Examples with SSOAgentServerException io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException used on opensource projects

Search in sources :

Example 1 with SSOAgentServerException

use of io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException in project product-mi-tooling by wso2.

the class JWTSecurityHandler method isAuthenticated.

@Override
public boolean isAuthenticated(SSOConfig config, String token) {
    JWT idTokenJWT = null;
    try {
        idTokenJWT = JWTParser.parse(token);
        if (config.getOidcAgentConfig().getJwksEndpoint() == null) {
            config.getOidcAgentConfig().setJwksEndpoint(getJWKSEndpointFromWellKnownEndpoint(config.getWellKnownEndpoint()));
        }
        IDTokenValidator validator = new IDTokenValidator(config.getOidcAgentConfig(), idTokenJWT);
        validator.validate(null);
        return true;
    } catch (DashboardServerException | ParseException | SSOAgentServerException e) {
        if (logger.isDebugEnabled()) {
            logger.error("Error validating the access token", e);
        }
    }
    return false;
}
Also used : JWT(com.nimbusds.jwt.JWT) SSOAgentServerException(io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException) ParseException(java.text.ParseException) DashboardServerException(org.wso2.ei.dashboard.core.exception.DashboardServerException) IDTokenValidator(io.asgardeo.java.oidc.sdk.validators.IDTokenValidator)

Example 2 with SSOAgentServerException

use of io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException in project asgardeo-java-oidc-sdk by asgardeo.

the class IDTokenValidator method validate.

public IDTokenClaimsSet validate(Nonce expectedNonce) throws SSOAgentServerException {
    JWSAlgorithm jwsAlgorithm = validateJWSAlgorithm(idToken);
    com.nimbusds.openid.connect.sdk.validators.IDTokenValidator validator = getIDTokenValidator(jwsAlgorithm);
    IDTokenClaimsSet claims;
    try {
        claims = validator.validate(idToken, expectedNonce);
        validateAudience(claims);
    } catch (JOSEException | BadJOSEException e) {
        throw new SSOAgentServerException(e.getMessage(), e.getCause());
    }
    return claims;
}
Also used : BadJOSEException(com.nimbusds.jose.proc.BadJOSEException) SSOAgentServerException(io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException) IDTokenClaimsSet(com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet) JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm) JOSEException(com.nimbusds.jose.JOSEException) BadJOSEException(com.nimbusds.jose.proc.BadJOSEException)

Example 3 with SSOAgentServerException

use of io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException in project asgardeo-java-oidc-sdk by asgardeo.

the class IDTokenValidator method validateJWSAlgorithm.

private JWSAlgorithm validateJWSAlgorithm(JWT idToken) throws SSOAgentServerException {
    JWSAlgorithm jwsAlgorithm = (JWSAlgorithm) idToken.getHeader().getAlgorithm();
    JWSAlgorithm expectedJWSAlgorithm = oidcAgentConfig.getSignatureAlgorithm();
    if (expectedJWSAlgorithm == null) {
        if (JWSAlgorithm.RS256.equals(jwsAlgorithm)) {
            return jwsAlgorithm;
        } else {
            throw new SSOAgentServerException(String.format("Signed JWT rejected. Provided signature algorithm: " + "%s is not the default of RS256.", jwsAlgorithm.getName()));
        }
    } else if (!expectedJWSAlgorithm.equals(jwsAlgorithm)) {
        throw new SSOAgentServerException(String.format("Signed JWT rejected: Another algorithm expected. " + "Provided signature algorithm: %s.", jwsAlgorithm.getName()));
    }
    return jwsAlgorithm;
}
Also used : SSOAgentServerException(io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException) JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm)

Example 4 with SSOAgentServerException

use of io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException in project asgardeo-java-oidc-sdk by asgardeo.

the class DefaultOIDCManager method handleOIDCCallback.

