Search in sources :

Example 26 with JSONObject

use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.

the class CavaticaResource method cavatica.

@PostMapping(produces = MediaType.APPLICATION_JSON_VALUE)
public Mono<ResponseEntity<String>> cavatica(@RequestBody(required = false) JSONObject requestBody, JwtAuthenticationToken authentication) {
    val userId = authentication.getTokenAttributes().get("sub").toString();
    val cavaticaKey = getCavaticaKey(userId);
    // Path
    val path = (String) requestBody.get("path");
    if (path == null) {
        throw new IllegalArgumentException("No Parameter found for 'path' in body.");
    }
    // Method
    String method = ((String) requestBody.get("method")).toUpperCase();
    if (Arrays.stream(HTTP_ALLOWED_METHODS).noneMatch(allowed -> allowed.equals(method))) {
        return Mono.just(ResponseEntity.badRequest().build());
    }
    // Body
    val bodyMap = (Map) requestBody.get("body");
    val body = bodyMap != null ? new JSONObject(bodyMap) : null;
    val bodyString = body == null ? "" : body.toJSONString();
    return cavaticaKey.flatMap(key -> cavaticaService.sendCavaticaRequest(key, path, method, bodyString)).map(ResponseEntity::ok).defaultIfEmpty(ResponseEntity.status(HttpStatus.UNAUTHORIZED).build());
}
Also used : lombok.val(lombok.val) JSONObject(com.nimbusds.jose.shaded.json.JSONObject) Map(java.util.Map) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Example 27 with JSONObject

use of com.nimbusds.jose.shaded.json.JSONObject in project pac4j by pac4j.

the class KeycloakRolesAuthorizationGenerator method generate.

@Override
public Optional<UserProfile> generate(final WebContext context, final SessionStore sessionStore, final UserProfile profile) {
    if (profile instanceof KeycloakOidcProfile) {
        try {
            final JWT jwt = SignedJWT.parse(((KeycloakOidcProfile) profile).getAccessToken().getValue());
            final var jwtClaimsSet = jwt.getJWTClaimsSet();
            final var realmRolesJsonObject = jwtClaimsSet.getJSONObjectClaim("realm_access");
            if (realmRolesJsonObject != null) {
                final var realmRolesJsonArray = (JSONArray) realmRolesJsonObject.get("roles");
                if (realmRolesJsonArray != null) {
                    realmRolesJsonArray.forEach(role -> profile.addRole((String) role));
                }
            }
            if (clientId != null) {
                final var resourceAccess = jwtClaimsSet.getJSONObjectClaim("resource_access");
                if (resourceAccess != null) {
                    final var clientRolesJsonObject = (JSONObject) resourceAccess.get(clientId);
                    if (clientRolesJsonObject != null) {
                        final var clientRolesJsonArray = (JSONArray) clientRolesJsonObject.get("roles");
                        if (clientRolesJsonArray != null) {
                            clientRolesJsonArray.forEach(role -> profile.addRole((String) role));
                        }
                    }
                }
            }
        } catch (final Exception e) {
            LOGGER.warn("Cannot parse Keycloak roles", e);
        }
    }
    return Optional.of(profile);
}
Also used : JSONObject(com.nimbusds.jose.shaded.json.JSONObject) JWT(com.nimbusds.jwt.JWT) SignedJWT(com.nimbusds.jwt.SignedJWT) JSONArray(com.nimbusds.jose.shaded.json.JSONArray) KeycloakOidcProfile(org.pac4j.oidc.profile.keycloak.KeycloakOidcProfile)

Example 28 with JSONObject

use of com.nimbusds.jose.shaded.json.JSONObject in project PowerNukkitX by BlocklyNukkit.

the class Metrics method getPluginData.

/**
 * Gets the plugin specific data.
 *
 * @return The plugin specific data.
 */
private JSONObject getPluginData() {
    JSONObject data = new JSONObject();
    // Append the name of the server software
    data.put("pluginName", name);
    JSONArray customCharts = new JSONArray();
    for (CustomChart customChart : charts) {
        // Add the data of the custom charts
        JSONObject chart = customChart.getRequestJsonObject();
        if (chart == null) {
            // If the chart is null, we skip it
            continue;
        }
        customCharts.add(chart);
    }
    data.put("customCharts", customCharts);
    return data;
}
Also used : JSONObject(com.nimbusds.jose.shaded.json.JSONObject) JSONArray(com.nimbusds.jose.shaded.json.JSONArray)

Example 29 with JSONObject

use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.

the class FenceResource method requestTokens.

