Example 1 with IDTokenValidator
use of io.asgardeo.java.oidc.sdk.validators.IDTokenValidator in project product-mi-tooling by wso2.
the class JWTSecurityHandler method isAuthenticated.
@Override
public boolean isAuthenticated(SSOConfig config, String token) {
JWT idTokenJWT = null;
try {
idTokenJWT = JWTParser.parse(token);
if (config.getOidcAgentConfig().getJwksEndpoint() == null) {
config.getOidcAgentConfig().setJwksEndpoint(getJWKSEndpointFromWellKnownEndpoint(config.getWellKnownEndpoint()));
}
IDTokenValidator validator = new IDTokenValidator(config.getOidcAgentConfig(), idTokenJWT);
validator.validate(null);
return true;
} catch (DashboardServerException | ParseException | SSOAgentServerException e) {
if (logger.isDebugEnabled()) {
logger.error("Error validating the access token", e);
}
}
return false;
}
Also used :
JWT(com.nimbusds.jwt.JWT)
SSOAgentServerException(io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException)
ParseException(java.text.ParseException)
DashboardServerException(org.wso2.ei.dashboard.core.exception.DashboardServerException)
IDTokenValidator(io.asgardeo.java.oidc.sdk.validators.IDTokenValidator)
Example 2 with IDTokenValidator
use of io.asgardeo.java.oidc.sdk.validators.IDTokenValidator in project asgardeo-java-oidc-sdk by asgardeo.
the class DefaultOIDCManagerTest method setUp.
@BeforeMethod
public void setUp() throws Exception {
mockServer = ClientAndServer.startClientAndServer(9441);
Issuer issuer = new Issuer("issuer");
ClientID clientID = new ClientID("sampleClientId");
Secret clientSecret = new Secret("sampleClientSecret");
URI callbackURI = new URI("http://localhost:9441/sampleCallbackURL");
URI tokenEPURI = new URI("http://localhost:9441/sampleTokenEP");
URI jwksURI = new URI("http://localhost:9441/jwksEP");
URI logoutEP = new URI("http://test/sampleLogoutEP");
Scope scope = new Scope("sampleScope1", "openid");
JWT idToken = JWTParser.parse("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwia" + "WF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c");
request = mock(HttpServletRequest.class);
response = mock(HttpServletResponse.class);
requestResolver = mock(OIDCRequestResolver.class);
sessionContext = mock(SessionContext.class);
oidcAgentConfig.setConsumerKey(clientID);
oidcAgentConfig.setConsumerSecret(clientSecret);
oidcAgentConfig.setCallbackUrl(callbackURI);
oidcAgentConfig.setTokenEndpoint(tokenEPURI);
oidcAgentConfig.setLogoutEndpoint(logoutEP);
oidcAgentConfig.setScope(scope);
oidcAgentConfig.setIssuer(issuer);
oidcAgentConfig.setJwksEndpoint(jwksURI);
when(sessionContext.getIdToken()).thenReturn(idToken.getParsedString());
IDTokenClaimsSet claimsSet = mock(IDTokenClaimsSet.class);
IDTokenValidator idTokenValidator = mock(IDTokenValidator.class);
com.nimbusds.openid.connect.sdk.validators.IDTokenValidator validator = mock(com.nimbusds.openid.connect.sdk.validators.IDTokenValidator.class);
PowerMockito.whenNew(IDTokenValidator.class).withAnyArguments().thenReturn(idTokenValidator);
PowerMockito.whenNew(com.nimbusds.openid.connect.sdk.validators.IDTokenValidator.class).withAnyArguments().thenReturn(validator);
when(validator.validate(any(JWT.class), any(Nonce.class))).thenReturn(claimsSet);
Mockito.when(idTokenValidator.validate(any(Nonce.class))).thenReturn(claimsSet);
Mockito.when(claimsSet.getSubject()).thenReturn(new Subject("alex@carbon.super"));
}
Also used :
Issuer(com.nimbusds.oauth2.sdk.id.Issuer)
JWT(com.nimbusds.jwt.JWT)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
IDTokenClaimsSet(com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet)
URI(java.net.URI)
Subject(com.nimbusds.oauth2.sdk.id.Subject)
Secret(com.nimbusds.oauth2.sdk.auth.Secret)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Nonce(com.nimbusds.openid.connect.sdk.Nonce)
Scope(com.nimbusds.oauth2.sdk.Scope)
ClientID(com.nimbusds.oauth2.sdk.id.ClientID)
OIDCRequestResolver(io.asgardeo.java.oidc.sdk.request.OIDCRequestResolver)
SessionContext(io.asgardeo.java.oidc.sdk.bean.SessionContext)
IDTokenValidator(io.asgardeo.java.oidc.sdk.validators.IDTokenValidator)
BeforeMethod(org.testng.annotations.BeforeMethod)
Example 3 with IDTokenValidator
use of io.asgardeo.java.oidc.sdk.validators.IDTokenValidator in project asgardeo-java-oidc-sdk by asgardeo.
