Examples with ClaimsRequest com.nimbusds.openid.connect.sdk.ClaimsRequest used on opensource projects

Search in sources :

Example 1 with ClaimsRequest

use of com.nimbusds.openid.connect.sdk.ClaimsRequest in project OpenConext-oidcng by OpenConext.

the class JWTRequestTest method fullBlown.

@Test
public void fullBlown() throws Exception {
    OpenIDClient client = getClient();
    setCertificateFields(client, getStrippedCertificate(), null, null);
    String keyID = getCertificateKeyID(client);
    SignedJWT signedJWT = signedJWT(client.getClientId(), keyID, client.getRedirectUrls().get(0));
    ClaimsRequest claimsRequest = new ClaimsRequest();
    claimsRequest.addIDTokenClaim("email");
    List<LangTag> langTags = Collections.singletonList(new LangTag("en"));
    List<ACR> acrValues = Collections.singletonList(new ACR("loa"));
    AuthenticationRequest authenticationRequest = new AuthenticationRequest(new URI("http://localhost/authorize"), ResponseType.getDefault(), ResponseMode.FRAGMENT, new Scope("openid"), new ClientID(client.getClientId()), new URI(client.getRedirectUrls().get(0)), new State("state"), new Nonce("nonce"), Display.getDefault(), Prompt.parse("consent"), 1200, langTags, langTags, null, "hint", acrValues, claimsRequest, "purpose", signedJWT, null, CodeChallenge.compute(CodeChallengeMethod.S256, new CodeVerifier()), CodeChallengeMethod.S256, Collections.singletonList(new URI("http://localhost")), true, Collections.singletonMap("custom", Collections.singletonList("value")));
    authenticationRequest = JWTRequest.parse(authenticationRequest, client);
    assertEquals("login", authenticationRequest.getPrompt().toString());
}
Also used : OpenIDClient(oidc.model.OpenIDClient) SignedJWT(com.nimbusds.jwt.SignedJWT) ClaimsRequest(com.nimbusds.openid.connect.sdk.ClaimsRequest) URI(java.net.URI) ACR(com.nimbusds.openid.connect.sdk.claims.ACR) Nonce(com.nimbusds.openid.connect.sdk.Nonce) LangTag(com.nimbusds.langtag.LangTag) CodeVerifier(com.nimbusds.oauth2.sdk.pkce.CodeVerifier) Scope(com.nimbusds.oauth2.sdk.Scope) State(com.nimbusds.oauth2.sdk.id.State) ClientID(com.nimbusds.oauth2.sdk.id.ClientID) AuthenticationRequest(com.nimbusds.openid.connect.sdk.AuthenticationRequest) Test(org.junit.Test)

Example 2 with ClaimsRequest

use of com.nimbusds.openid.connect.sdk.ClaimsRequest in project OpenConext-oidcng by OpenConext.

the class OidcEndpoint method getClaims.

default List<String> getClaims(AuthorizationRequest authorizationRequest) {
    List<String> idTokenClaims = new ArrayList<>();
    if (isOpenIDRequest(authorizationRequest)) {
        AuthenticationRequest authenticationRequest = (AuthenticationRequest) authorizationRequest;
        ClaimsRequest claimsRequest = authenticationRequest.getClaims();
        if (claimsRequest != null) {
            idTokenClaims.addAll(claimsRequest.getIDTokenClaims().stream().map(entry -> entry.getClaimName()).collect(Collectors.toList()));
        }
    }
    return idTokenClaims;
}
Also used : ArrayList(java.util.ArrayList) AuthenticationRequest(com.nimbusds.openid.connect.sdk.AuthenticationRequest) ClaimsRequest(com.nimbusds.openid.connect.sdk.ClaimsRequest)

Example 3 with ClaimsRequest

use of com.nimbusds.openid.connect.sdk.ClaimsRequest in project OpenConext-oidcng by OpenConext.

the class SignedJWTTest method getJwtClaimsSet.

