use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class CavaticaResource method cavatica.
@PostMapping(produces = MediaType.APPLICATION_JSON_VALUE)
public Mono<ResponseEntity<String>> cavatica(@RequestBody(required = false) JSONObject requestBody, JwtAuthenticationToken authentication) {
val userId = authentication.getTokenAttributes().get("sub").toString();
val cavaticaKey = getCavaticaKey(userId);
// Path
val path = (String) requestBody.get("path");
if (path == null) {
throw new IllegalArgumentException("No Parameter found for 'path' in body.");
}
// Method
String method = ((String) requestBody.get("method")).toUpperCase();
if (Arrays.stream(HTTP_ALLOWED_METHODS).noneMatch(allowed -> allowed.equals(method))) {
return Mono.just(ResponseEntity.badRequest().build());
}
// Body
val bodyMap = (Map) requestBody.get("body");
val body = bodyMap != null ? new JSONObject(bodyMap) : null;
val bodyString = body == null ? "" : body.toJSONString();
return cavaticaKey.flatMap(key -> cavaticaService.sendCavaticaRequest(key, path, method, bodyString)).map(ResponseEntity::ok).defaultIfEmpty(ResponseEntity.status(HttpStatus.UNAUTHORIZED).build());
}
use of com.nimbusds.jose.shaded.json.JSONObject in project pac4j by pac4j.
the class KeycloakRolesAuthorizationGenerator method generate.
@Override
public Optional<UserProfile> generate(final WebContext context, final SessionStore sessionStore, final UserProfile profile) {
if (profile instanceof KeycloakOidcProfile) {
try {
final JWT jwt = SignedJWT.parse(((KeycloakOidcProfile) profile).getAccessToken().getValue());
final var jwtClaimsSet = jwt.getJWTClaimsSet();
final var realmRolesJsonObject = jwtClaimsSet.getJSONObjectClaim("realm_access");
if (realmRolesJsonObject != null) {
final var realmRolesJsonArray = (JSONArray) realmRolesJsonObject.get("roles");
if (realmRolesJsonArray != null) {
realmRolesJsonArray.forEach(role -> profile.addRole((String) role));
}
}
if (clientId != null) {
final var resourceAccess = jwtClaimsSet.getJSONObjectClaim("resource_access");
if (resourceAccess != null) {
final var clientRolesJsonObject = (JSONObject) resourceAccess.get(clientId);
if (clientRolesJsonObject != null) {
final var clientRolesJsonArray = (JSONArray) clientRolesJsonObject.get("roles");
if (clientRolesJsonArray != null) {
clientRolesJsonArray.forEach(role -> profile.addRole((String) role));
}
}
}
}
} catch (final Exception e) {
LOGGER.warn("Cannot parse Keycloak roles", e);
}
}
return Optional.of(profile);
}
use of com.nimbusds.jose.shaded.json.JSONObject in project PowerNukkitX by BlocklyNukkit.
the class Metrics method getPluginData.
/**
* Gets the plugin specific data.
*
* @return The plugin specific data.
*/
private JSONObject getPluginData() {
JSONObject data = new JSONObject();
// Append the name of the server software
data.put("pluginName", name);
JSONArray customCharts = new JSONArray();
for (CustomChart customChart : charts) {
// Add the data of the custom charts
JSONObject chart = customChart.getRequestJsonObject();
if (chart == null) {
// If the chart is null, we skip it
continue;
}
customCharts.add(chart);
}
data.put("customCharts", customCharts);
return data;
}
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class FenceResource method requestTokens.
@GetMapping("/{fence}/exchange")
public Mono<ResponseEntity<JSONObject>> requestTokens(@RequestParam("code") String authCode, @PathVariable("fence") String fenceKey, JwtAuthenticationToken authentication) {
val userId = authentication.getTokenAttributes().get("sub").toString();
val fence = fenceService.getFence(fenceKey);
return fenceService.requestTokens(authCode, fence).flatMap(t -> secretService.persistTokens(fence, userId, t, true).filter(s -> s.getService().equals(fence.keyRefreshToken())).next().map(s -> {
val b = new JSONObject();
b.put("expiration", s.getExpiration());
return ResponseEntity.ok(b);
})).defaultIfEmpty(ResponseEntity.notFound().build());
}
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class FenceResource method getAuthClient.
@GetMapping("/{fence}/info")
public Mono<JSONObject> getAuthClient(@PathVariable("fence") String fenceKey) throws IllegalArgumentException {
val fence = fenceService.getFence(fenceKey);
// No UserID check - no auth required
val body = new JSONObject();
body.put("client_id", fence.getClientId());
body.put("redirect_uri", fence.getRedirectUri());
body.put("proxy_uri", fence.getProxyUri());
body.put("scope", fence.getScope());
val fullAuthorizeUri = UriComponentsBuilder.fromHttpUrl(fence.getAuthorizeUri()).queryParam("scope", // Do not encode twice space character
fence.getScope().replace("%20", " ")).queryParam("client_id", fence.getClientId()).queryParam("redirect_uri", fence.getRedirectUri()).queryParam("response_type", "code").encode().build().toUriString();
body.put("authorize_uri", fullAuthorizeUri);
return Mono.just(body);
}
Aggregations