the class DefaultOIDCManager method handleSuccessTokenResponse.
private void handleSuccessTokenResponse(TokenResponse tokenResponse, SessionContext sessionContext, Nonce nonce) throws SSOAgentServerException {
AccessTokenResponse successResponse = tokenResponse.toSuccessResponse();
AccessToken accessToken = successResponse.getTokens().getAccessToken();
RefreshToken refreshToken = successResponse.getTokens().getRefreshToken();
String idToken;
try {
idToken = successResponse.getCustomParameters().get(SSOAgentConstants.ID_TOKEN).toString();
} catch (NullPointerException e) {
logger.log(Level.ERROR, "id_token is null.");
throw new SSOAgentServerException(SSOAgentConstants.ErrorMessages.ID_TOKEN_NULL.getMessage(), SSOAgentConstants.ErrorMessages.ID_TOKEN_NULL.getCode(), e);
}
try {
JWT idTokenJWT = JWTParser.parse(idToken);
IDTokenValidator idTokenValidator = new IDTokenValidator(oidcAgentConfig, idTokenJWT);
IDTokenClaimsSet claimsSet = idTokenValidator.validate(nonce);
User user = new User(claimsSet.getSubject().getValue(), getUserAttributes(idToken));
sessionContext.setIdToken(idTokenJWT.getParsedString());
sessionContext.setUser(user);
sessionContext.setAccessToken(accessToken.toJSONString());
if (refreshToken != null) {
sessionContext.setRefreshToken(refreshToken.getValue());
}
} catch (ParseException e) {
throw new SSOAgentServerException(SSOAgentConstants.ErrorMessages.ID_TOKEN_PARSE.getMessage(), SSOAgentConstants.ErrorMessages.ID_TOKEN_PARSE.getCode(), e);
}
}
Also used :
RefreshToken(com.nimbusds.oauth2.sdk.token.RefreshToken)
User(io.asgardeo.java.oidc.sdk.bean.User)
AccessToken(com.nimbusds.oauth2.sdk.token.AccessToken)
JWT(com.nimbusds.jwt.JWT)
SignedJWT(com.nimbusds.jwt.SignedJWT)
SSOAgentServerException(io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException)
IDTokenClaimsSet(com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet)
ParseException(java.text.ParseException)
AccessTokenResponse(com.nimbusds.oauth2.sdk.AccessTokenResponse)
IDTokenValidator(io.asgardeo.java.oidc.sdk.validators.IDTokenValidator)
Aggregations
JWT (com.nimbusds.jwt.JWT)3
IDTokenValidator (io.asgardeo.java.oidc.sdk.validators.IDTokenValidator)3
IDTokenClaimsSet (com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet)2
SSOAgentServerException (io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException)2
ParseException (java.text.ParseException)2
SignedJWT (com.nimbusds.jwt.SignedJWT)1
AccessTokenResponse (com.nimbusds.oauth2.sdk.AccessTokenResponse)1
Scope (com.nimbusds.oauth2.sdk.Scope)1
Secret (com.nimbusds.oauth2.sdk.auth.Secret)1
ClientID (com.nimbusds.oauth2.sdk.id.ClientID)1
Issuer (com.nimbusds.oauth2.sdk.id.Issuer)1
Subject (com.nimbusds.oauth2.sdk.id.Subject)1
AccessToken (com.nimbusds.oauth2.sdk.token.AccessToken)1
RefreshToken (com.nimbusds.oauth2.sdk.token.RefreshToken)1
Nonce (com.nimbusds.openid.connect.sdk.Nonce)1
SessionContext (io.asgardeo.java.oidc.sdk.bean.SessionContext)1
User (io.asgardeo.java.oidc.sdk.bean.User)1
OIDCRequestResolver (io.asgardeo.java.oidc.sdk.request.OIDCRequestResolver)1
URI (java.net.URI)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
