use of com.nimbusds.oauth2.sdk in project asgardeo-java-oidc-sdk by asgardeo.
the class DefaultOIDCManager method handleAuthentication.
private boolean handleAuthentication(final HttpServletRequest request, SessionContext authenticationInfo, Nonce nonce) throws SSOAgentServerException {
AuthorizationResponse authorizationResponse;
AuthorizationCode authorizationCode;
AuthorizationSuccessResponse successResponse;
TokenRequest tokenRequest;
TokenResponse tokenResponse;
try {
authorizationResponse = AuthorizationResponse.parse(ServletUtils.createHTTPRequest(request));
if (!authorizationResponse.indicatesSuccess()) {
handleErrorAuthorizationResponse(authorizationResponse);
return false;
}
successResponse = authorizationResponse.toSuccessResponse();
authorizationCode = successResponse.getAuthorizationCode();
tokenRequest = getTokenRequest(authorizationCode);
tokenResponse = getTokenResponse(tokenRequest);
if (!tokenResponse.indicatesSuccess()) {
handleErrorTokenResponse(tokenRequest, tokenResponse);
return false;
}
handleSuccessTokenResponse(tokenResponse, authenticationInfo, nonce);
return true;
} catch (com.nimbusds.oauth2.sdk.ParseException | SSOAgentServerException | IOException e) {
throw new SSOAgentServerException(e.getMessage(), e);
}
}
use of com.nimbusds.oauth2.sdk in project asgardeo-java-oidc-sdk by asgardeo.
the class DefaultOIDCManager method getTokenResponse.
private TokenResponse getTokenResponse(TokenRequest tokenRequest) throws SSOAgentServerException {
TokenResponse tokenResponse;
try {
HTTPRequest tokenHTTPRequest = tokenRequest.toHTTPRequest();
tokenHTTPRequest.setConnectTimeout(oidcAgentConfig.getHttpConnectTimeout());
tokenHTTPRequest.setReadTimeout(oidcAgentConfig.getHttpReadTimeout());
tokenResponse = TokenResponse.parse(tokenHTTPRequest.send());
} catch (com.nimbusds.oauth2.sdk.ParseException | IOException e) {
throw new SSOAgentServerException(e.getMessage(), e);
}
return tokenResponse;
}
use of com.nimbusds.oauth2.sdk in project spring-security by spring-projects.
the class NimbusAuthorizationCodeTokenResponseClient method getTokenResponse.
private com.nimbusds.oauth2.sdk.TokenResponse getTokenResponse(AuthorizationGrant authorizationCodeGrant, URI tokenUri, ClientAuthentication clientAuthentication) {
try {
// Send the Access Token request
TokenRequest tokenRequest = new TokenRequest(tokenUri, clientAuthentication, authorizationCodeGrant);
HTTPRequest httpRequest = tokenRequest.toHTTPRequest();
httpRequest.setAccept(MediaType.APPLICATION_JSON_VALUE);
httpRequest.setConnectTimeout(30000);
httpRequest.setReadTimeout(30000);
return com.nimbusds.oauth2.sdk.TokenResponse.parse(httpRequest.send());
} catch (ParseException | IOException ex) {
OAuth2Error oauth2Error = new OAuth2Error(INVALID_TOKEN_RESPONSE_ERROR_CODE, "An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: " + ex.getMessage(), null);
throw new OAuth2AuthorizationException(oauth2Error, ex);
}
}
use of com.nimbusds.oauth2.sdk in project di-authentication-api by alphagov.
the class TokenService method generateIDToken.
private SignedJWT generateIDToken(String clientId, Subject publicSubject, Map<String, Object> additionalTokenClaims, AccessTokenHash accessTokenHash, String vot) {
attachLogFieldToLogs(CLIENT_ID, clientId);
LOG.info("Generating IdToken");
URI trustMarkUri = buildURI(configService.getBaseURL().get(), "/trustmark");
LocalDateTime localDateTime = LocalDateTime.now().plusSeconds(configService.getIDTokenExpiry());
Date expiryDate = Date.from(localDateTime.atZone(ZoneId.of("UTC")).toInstant());
IDTokenClaimsSet idTokenClaims = new IDTokenClaimsSet(new Issuer(configService.getBaseURL().get()), publicSubject, List.of(new Audience(clientId)), expiryDate, new Date());
idTokenClaims.setAccessTokenHash(accessTokenHash);
idTokenClaims.putAll(additionalTokenClaims);
idTokenClaims.setClaim("vot", vot);
idTokenClaims.setClaim("vtm", trustMarkUri.toString());
try {
return generateSignedJWT(idTokenClaims.toJWTClaimsSet());
} catch (com.nimbusds.oauth2.sdk.ParseException e) {
LOG.error("Error when trying to parse IDTokenClaims to JWTClaimSet", e);
throw new RuntimeException(e);
}
}
use of com.nimbusds.oauth2.sdk in project kf-key-management by kids-first.
the class FenceService method refreshTokens.
public Mono<OIDCTokens> refreshTokens(String refreshToken, AllFences.Fence fence) {
Mono<Optional<OIDCTokens>> blockingWrapper = Mono.fromCallable(() -> {
val clientId = fence.getClientId();
val clientSecret = fence.getClientSecret();
val fenceEndpoint = fence.getTokenEndpoint();
val request = new TokenRequest(new URI(fenceEndpoint), new ClientSecretBasic(new ClientID(clientId), new com.nimbusds.oauth2.sdk.auth.Secret(clientSecret)), new RefreshTokenGrant(new RefreshToken(refreshToken)));
val fenceResponse = request.toHTTPRequest().send();
if (fenceResponse.indicatesSuccess()) {
val tokens = OIDCTokenResponse.parse(fenceResponse).toSuccessResponse().getOIDCTokens();
return Optional.of(tokens);
}
return Optional.empty();
});
return blockingWrapper.subscribeOn(Schedulers.boundedElastic()).flatMap(o -> o.map(Mono::just).orElseGet(Mono::empty));
}
Aggregations