use of com.nimbusds.oauth2.sdk.AuthorizationRequest in project OpenConext-oidcng by OpenConext.
the class AuthorizationEndpointUnitTest method doValidateRedirectionUri.
@SuppressWarnings("unchecked")
private void doValidateRedirectionUri(String clientRedirectUri, String requestRedirectUri) throws IOException, ParseException {
AuthorizationRequest authorizationRequest = authorizationRequest(new FluentMap<String, String>().p("client_id", "http://oidc-rp").p("response_type", "code").p("redirect_uri", requestRedirectUri));
OpenIDClient client = openIDClient(clientRedirectUri, "open_id", "authorization_code");
ProvidedRedirectURI redirectUri = AuthorizationEndpoint.validateRedirectionURI(authorizationRequest.getRedirectionURI(), client);
assertEquals(redirectUri.getRedirectURI(), requestRedirectUri != null ? requestRedirectUri : clientRedirectUri);
}
use of com.nimbusds.oauth2.sdk.AuthorizationRequest in project OpenConext-oidcng by OpenConext.
the class AuthorizationEndpointUnitTest method authorizationRequest.
private AuthorizationRequest authorizationRequest(Map<String, String> parameters) throws IOException, ParseException {
parameters.put("client_id", "https://mock-rp");
String queryString = parameters.entrySet().stream().filter(p -> p.getValue() != null).map(p -> String.format("%s=%s", p.getKey(), p.getValue())).collect(Collectors.joining("&"));
MockHttpServletRequest request = new MockHttpServletRequest(HttpMethod.GET.name(), "http://localhost");
request.setQueryString(queryString);
return AuthorizationRequest.parse(ServletUtils.createHTTPRequest(request));
}
use of com.nimbusds.oauth2.sdk.AuthorizationRequest in project OpenConext-oidcng by OpenConext.
the class AuthnRequestConverter method validateAuthorizationRequest.
@SneakyThrows
private void validateAuthorizationRequest(AuthorizationRequest authorizationRequest, OpenIDClient openIDClient) {
ClientID clientID = authorizationRequest.getClientID();
MDCContext.mdcContext("action", "Authorization", "clientId", clientID.getValue());
AuthorizationEndpoint.validateScopes(openIDClientRepository, authorizationRequest.getScope(), openIDClient);
AuthorizationEndpoint.validateGrantType(authorizationRequest, openIDClient);
}
use of com.nimbusds.oauth2.sdk.AuthorizationRequest in project OpenConext-oidcng by OpenConext.
the class AuthnRequestConverter method convert.
@SneakyThrows
@Override
public AuthnRequest convert(Saml2AuthenticationRequestContext ctx) {
CustomSaml2AuthenticationRequestContext context = (CustomSaml2AuthenticationRequestContext) ctx;
HttpServletRequest request = context.getRequest();
HttpSession session = request.getSession(false);
if (session == null) {
LOG.warn("There is no session in the HttpServletRequest. CookiesNotSupportedException will be thrown");
} else {
Enumeration<String> attributeNames = session.getAttributeNames();
List<String> list = Collections.list(attributeNames);
if (!list.contains("SPRING_SECURITY_SAVED_REQUEST")) {
LOG.info("There is a session in the HttpServletRequest with ID " + session.getId() + " which does not contain a saved request. Attribute names are: " + list.toString());
}
}
SavedRequest savedRequest = requestCache.getRequest(request, null);
if (savedRequest == null) {
throw new CookiesNotSupportedException();
}
Map<String, String[]> parameterMap = savedRequest.getParameterMap();
Map<String, List<String>> parameters = parameterMap.keySet().stream().collect(Collectors.toMap(key -> key, key -> Arrays.asList(parameterMap.get(key))));
List<String> redirectUris = parameters.get("redirect_uri");
URI redirectURI = CollectionUtils.isEmpty(redirectUris) ? null : new URI(redirectUris.get(0));
List<String> clientIds = parameters.get("client_id");
String clientId = CollectionUtils.isEmpty(clientIds) ? null : clientIds.get(0);
OpenIDClient openIDClient = openIDClientRepository.findOptionalByClientId(clientId).orElseThrow(() -> new UnknownClientException(clientId));
AuthorizationEndpoint.validateRedirectionURI(redirectURI, openIDClient);
request.setAttribute(REDIRECT_URI_VALID, true);
AuthorizationRequest authorizationRequest = AuthorizationRequest.parse(parameters);
validateAuthorizationRequest(authorizationRequest, openIDClient);
RelyingPartyRegistration relyingParty = context.getRelyingPartyRegistration();
AuthnRequestBuilder authnRequestBuilder = (AuthnRequestBuilder) registry.getBuilderFactory().getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME);
AuthnRequest authnRequest = authnRequestBuilder.buildObject();
authnRequest.setID("ARQ" + UUID.randomUUID().toString().substring(1));
authnRequest.setIssueInstant(Instant.now());
authnRequest.setProtocolBinding(POST.getUrn());
IssuerBuilder issuerBuilder = (IssuerBuilder) registry.getBuilderFactory().getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(relyingParty.getEntityId());
authnRequest.setIssuer(issuer);
authnRequest.setDestination(context.getDestination());
authnRequest.setAssertionConsumerServiceURL(context.getAssertionConsumerServiceUrl());
saveAuthenticationRequestUrl(savedRequest, authnRequest, authorizationRequest.getClientID());
enhanceAuthenticationRequest(authnRequest, parameters);
return authnRequest;
}
use of com.nimbusds.oauth2.sdk.AuthorizationRequest in project di-authentication-api by alphagov.
the class TokenHandlerTest method generateAuthRequest.
private static AuthorizationRequest generateAuthRequest(SignedJWT signedJWT) {
Scope scope = new Scope();
scope.add(OIDCScopeValue.OPENID);
AuthorizationRequest.Builder builder = new AuthorizationRequest.Builder(ResponseType.CODE, DOC_APP_CLIENT_ID).requestObject(signedJWT);
return builder.build();
}
Aggregations