Search in sources :

Example 1 with AuthorizationSuccessResponse

use of com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse in project asgardeo-java-oidc-sdk by asgardeo.

the class OIDCRequestResolverTest method testIsAuthorizationCodeResponse.

@Test
public void testIsAuthorizationCodeResponse() throws IOException, ParseException, URISyntaxException {
    MockedStatic<AuthorizationResponse> mockedAuthorizationResponse = mockStatic(AuthorizationResponse.class);
    MockedStatic<ServletUtils> mockedServletUtils = mockStatic(ServletUtils.class);
    HTTPRequest httpRequest = mock(HTTPRequest.class);
    AuthorizationResponse authorizationResponse = mock(AuthorizationResponse.class);
    AuthorizationSuccessResponse authorizationSuccessResponse = mock(AuthorizationSuccessResponse.class);
    AuthorizationCode authzCode = new AuthorizationCode("auth-code");
    when(ServletUtils.createHTTPRequest(request)).thenReturn(httpRequest);
    when(AuthorizationResponse.parse(httpRequest)).thenReturn(authorizationResponse);
    when(authorizationResponse.indicatesSuccess()).thenReturn(true);
    when(authorizationResponse.toSuccessResponse()).thenReturn(authorizationSuccessResponse);
    when(authorizationSuccessResponse.getAuthorizationCode()).thenReturn(authzCode);
    OIDCRequestResolver resolver = new OIDCRequestResolver(request, oidcAgentConfig);
    assertTrue(resolver.isAuthorizationCodeResponse());
    mockedAuthorizationResponse.close();
    mockedServletUtils.close();
}
Also used : ServletUtils(com.nimbusds.oauth2.sdk.http.ServletUtils) AuthorizationCode(com.nimbusds.oauth2.sdk.AuthorizationCode) HTTPRequest(com.nimbusds.oauth2.sdk.http.HTTPRequest) AuthorizationSuccessResponse(com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse) AuthorizationResponse(com.nimbusds.oauth2.sdk.AuthorizationResponse) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 2 with AuthorizationSuccessResponse

use of com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse in project asgardeo-java-oidc-sdk by asgardeo.

the class DefaultOIDCManager method handleAuthentication.

private boolean handleAuthentication(final HttpServletRequest request, SessionContext authenticationInfo, Nonce nonce) throws SSOAgentServerException {
    AuthorizationResponse authorizationResponse;
    AuthorizationCode authorizationCode;
    AuthorizationSuccessResponse successResponse;
    TokenRequest tokenRequest;
    TokenResponse tokenResponse;
    try {
        authorizationResponse = AuthorizationResponse.parse(ServletUtils.createHTTPRequest(request));
        if (!authorizationResponse.indicatesSuccess()) {
            handleErrorAuthorizationResponse(authorizationResponse);
            return false;
        }
        successResponse = authorizationResponse.toSuccessResponse();
        authorizationCode = successResponse.getAuthorizationCode();
        tokenRequest = getTokenRequest(authorizationCode);
        tokenResponse = getTokenResponse(tokenRequest);
        if (!tokenResponse.indicatesSuccess()) {
            handleErrorTokenResponse(tokenRequest, tokenResponse);
            return false;
        }
        handleSuccessTokenResponse(tokenResponse, authenticationInfo, nonce);
        return true;
    } catch (com.nimbusds.oauth2.sdk.ParseException | SSOAgentServerException | IOException e) {
        throw new SSOAgentServerException(e.getMessage(), e);
    }
}
Also used : AuthorizationCode(com.nimbusds.oauth2.sdk.AuthorizationCode) AccessTokenResponse(com.nimbusds.oauth2.sdk.AccessTokenResponse) TokenResponse(com.nimbusds.oauth2.sdk.TokenResponse) TokenRequest(com.nimbusds.oauth2.sdk.TokenRequest) AuthorizationSuccessResponse(com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse) SSOAgentServerException(io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException) ParseException(java.text.ParseException) IOException(java.io.IOException) AuthorizationResponse(com.nimbusds.oauth2.sdk.AuthorizationResponse)

