) {
                throw new Exception("Tool state could not be validated.");
            }
        } else if (relaunch_url != null && platform_state != null) {
            // Anonymous LRTIv1p1p2 launch request. Execute relaunch sequence:
            try {
                // 10 minutes from now
                Date expires = new Date(new Date().getTime() + 600000);
                tool_state = JWT.create().withIssuer("https://www.chemvantage.org").withClaim("platform_state", platform_state).withExpiresAt(expires).sign(algorithm);
                response.sendRedirect(relaunch_url + "?platform_state=" + platform_state + "&tool_state=" + tool_state);
                lti_version = "LTI-1p1p2_proposed";
            } catch (Exception e) {
                throw new Exception("Tool state JWT could not be created.");
            }
            // wait for relaunch from platform
            return;
        }
        // End of LTIv1p1p2 section. Continue with normal LTI launch sequence
        // Gather some information about the user
        String userId = request.getParameter("user_id");
        userId = oauth_consumer_key + ":" + (userId == null ? "" : userId);
        // Process user information, provision a new user account if necessary, and store the userId in the user's session
        User user = new User(userId);
        // check if user has Instructor or Administrator role
        String roles = request.getParameter("roles");
        if (roles != null) {
            roles = roles.toLowerCase();
            user.setIsInstructor(roles.contains("instructor"));
            user.setIsAdministrator(roles.contains("administrator"));
            user.setIsTeachingAssistant(roles.contains("teachingassistant"));
        }
        // user information OK;
        // debug.append("userId=" + userId + " and role=" + (user.isInstructor()?"Instructor":"Learner") + "...");
        // Gather information that may be needed to return a score to the LMS:
        String lis_result_sourcedid = request.getParameter("lis_result_sourcedid");
        // debug.append("lis_result_sourcedid=" + lis_result_sourcedid + "...");
        String lisOutcomeServiceUrl = request.getParameter("lis_outcome_service_url");
        // debug.append("lis_outcome_service_url=" + lisOutcomeServiceUrl + "...");
        // Use the resourceLinkId to find the assignment or create a new one:
        Assignment myAssignment = null;
        boolean saveAssignment = false;
        try {
            // load the requested Assignment entity if it exists
            myAssignment = ofy().load().type(Assignment.class).filter("domain", oauth_consumer_key).filter("resourceLinkId", resource_link_id).first().safe();
            if (lisOutcomeServiceUrl != null && !lisOutcomeServiceUrl.equals(myAssignment.lis_outcome_service_url)) {
                myAssignment.lis_outcome_service_url = lisOutcomeServiceUrl;
                saveAssignment = true;
            }
            if (saveAssignment)
                ofy().save().entity(myAssignment);
        } catch (Exception e) {
            // or create a new one with the available information (but no assignmentType or topicIds)
            myAssignment = new Assignment(oauth_consumer_key, resource_link_id, lisOutcomeServiceUrl, true);
            // we'll need the new id value immediately
            ofy().save().entity(myAssignment).now();
        }
        user.setAssignment(myAssignment.id, lis_result_sourcedid);
        if (myAssignment.isValid()) {
            // used for hashing userIds by Task queue
            Queue queue = QueueFactory.getDefaultQueue();
            queue.add(withUrl("/HashUserIds").param("sig", user.getTokenSignature()));
            response.sendRedirect("/" + myAssignment.assignmentType + "?sig=" + user.getTokenSignature());
        } else
            response.getWriter().println(Subject.header("Select A ChemVantage Assignment") + pickResourceForm(user, myAssignment, -1) + Subject.footer);
        return;
    } catch (Exception e) {
        doError(request, response, "LTI Launch failed. " + e.getMessage(), null, e);
    }
}
Also used : SimpleOAuthValidator(net.oauth.SimpleOAuthValidator) OAuthMessage(net.oauth.OAuthMessage) OAuthConsumer(net.oauth.OAuthConsumer) Algorithm(com.auth0.jwt.algorithms.Algorithm) Date(java.util.Date) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) URL(java.net.URL) OAuthAccessor(net.oauth.OAuthAccessor) SimpleOAuthValidator(net.oauth.SimpleOAuthValidator) OAuthValidator(net.oauth.OAuthValidator) Queue(com.google.appengine.api.taskqueue.Queue)

Aggregations

Test (org.junit.Test)193 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)185 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)77 IOException (java.io.IOException)76 List (java.util.List)63 Algorithm (com.auth0.jwt.algorithms.Algorithm)35 VoidRequest (com.auth0.net.VoidRequest)33 Auth0Exception (com.auth0.exception.Auth0Exception)30 APIException (com.auth0.exception.APIException)27 RateLimitException (com.auth0.exception.RateLimitException)25 HashMap (java.util.HashMap)24 PageFilter (com.auth0.client.mgmt.filter.PageFilter)23 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)23 ServletException (javax.servlet.ServletException)23 TokenHolder (com.auth0.json.auth.TokenHolder)22 JWTVerifier (com.auth0.jwt.JWTVerifier)22 ArrayList (java.util.ArrayList)22 Test (org.junit.jupiter.api.Test)22 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)20 Date (java.util.Date)20