default JWTClaimsSet getJwtClaimsSet(String clientId, String redirectURI) {
    Instant instant = Clock.systemDefaultZone().instant();
    ClaimsRequest claimsRequest = new ClaimsRequest();
    claimsRequest.addIDTokenClaim("email");
    JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder().audience("audience").expirationTime(Date.from(instant.plus(3600, ChronoUnit.SECONDS))).jwtID(UUID.randomUUID().toString()).issuer(clientId).issueTime(Date.from(instant)).subject(clientId).notBeforeTime(new Date(System.currentTimeMillis())).claim("redirect_uri", redirectURI).claim("scope", "openid groups").claim("nonce", "123456").claim("state", "new").claim("prompt", "login").claim("claims", claimsRequest.toString()).claim("acr_values", "loa1 loa2 loa3");
    JWTClaimsSet claimsSet = builder.build();
    return claimsSet;
}
Also used : JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) Instant(java.time.Instant) ClaimsRequest(com.nimbusds.openid.connect.sdk.ClaimsRequest) Date(java.util.Date)

Example 4 with ClaimsRequest

use of com.nimbusds.openid.connect.sdk.ClaimsRequest in project OpenConext-oidcng by OpenConext.

the class AbstractIntegrationTest method doAuthorizeQueryParameters.

protected Response doAuthorizeQueryParameters(String clientId, String responseType, String responseMode, String nonce, String codeChallenge, List<String> claims, String scopes, String state, String codeChallengeMethod, JWT signedJWT, String requestURL) throws IOException {
    Map<String, String> queryParams = new HashMap<>();
    queryParams.put("scope", scopes);
    queryParams.put("response_type", responseType);
    queryParams.put("client_id", clientId);
    if (StringUtils.hasText(clientId)) {
        queryParams.put("redirect_uri", openIDClient(clientId).getRedirectUrls().get(0));
    }
    queryParams.put("state", state);
    if (StringUtils.hasText(responseMode)) {
        queryParams.put("response_mode", responseMode);
    }
    if (StringUtils.hasText(nonce)) {
        queryParams.put("nonce", nonce);
    }
    if (StringUtils.hasText(codeChallenge)) {
        queryParams.put("code_challenge", codeChallenge);
        queryParams.put("code_challenge_method", codeChallengeMethod);
    }
    if (!CollectionUtils.isEmpty(claims)) {
        ClaimsRequest claimsRequest = new ClaimsRequest();
        claims.forEach(claim -> claimsRequest.addIDTokenClaim(claim));
        String claimsRequestString = claimsRequest.toString();
        queryParams.put("claims", claimsRequestString);
    }
    if (signedJWT != null) {
        queryParams.put("request", signedJWT.serialize());
    }
    if (StringUtils.hasText(requestURL)) {
        queryParams.put("request_uri", requestURL);
    }
    Response response = given().redirects().follow(false).when().header("Content-type", "application/json").queryParams(queryParams).get("oidc/authorize");
    return response;
}
Also used : Response(io.restassured.response.Response) HashMap(java.util.HashMap) ClaimsRequest(com.nimbusds.openid.connect.sdk.ClaimsRequest)

Aggregations

ClaimsRequest (com.nimbusds.openid.connect.sdk.ClaimsRequest)4 AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)2 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)1 SignedJWT (com.nimbusds.jwt.SignedJWT)1 LangTag (com.nimbusds.langtag.LangTag)1 Scope (com.nimbusds.oauth2.sdk.Scope)1 ClientID (com.nimbusds.oauth2.sdk.id.ClientID)1 State (com.nimbusds.oauth2.sdk.id.State)1 CodeVerifier (com.nimbusds.oauth2.sdk.pkce.CodeVerifier)1 Nonce (com.nimbusds.openid.connect.sdk.Nonce)1 ACR (com.nimbusds.openid.connect.sdk.claims.ACR)1 Response (io.restassured.response.Response)1 URI (java.net.URI)1 Instant (java.time.Instant)1 ArrayList (java.util.ArrayList)1 Date (java.util.Date)1 HashMap (java.util.HashMap)1 OpenIDClient (oidc.model.OpenIDClient)1 Test (org.junit.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial