use of io.gravitee.management.idp.api.identity.IdentityReference in project gravitee-management-rest-api by gravitee-io.
the class CompositeIdentityManager method lookup.
@Override
public Optional<User> lookup(final String reference) {
LOGGER.debug("Looking for a user: reference[{}]", reference);
try {
IdentityReference identityReference = referenceSerializer.deserialize(reference);
LOGGER.debug("Lookup identity information from reference: source[{}] id[{}]", identityReference.getSource(), identityReference.getReference());
for (final IdentityLookup identityLookup : identityLookups) {
if (identityLookup.canHandle(identityReference)) {
final User user = identityLookup.retrieve(identityReference);
if (user != null) {
return of(user);
}
}
}
} catch (final Exception ex) {
LOGGER.error("Unable to extract IDP: token[" + reference + "]", ex);
}
return empty();
}
use of io.gravitee.management.idp.api.identity.IdentityReference in project gravitee-management-rest-api by gravitee-io.
the class ReferenceSerializer method deserialize.
public IdentityReference deserialize(String token) throws Exception {
String sToken = new String(Base64.getDecoder().decode(token));
// Parse the JWE string
JWEObject jweObject = JWEObject.parse(sToken);
// Decrypt with shared key
jweObject.decrypt(new DirectDecrypter(secretKey.getEncoded()));
// Extract payload
SignedJWT signedJWT = jweObject.getPayload().toSignedJWT();
// Check the HMAC
signedJWT.verify(new MACVerifier(secretKey.getEncoded()));
// Retrieve the JWT claims
return new IdentityReference(signedJWT.getJWTClaimsSet().getIssuer(), signedJWT.getJWTClaimsSet().getSubject());
}
Aggregations