Search in sources :

Example 1 with TokenIntrospectionResponse

use of com.nimbusds.oauth2.sdk.TokenIntrospectionResponse in project spring-security by spring-projects.

the class NimbusReactiveOpaqueTokenIntrospector method castToNimbusSuccess.

private TokenIntrospectionSuccessResponse castToNimbusSuccess(TokenIntrospectionResponse introspectionResponse) {
    if (!introspectionResponse.indicatesSuccess()) {
        ErrorObject errorObject = introspectionResponse.toErrorResponse().getErrorObject();
        String message = "Token introspection failed with response " + errorObject.toJSONObject().toJSONString();
        this.logger.trace(message);
        throw new OAuth2IntrospectionException(message);
    }
    return (TokenIntrospectionSuccessResponse) introspectionResponse;
}
Also used : ErrorObject(com.nimbusds.oauth2.sdk.ErrorObject) TokenIntrospectionSuccessResponse(com.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse)

Example 2 with TokenIntrospectionResponse

use of com.nimbusds.oauth2.sdk.TokenIntrospectionResponse in project spring-security by spring-projects.

the class NimbusOpaqueTokenIntrospector method introspect.

@Override
public OAuth2AuthenticatedPrincipal introspect(String token) {
    RequestEntity<?> requestEntity = this.requestEntityConverter.convert(token);
    if (requestEntity == null) {
        throw new OAuth2IntrospectionException("requestEntityConverter returned a null entity");
    }
    ResponseEntity<String> responseEntity = makeRequest(requestEntity);
    HTTPResponse httpResponse = adaptToNimbusResponse(responseEntity);
    TokenIntrospectionResponse introspectionResponse = parseNimbusResponse(httpResponse);
    TokenIntrospectionSuccessResponse introspectionSuccessResponse = castToNimbusSuccess(introspectionResponse);
    // 'exp', for example)
    if (!introspectionSuccessResponse.isActive()) {
        this.logger.trace("Did not validate token since it is inactive");
        throw new BadOpaqueTokenException("Provided token isn't active");
    }
    return convertClaimsSet(introspectionSuccessResponse);
}
Also used : HTTPResponse(com.nimbusds.oauth2.sdk.http.HTTPResponse) TokenIntrospectionSuccessResponse(com.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse) TokenIntrospectionResponse(com.nimbusds.oauth2.sdk.TokenIntrospectionResponse)

Example 3 with TokenIntrospectionResponse

use of com.nimbusds.oauth2.sdk.TokenIntrospectionResponse in project spring-security by spring-projects.

the class NimbusOpaqueTokenIntrospector method castToNimbusSuccess.

private TokenIntrospectionSuccessResponse castToNimbusSuccess(TokenIntrospectionResponse introspectionResponse) {
    if (!introspectionResponse.indicatesSuccess()) {
        ErrorObject errorObject = introspectionResponse.toErrorResponse().getErrorObject();
        String message = "Token introspection failed with response " + errorObject.toJSONObject().toJSONString();
        this.logger.trace(message);
        throw new OAuth2IntrospectionException(message);
    }
    return (TokenIntrospectionSuccessResponse) introspectionResponse;
}
Also used : ErrorObject(com.nimbusds.oauth2.sdk.ErrorObject) TokenIntrospectionSuccessResponse(com.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse)

Aggregations

TokenIntrospectionSuccessResponse (com.nimbusds.oauth2.sdk.TokenIntrospectionSuccessResponse)3 ErrorObject (com.nimbusds.oauth2.sdk.ErrorObject)2 TokenIntrospectionResponse (com.nimbusds.oauth2.sdk.TokenIntrospectionResponse)1 HTTPResponse (com.nimbusds.oauth2.sdk.http.HTTPResponse)1