Example 3 with AuthorizationSuccessResponse

use of com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse in project sandbox by backpaper0.

the class OAuth2Filter method handleAuthorization.

private Optional<AuthorizationSuccessResponse> handleAuthorization(HttpServletRequest req) throws Exception {
    final Map<String, List<String>> params = req.getParameterMap().entrySet().stream().collect(Collectors.toMap(Map.Entry::getKey, a -> List.of(a.getValue())));
    final URI redirectURI = URI.create(req.getRequestURI());
    final AuthorizationResponse response = AuthorizationResponse.parse(redirectURI, params);
    if (response.indicatesSuccess() == false) {
        return Optional.empty();
    }
    return Optional.of((AuthorizationSuccessResponse) response);
}
Also used : FilterChain(javax.servlet.FilterChain) ServletException(javax.servlet.ServletException) ClientAuthentication(com.nimbusds.oauth2.sdk.auth.ClientAuthentication) HttpRequest(java.net.http.HttpRequest) JSONParser(net.minidev.json.parser.JSONParser) ResponseType(com.nimbusds.oauth2.sdk.ResponseType) Secret(com.nimbusds.oauth2.sdk.auth.Secret) HttpServletRequest(javax.servlet.http.HttpServletRequest) ClientSecretBasic(com.nimbusds.oauth2.sdk.auth.ClientSecretBasic) Map(java.util.Map) TokenResponse(com.nimbusds.oauth2.sdk.TokenResponse) HttpClient(java.net.http.HttpClient) Filter(javax.servlet.Filter) URI(java.net.URI) AccessTokenResponse(com.nimbusds.oauth2.sdk.AccessTokenResponse) HttpResponse(java.net.http.HttpResponse) HttpSession(javax.servlet.http.HttpSession) ClientID(com.nimbusds.oauth2.sdk.id.ClientID) ServletRequest(javax.servlet.ServletRequest) HTTPRequest(com.nimbusds.oauth2.sdk.http.HTTPRequest) AuthorizationGrant(com.nimbusds.oauth2.sdk.AuthorizationGrant) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthorizationCodeGrant(com.nimbusds.oauth2.sdk.AuthorizationCodeGrant) Scope(com.nimbusds.oauth2.sdk.Scope) Tokens(com.nimbusds.oauth2.sdk.token.Tokens) State(com.nimbusds.oauth2.sdk.id.State) IOException(java.io.IOException) Collectors(java.util.stream.Collectors) AuthorizationResponse(com.nimbusds.oauth2.sdk.AuthorizationResponse) AuthorizationSuccessResponse(com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse) TokenRequest(com.nimbusds.oauth2.sdk.TokenRequest) AuthorizationRequest(com.nimbusds.oauth2.sdk.AuthorizationRequest) List(java.util.List) AuthorizationCode(com.nimbusds.oauth2.sdk.AuthorizationCode) HTTPResponse(com.nimbusds.oauth2.sdk.http.HTTPResponse) ServletResponse(javax.servlet.ServletResponse) JSONObject(net.minidev.json.JSONObject) FilterConfig(javax.servlet.FilterConfig) Optional(java.util.Optional) List(java.util.List) Map(java.util.Map) URI(java.net.URI) AuthorizationResponse(com.nimbusds.oauth2.sdk.AuthorizationResponse)

Example 4 with AuthorizationSuccessResponse

use of com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse in project sandbox by backpaper0.

the class OAuth2Filter method doCallback.

