use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionService in project gravitee-access-management by gravitee-io.
the class OAuth2Provider method initRouter.
private void initRouter() {
// Create the OAuth 2.0 router
final Router oauth2Router = Router.router(vertx);
// client auth handler
final String certificateHeader = environment.getProperty(ConstantKeys.HTTP_SSL_CERTIFICATE_HEADER);
final Handler<RoutingContext> clientAuthHandler = ClientAuthHandler.create(clientSyncService, clientAssertionService, jwkService, domain, certificateHeader);
// static handler
staticHandler(oauth2Router);
// session cookie handler
sessionAndCookieHandler(oauth2Router);
// CSRF handler
csrfHandler(oauth2Router);
// CSP Handler
cspHandler(oauth2Router);
AuthenticationFlowContextHandler authenticationFlowContextHandler = new AuthenticationFlowContextHandler(authenticationFlowContextService, environment);
// Authorization endpoint
oauth2Router.route(HttpMethod.OPTIONS, "/authorize").handler(corsHandler);
oauth2Router.route(HttpMethod.GET, "/authorize").handler(corsHandler).handler(new AuthorizationRequestTransactionHandler(transactionHeader)).handler(new AuthorizationRequestParseProviderConfigurationHandler(openIDDiscoveryService)).handler(new AuthorizationRequestParseRequiredParametersHandler()).handler(new AuthorizationRequestParseClientHandler(clientSyncService)).handler(new AuthorizationRequestParseRequestObjectHandler(requestObjectService, domain, parService)).handler(new AuthorizationRequestParseIdTokenHintHandler(idTokenService)).handler(new AuthorizationRequestParseParametersHandler(domain)).handler(authenticationFlowContextHandler).handler(authenticationFlowHandler.create()).handler(new AuthorizationRequestResolveHandler(scopeManager)).handler(new AuthorizationRequestEndUserConsentHandler(userConsentService)).handler(new AuthorizationEndpoint(flow, thymeleafTemplateEngine, parService)).failureHandler(new AuthorizationRequestFailureHandler(openIDDiscoveryService, jwtService, jweService, environment));
// Authorization consent endpoint
Handler<RoutingContext> userConsentPrepareContextHandler = new UserConsentPrepareContextHandler(clientSyncService);
oauth2Router.route(HttpMethod.GET, "/consent").handler(new AuthorizationRequestParseClientHandler(clientSyncService)).handler(new AuthorizationRequestParseProviderConfigurationHandler(openIDDiscoveryService)).handler(new AuthorizationRequestParseRequestObjectHandler(requestObjectService, domain, parService)).handler(new AuthorizationRequestResolveHandler(scopeManager)).handler(userConsentPrepareContextHandler).handler(authenticationFlowContextHandler).handler(policyChainHandler.create(ExtensionPoint.PRE_CONSENT)).handler(new UserConsentEndpoint(userConsentService, thymeleafTemplateEngine, domain));
oauth2Router.route(HttpMethod.POST, "/consent").handler(new AuthorizationRequestParseClientHandler(clientSyncService)).handler(new AuthorizationRequestParseProviderConfigurationHandler(openIDDiscoveryService)).handler(new AuthorizationRequestParseRequestObjectHandler(requestObjectService, domain, parService)).handler(new AuthorizationRequestResolveHandler(scopeManager)).handler(userConsentPrepareContextHandler).handler(authenticationFlowContextHandler).handler(new UserConsentProcessHandler(userConsentService, domain)).handler(policyChainHandler.create(ExtensionPoint.POST_CONSENT)).handler(new UserConsentPostEndpoint());
oauth2Router.route("/consent").failureHandler(new UserConsentFailureHandler());
// Token endpoint
oauth2Router.route(HttpMethod.OPTIONS, "/token").handler(corsHandler);
oauth2Router.route(HttpMethod.POST, "/token").handler(corsHandler).handler(new TokenRequestParseHandler()).handler(clientAuthHandler).handler(new TokenEndpoint(tokenGranter));
// Introspection endpoint
oauth2Router.route(HttpMethod.POST, "/introspect").consumes(MediaType.APPLICATION_FORM_URLENCODED).handler(clientAuthHandler).handler(new IntrospectionEndpoint(introspectionService));
// Revocation endpoint
oauth2Router.route(HttpMethod.OPTIONS, "/revoke").handler(corsHandler);
oauth2Router.route(HttpMethod.POST, "/revoke").consumes(MediaType.APPLICATION_FORM_URLENCODED).handler(corsHandler).handler(clientAuthHandler).handler(new RevocationTokenEndpoint(revocationTokenService));
// Error endpoint
oauth2Router.route(HttpMethod.GET, "/error").handler(new ErrorEndpoint(domain, thymeleafTemplateEngine, clientSyncService, jwtService));
// Pushed Authorization Request
oauth2Router.route(HttpMethod.POST, "/par").handler(clientAuthHandler).handler(new PushedAuthorizationRequestEndpoint(parService));
oauth2Router.route("/par").handler(new PushedAuthorizationRequestEndpoint.MethodNotAllowedHandler());
// error handler
errorHandler(oauth2Router);
// mount OAuth 2.0 router
router.mountSubRouter(path(), oauth2Router);
}
Aggregations