Search in sources :

Example 1 with CheckIdTokenResponse

use of io.jans.ca.common.response.CheckIdTokenResponse in project jans by JanssenProject.

the class CheckIdTokenTest method test.

@Parameters({ "host", "opHost", "redirectUrls", "userId", "userSecret" })
@Test
public void test(String host, String opHost, String redirectUrls, String userId, String userSecret) {
    ClientInterface client = Tester.newClient(host);
    RegisterSiteResponse site = RegisterSiteTest.registerSite(client, opHost, redirectUrls);
    String state = CoreUtils.secureRandomString();
    String nonce = CoreUtils.secureRandomString();
    GetTokensByCodeResponse2 response = GetTokensByCodeTest.tokenByCode(client, site, opHost, userId, userSecret, site.getClientId(), redirectUrls, nonce, state);
    final CheckIdTokenParams params = new CheckIdTokenParams();
    params.setRpId(site.getRpId());
    params.setIdToken(response.getIdToken());
    params.setNonce(nonce);
    final CheckIdTokenResponse checkR = client.checkIdToken(Tester.getAuthorization(site), null, params);
    assertNotNull(checkR);
    assertTrue(checkR.isActive());
    assertNotNull(checkR.getExpiresAt());
    assertNotNull(checkR.getIssuedAt());
    assertNotNull(checkR.getClaims());
    final Map<String, List<String>> claims = checkR.getClaims();
    assertClaim(claims, "aud");
    assertClaim(claims, "iss");
}
Also used : CheckIdTokenParams(io.jans.ca.common.params.CheckIdTokenParams) List(java.util.List) ClientInterface(io.jans.ca.client.ClientInterface) CheckIdTokenResponse(io.jans.ca.common.response.CheckIdTokenResponse) RegisterSiteResponse(io.jans.ca.common.response.RegisterSiteResponse) GetTokensByCodeResponse2(io.jans.ca.client.GetTokensByCodeResponse2) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test)

Example 2 with CheckIdTokenResponse

use of io.jans.ca.common.response.CheckIdTokenResponse in project jans by JanssenProject.

the class CheckIdTokenOperation method execute.

@Override
public IOpResponse execute(CheckIdTokenParams params) {
    try {
        OpenIdConfigurationResponse discoveryResponse = getDiscoveryService().getConnectDiscoveryResponseByRpId(params.getRpId());
        final Rp rp = getRp();
        final String idToken = params.getIdToken();
        final Jwt jwt = Jwt.parse(idToken);
        final Validator validator = new Validator.Builder().discoveryResponse(discoveryResponse).idToken(jwt).keyService(getKeyService()).opClientFactory(getOpClientFactory()).rpServerConfiguration(getConfigurationService().getConfiguration()).rp(rp).build();
        // validate at_hash in id_token
        validator.validateAccessToken(params.getAccessToken(), atHashCheckRequired(rp.getResponseTypes()));
        // validate c_hash in id_token
        validator.validateAuthorizationCode(params.getCode());
        // validate s_hash in id_token
        validator.validateState(params.getState());
        final CheckIdTokenResponse opResponse = new CheckIdTokenResponse();
        opResponse.setActive(validator.isIdTokenValid(params.getNonce()));
        opResponse.setIssuedAt(Utils.date(jwt.getClaims().getClaimAsDate(JwtClaimName.ISSUED_AT)));
        opResponse.setExpiresAt(Utils.date(jwt.getClaims().getClaimAsDate(JwtClaimName.EXPIRATION_TIME)));
        opResponse.setClaims(jwt.getClaims().toMap());
        return opResponse;
    } catch (HttpException e) {
        throw e;
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
    }
    throw HttpException.internalError();
}
Also used : Jwt(io.jans.as.model.jwt.Jwt) OpenIdConfigurationResponse(io.jans.as.client.OpenIdConfigurationResponse) HttpException(io.jans.ca.server.HttpException) CheckIdTokenResponse(io.jans.ca.common.response.CheckIdTokenResponse) Rp(io.jans.ca.server.service.Rp) HttpException(io.jans.ca.server.HttpException)

Aggregations

CheckIdTokenResponse (io.jans.ca.common.response.CheckIdTokenResponse)2 OpenIdConfigurationResponse (io.jans.as.client.OpenIdConfigurationResponse)1 Jwt (io.jans.as.model.jwt.Jwt)1 ClientInterface (io.jans.ca.client.ClientInterface)1 GetTokensByCodeResponse2 (io.jans.ca.client.GetTokensByCodeResponse2)1 CheckIdTokenParams (io.jans.ca.common.params.CheckIdTokenParams)1 RegisterSiteResponse (io.jans.ca.common.response.RegisterSiteResponse)1 HttpException (io.jans.ca.server.HttpException)1 Rp (io.jans.ca.server.service.Rp)1 List (java.util.List)1 Parameters (org.testng.annotations.Parameters)1 Test (org.testng.annotations.Test)1