private void doCallback(HttpServletRequest req, HttpServletResponse resp) throws Exception {
    final var authorizationResponse = handleAuthorization(req);
    if (authorizationResponse.isEmpty()) {
        resp.sendError(401);
        return;
    }
    final AuthorizationSuccessResponse response = authorizationResponse.get();
    final var requestedURI = extractRequestedURI(req, response.getState());
    if (requestedURI.isEmpty()) {
        resp.sendError(401);
        return;
    }
    final var accessTokenResponse = getAccessToken(response.getAuthorizationCode());
    if (accessTokenResponse.isEmpty()) {
        resp.sendError(401);
        return;
    }
    final var username = getUsername(accessTokenResponse.get().getTokens());
    if (username.isEmpty()) {
        resp.sendError(401);
        return;
    }
    req.getSession().setAttribute("user", username.get());
    resp.sendRedirect(requestedURI.get());
}
Also used : AuthorizationSuccessResponse(com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse)

Example 5 with AuthorizationSuccessResponse

use of com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse in project Kustvakt by KorAP.

the class OpenIdAuthorizationService method requestAuthorizationCode.

public URI requestAuthorizationCode(MultivaluedMap<String, String> map, String username, boolean isAuthentication, ZonedDateTime authenticationTime) throws KustvaktException, ParseException {
    AuthorizationCode code = new AuthorizationCode();
    URI redirectUri = null;
    if (isAuthentication) {
        AuthenticationRequest authRequest = null;
        authRequest = AuthenticationRequest.parse((Map<String, List<String>>) map);
        redirectUri = handleAuthenticationRequest(authRequest, code, username, authenticationTime);
        return new AuthenticationSuccessResponse(redirectUri, code, null, null, authRequest.getState(), null, null).toURI();
    } else {
        AuthorizationRequest authzRequest = AuthorizationRequest.parse((Map<String, List<String>>) map);
        redirectUri = handleAuthorizationRequest(authzRequest, code, username, authenticationTime, null);
        return new AuthorizationSuccessResponse(redirectUri, code, null, authzRequest.getState(), null).toURI();
    }
}
Also used : AuthorizationCode(com.nimbusds.oauth2.sdk.AuthorizationCode) AuthorizationRequest(com.nimbusds.oauth2.sdk.AuthorizationRequest) List(java.util.List) AuthorizationSuccessResponse(com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse) AuthenticationRequest(com.nimbusds.openid.connect.sdk.AuthenticationRequest) URI(java.net.URI) Map(java.util.Map) MultivaluedMap(javax.ws.rs.core.MultivaluedMap) AuthenticationSuccessResponse(com.nimbusds.openid.connect.sdk.AuthenticationSuccessResponse)

Aggregations

AuthorizationSuccessResponse (com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse)7 AuthorizationCode (com.nimbusds.oauth2.sdk.AuthorizationCode)5 AuthorizationResponse (com.nimbusds.oauth2.sdk.AuthorizationResponse)5 AccessTokenResponse (com.nimbusds.oauth2.sdk.AccessTokenResponse)3 TokenResponse (com.nimbusds.oauth2.sdk.TokenResponse)3 HTTPRequest (com.nimbusds.oauth2.sdk.http.HTTPRequest)3 IOException (java.io.IOException)3 AuthorizationRequest (com.nimbusds.oauth2.sdk.AuthorizationRequest)2 TokenRequest (com.nimbusds.oauth2.sdk.TokenRequest)2 ServletUtils (com.nimbusds.oauth2.sdk.http.ServletUtils)2 State (com.nimbusds.oauth2.sdk.id.State)2 Tokens (com.nimbusds.oauth2.sdk.token.Tokens)2 URI (java.net.URI)2 List (java.util.List)2 Map (java.util.Map)2 HttpSession (javax.servlet.http.HttpSession)2 JWT (com.nimbusds.jwt.JWT)1 AuthorizationCodeGrant (com.nimbusds.oauth2.sdk.AuthorizationCodeGrant)1 AuthorizationGrant (com.nimbusds.oauth2.sdk.AuthorizationGrant)1 ResponseType (com.nimbusds.oauth2.sdk.ResponseType)1