/**
 * {@inheritDoc}
 */
@Override
public SessionContext handleOIDCCallback(HttpServletRequest request, HttpServletResponse response, RequestContext requestContext) throws SSOAgentException {
    OIDCRequestResolver requestResolver = new OIDCRequestResolver(request, oidcAgentConfig);
    SessionContext sessionContext = new SessionContext();
    Nonce nonce = requestContext.getNonce();
    try {
        if (requestResolver.isAuthorizationCodeResponse()) {
            // Auth code is received.
            logger.log(Level.TRACE, "Handling the OIDC Authorization response.");
            boolean isAuthenticated = handleAuthentication(request, sessionContext, nonce);
            if (isAuthenticated) {
                logger.log(Level.TRACE, "Authentication successful. Redirecting to the target page.");
                return sessionContext;
            }
        } else if (requestResolver.isError()) {
            // Error occurred.
            if (StringUtils.isNotEmpty(request.getParameter(SSOAgentConstants.ERROR_DESCRIPTION))) {
                logger.log(Level.ERROR, "Authentication unsuccessful. Error description: " + request.getParameter(SSOAgentConstants.ERROR_DESCRIPTION));
                throw new SSOAgentServerException(request.getParameter(SSOAgentConstants.ERROR_DESCRIPTION), SSOAgentConstants.ErrorMessages.AUTHENTICATION_FAILED.getCode());
            }
        } else {
            // Successful logout.
            sessionContext.getAdditionalParams().put(SSOAgentConstants.IS_LOGOUT, true);
            return sessionContext;
        }
        logger.log(Level.ERROR, "Authentication unsuccessful. Clearing the active session and redirecting.");
        throw new SSOAgentServerException(SSOAgentConstants.ErrorMessages.AUTHENTICATION_FAILED.getMessage(), SSOAgentConstants.ErrorMessages.AUTHENTICATION_FAILED.getCode());
    } catch (SSOAgentServerException e) {
        throw new SSOAgentException(e.getMessage(), e.getErrorCode());
    }
}
Also used : Nonce(com.nimbusds.openid.connect.sdk.Nonce) SSOAgentException(io.asgardeo.java.oidc.sdk.exception.SSOAgentException) OIDCRequestResolver(io.asgardeo.java.oidc.sdk.request.OIDCRequestResolver) SessionContext(io.asgardeo.java.oidc.sdk.bean.SessionContext) SSOAgentServerException(io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException)

Example 5 with SSOAgentServerException

use of io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException in project asgardeo-java-oidc-sdk by asgardeo.

the class DefaultOIDCManager method handleAuthentication.

private boolean handleAuthentication(final HttpServletRequest request, SessionContext authenticationInfo, Nonce nonce) throws SSOAgentServerException {
    AuthorizationResponse authorizationResponse;
    AuthorizationCode authorizationCode;
    AuthorizationSuccessResponse successResponse;
    TokenRequest tokenRequest;
    TokenResponse tokenResponse;
    try {
        authorizationResponse = AuthorizationResponse.parse(ServletUtils.createHTTPRequest(request));
        if (!authorizationResponse.indicatesSuccess()) {
            handleErrorAuthorizationResponse(authorizationResponse);
            return false;
        }
        successResponse = authorizationResponse.toSuccessResponse();
        authorizationCode = successResponse.getAuthorizationCode();
        tokenRequest = getTokenRequest(authorizationCode);
        tokenResponse = getTokenResponse(tokenRequest);
        if (!tokenResponse.indicatesSuccess()) {
            handleErrorTokenResponse(tokenRequest, tokenResponse);
            return false;
        }
        handleSuccessTokenResponse(tokenResponse, authenticationInfo, nonce);
        return true;
    } catch (com.nimbusds.oauth2.sdk.ParseException | SSOAgentServerException | IOException e) {
        throw new SSOAgentServerException(e.getMessage(), e);
    }
}
Also used : AuthorizationCode(com.nimbusds.oauth2.sdk.AuthorizationCode) AccessTokenResponse(com.nimbusds.oauth2.sdk.AccessTokenResponse) TokenResponse(com.nimbusds.oauth2.sdk.TokenResponse) TokenRequest(com.nimbusds.oauth2.sdk.TokenRequest) AuthorizationSuccessResponse(com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse) SSOAgentServerException(io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException) ParseException(java.text.ParseException) IOException(java.io.IOException) AuthorizationResponse(com.nimbusds.oauth2.sdk.AuthorizationResponse)

Aggregations

SSOAgentServerException (io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException)12 ParseException (java.text.ParseException)6 JWT (com.nimbusds.jwt.JWT)3 AccessTokenResponse (com.nimbusds.oauth2.sdk.AccessTokenResponse)3 JOSEException (com.nimbusds.jose.JOSEException)2 JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)2 BadJOSEException (com.nimbusds.jose.proc.BadJOSEException)2 TokenResponse (com.nimbusds.oauth2.sdk.TokenResponse)2 IDTokenClaimsSet (com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet)2 RequestContext (io.asgardeo.java.oidc.sdk.bean.RequestContext)2 SessionContext (io.asgardeo.java.oidc.sdk.bean.SessionContext)2 IDTokenValidator (io.asgardeo.java.oidc.sdk.validators.IDTokenValidator)2 IOException (java.io.IOException)2 URI (java.net.URI)2 JSONObject (net.minidev.json.JSONObject)2 DefaultResourceRetriever (com.nimbusds.jose.util.DefaultResourceRetriever)1 ResourceRetriever (com.nimbusds.jose.util.ResourceRetriever)1 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)1 SignedJWT (com.nimbusds.jwt.SignedJWT)1 AuthorizationCode (com.nimbusds.oauth2.sdk.AuthorizationCode)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial