use of io.jans.ca.common.response.CheckIdTokenResponse in project jans by JanssenProject.
the class CheckIdTokenTest method test.
@Parameters({ "host", "opHost", "redirectUrls", "userId", "userSecret" })
@Test
public void test(String host, String opHost, String redirectUrls, String userId, String userSecret) {
ClientInterface client = Tester.newClient(host);
RegisterSiteResponse site = RegisterSiteTest.registerSite(client, opHost, redirectUrls);
String state = CoreUtils.secureRandomString();
String nonce = CoreUtils.secureRandomString();
GetTokensByCodeResponse2 response = GetTokensByCodeTest.tokenByCode(client, site, opHost, userId, userSecret, site.getClientId(), redirectUrls, nonce, state);
final CheckIdTokenParams params = new CheckIdTokenParams();
params.setRpId(site.getRpId());
params.setIdToken(response.getIdToken());
params.setNonce(nonce);
final CheckIdTokenResponse checkR = client.checkIdToken(Tester.getAuthorization(site), null, params);
assertNotNull(checkR);
assertTrue(checkR.isActive());
assertNotNull(checkR.getExpiresAt());
assertNotNull(checkR.getIssuedAt());
assertNotNull(checkR.getClaims());
final Map<String, List<String>> claims = checkR.getClaims();
assertClaim(claims, "aud");
assertClaim(claims, "iss");
}
use of io.jans.ca.common.response.CheckIdTokenResponse in project jans by JanssenProject.
the class CheckIdTokenOperation method execute.
@Override
public IOpResponse execute(CheckIdTokenParams params) {
try {
OpenIdConfigurationResponse discoveryResponse = getDiscoveryService().getConnectDiscoveryResponseByRpId(params.getRpId());
final Rp rp = getRp();
final String idToken = params.getIdToken();
final Jwt jwt = Jwt.parse(idToken);
final Validator validator = new Validator.Builder().discoveryResponse(discoveryResponse).idToken(jwt).keyService(getKeyService()).opClientFactory(getOpClientFactory()).rpServerConfiguration(getConfigurationService().getConfiguration()).rp(rp).build();
// validate at_hash in id_token
validator.validateAccessToken(params.getAccessToken(), atHashCheckRequired(rp.getResponseTypes()));
// validate c_hash in id_token
validator.validateAuthorizationCode(params.getCode());
// validate s_hash in id_token
validator.validateState(params.getState());
final CheckIdTokenResponse opResponse = new CheckIdTokenResponse();
opResponse.setActive(validator.isIdTokenValid(params.getNonce()));
opResponse.setIssuedAt(Utils.date(jwt.getClaims().getClaimAsDate(JwtClaimName.ISSUED_AT)));
opResponse.setExpiresAt(Utils.date(jwt.getClaims().getClaimAsDate(JwtClaimName.EXPIRATION_TIME)));
opResponse.setClaims(jwt.getClaims().toMap());
return opResponse;
} catch (HttpException e) {
throw e;
} catch (Exception e) {
LOG.error(e.getMessage(), e);
}
throw HttpException.internalError();
}
Aggregations