@GetMapping("/{fence}/exchange")
public Mono<ResponseEntity<JSONObject>> requestTokens(@RequestParam("code") String authCode, @PathVariable("fence") String fenceKey, JwtAuthenticationToken authentication) {
    val userId = authentication.getTokenAttributes().get("sub").toString();
    val fence = fenceService.getFence(fenceKey);
    return fenceService.requestTokens(authCode, fence).flatMap(t -> secretService.persistTokens(fence, userId, t, true).filter(s -> s.getService().equals(fence.keyRefreshToken())).next().map(s -> {
        val b = new JSONObject();
        b.put("expiration", s.getExpiration());
        return ResponseEntity.ok(b);
    })).defaultIfEmpty(ResponseEntity.notFound().build());
}
Also used : lombok.val(lombok.val) JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken) UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder) JSONObject(com.nimbusds.jose.shaded.json.JSONObject) URIBuilder(org.apache.http.client.utils.URIBuilder) URISyntaxException(java.net.URISyntaxException) SecretService(io.kidsfirst.core.service.SecretService) lombok.val(lombok.val) Mono(reactor.core.publisher.Mono) Secret(io.kidsfirst.core.model.Secret) FenceService(io.kidsfirst.core.service.FenceService) Flux(reactor.core.publisher.Flux) Slf4j(lombok.extern.slf4j.Slf4j) org.springframework.web.bind.annotation(org.springframework.web.bind.annotation) Optional(java.util.Optional) ResponseEntity(org.springframework.http.ResponseEntity) JSONObject(com.nimbusds.jose.shaded.json.JSONObject)

Example 30 with JSONObject

use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.

the class FenceResource method getAuthClient.

@GetMapping("/{fence}/info")
public Mono<JSONObject> getAuthClient(@PathVariable("fence") String fenceKey) throws IllegalArgumentException {
    val fence = fenceService.getFence(fenceKey);
    // No UserID check - no auth required
    val body = new JSONObject();
    body.put("client_id", fence.getClientId());
    body.put("redirect_uri", fence.getRedirectUri());
    body.put("proxy_uri", fence.getProxyUri());
    body.put("scope", fence.getScope());
    val fullAuthorizeUri = UriComponentsBuilder.fromHttpUrl(fence.getAuthorizeUri()).queryParam("scope", // Do not encode twice space character
    fence.getScope().replace("%20", " ")).queryParam("client_id", fence.getClientId()).queryParam("redirect_uri", fence.getRedirectUri()).queryParam("response_type", "code").encode().build().toUriString();
    body.put("authorize_uri", fullAuthorizeUri);
    return Mono.just(body);
}
Also used : lombok.val(lombok.val) JSONObject(com.nimbusds.jose.shaded.json.JSONObject)

Aggregations

JSONObject (com.nimbusds.jose.shaded.json.JSONObject)52 lombok.val (lombok.val)22 Test (org.junit.jupiter.api.Test)21 Secret (io.kidsfirst.core.model.Secret)10 JSONArray (com.nimbusds.jose.shaded.json.JSONArray)9 Map (java.util.Map)5 Slf4j (lombok.extern.slf4j.Slf4j)5 JWSObject (com.nimbusds.jose.JWSObject)4 FenceService (io.kidsfirst.core.service.FenceService)4 SecretService (io.kidsfirst.core.service.SecretService)4 ResponseEntity (org.springframework.http.ResponseEntity)4 JwtAuthenticationToken (org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken)4 org.springframework.web.bind.annotation (org.springframework.web.bind.annotation)4 IOException (java.io.IOException)3 ECPublicKey (java.security.interfaces.ECPublicKey)3 Flux (reactor.core.publisher.Flux)3 Mono (reactor.core.publisher.Mono)3 JsonNode (com.fasterxml.jackson.databind.JsonNode)2 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)2 URI (java.net.URI)2