Examples with ResponseType com.nimbusds.oauth2.sdk.ResponseType used on opensource projects

Example 1 with ResponseType

use of com.nimbusds.oauth2.sdk.ResponseType in project ddf by codice.

the class OidcHandlerConfigurationImpl method setProperties.

public void setProperties(Map<String, Object> properties) {
    if (properties == null || properties.isEmpty()) {
        LOGGER.warn("Received null or empty properties. Cannot update.");
        return;
    }
    idpType = (String) properties.getOrDefault(IDP_TYPE_KEY, idpType);
    clientId = (String) properties.getOrDefault(CLIENT_ID_KEY, idpType);
    realm = (String) properties.getOrDefault(REALM_KEY, realm);
    secret = (String) properties.getOrDefault(SECRET_KEY, secret);
    discoveryUri = (String) properties.getOrDefault(DISCOVERY_URI_KEY, discoveryUri);
    baseUri = (String) properties.getOrDefault(BASE_URI_KEY, baseUri);
    scope = (String) properties.getOrDefault(SCOPE_KEY, scope);
    useNonce = (boolean) properties.getOrDefault(USE_NONCE_KEY, useNonce);
    responseType = (String) properties.getOrDefault(RESPONSE_TYPE_KEY, responseType);
    responseMode = (String) properties.getOrDefault(RESPONSE_MODE_KEY, responseMode);
    logoutUri = (String) properties.getOrDefault(LOGOUT_URI_KEY, logoutUri);
    connectTimeout = (int) properties.getOrDefault(CONNECT_TIMEOUT_KEY, connectTimeout);
    readTimeout = (int) properties.getOrDefault(READ_TIMEOUT_KEY, readTimeout);
    // TODO - Remove if fragment response_mode is supported
    if (IMPLICIT_FLOWS.contains(new ResponseType(responseType))) {
        responseMode = "form_post";
    }
    oidcConfiguration = createOidcConfiguration(idpType, realm, baseUri);
    oidcConfiguration.setClientId(clientId);
    oidcConfiguration.setDiscoveryURI(discoveryUri);
    oidcConfiguration.setSecret(secret);
    oidcConfiguration.setScope(scope);
    oidcConfiguration.setResponseType(responseType);
    oidcConfiguration.setResponseMode(responseMode);
    oidcConfiguration.setUseNonce(useNonce);
    oidcConfiguration.setLogoutUrl(logoutUri);
    oidcConfiguration.setWithState(true);
    oidcConfiguration.setConnectTimeout(connectTimeout);
    oidcConfiguration.setReadTimeout(readTimeout);
    try {
        testConnection();
    } catch (TechnicalException e) {
        LOGGER.warn("Failed to validate OIDC handler configuration. Please review configuration and ensure the auth server is reachable", e);
    }
}

Example 2 with ResponseType

use of com.nimbusds.oauth2.sdk.ResponseType in project ddf by codice.

the class OidcTokenValidator method validateAccessTokenAtHash.

/**
 * Validates the at_hash parameter in the ID token against the access token. If implicit flow is
 * used with a id_token token response type is used. The at_hash value is required.
 *
 * @param accessToken - the token to validate
 * @param idToken - the corresponding ID token
 */
private static void validateAccessTokenAtHash(AccessToken accessToken, JWT idToken, OidcConfiguration configuration) throws OidcValidationException {
    try {
        Object atHash = idToken.getJWTClaimsSet().getClaim("at_hash");
        if (atHash == null && !IMPLICIT_FLOWS.contains(new ResponseType(configuration.getResponseType()))) {
            return;
        }
        if (atHash == null) {
            String errorMessage = "at_hash value not found in response. If the ID Token is issued from the Authorization Endpoint with " + "an access_token value, which is the case for the response_type value id_token token, this is REQUIRED";
            LOGGER.error(errorMessage);
            throw new OidcValidationException(errorMessage);
        }
        JWSAlgorithm jwsAlgorithm = new JWSAlgorithm(idToken.getHeader().getAlgorithm().getName());
        AccessTokenHash accessTokenHash = new AccessTokenHash((String) atHash);
        AccessTokenValidator.validate(accessToken, jwsAlgorithm, accessTokenHash);
    } catch (Exception e) {
        LOGGER.error(ACCESS_VALIDATION_ERR_MSG, e);
        throw new OidcValidationException(ACCESS_VALIDATION_ERR_MSG, e);
    }
}