Search in sources :

Example 16 with HttpException

use of io.jans.ca.server.HttpException in project jans by JanssenProject.

the class GetLogoutUrlOperation method execute.

@Override
public IOpResponse execute(GetLogoutUrlParams params) throws Exception {
    final Rp rp = getRp();
    OpenIdConfigurationResponse discoveryResponse = getDiscoveryService().getConnectDiscoveryResponse(rp);
    String endSessionEndpoint = discoveryResponse.getEndSessionEndpoint();
    String postLogoutRedirectUrl = params.getPostLogoutRedirectUri();
    if (Strings.isNullOrEmpty(postLogoutRedirectUrl)) {
        postLogoutRedirectUrl = rp.getPostLogoutRedirectUri();
    }
    if (Strings.isNullOrEmpty(postLogoutRedirectUrl)) {
        postLogoutRedirectUrl = "";
    }
    if (Strings.isNullOrEmpty(endSessionEndpoint)) {
        if (rp.getOpHost().startsWith(GOOGLE_OP_HOST) && getInstance(ConfigurationService.class).get().getSupportGoogleLogout()) {
            String logoutUrl = "https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=" + postLogoutRedirectUrl;
            return new GetLogoutUriResponse(logoutUrl);
        }
        LOG.error("Failed to get end_session_endpoint at: " + getDiscoveryService().getConnectDiscoveryUrl(rp));
        throw new HttpException(ErrorResponseCode.FAILED_TO_GET_END_SESSION_ENDPOINT);
    }
    String uri = endSessionEndpoint;
    if (!Strings.isNullOrEmpty(postLogoutRedirectUrl)) {
        uri += separator(uri) + "post_logout_redirect_uri=" + URLEncoder.encode(postLogoutRedirectUrl, "UTF-8");
    }
    if (!Strings.isNullOrEmpty(params.getState())) {
        uri += separator(uri) + "state=" + getStateService().encodeExpiredObject(params.getState(), ExpiredObjectType.STATE);
    }
    if (!Strings.isNullOrEmpty(params.getSessionState())) {
        uri += separator(uri) + "session_state=" + params.getSessionState();
    }
    if (!Strings.isNullOrEmpty(params.getIdTokenHint())) {
        uri += separator(uri) + "id_token_hint=" + params.getIdTokenHint();
    }
    return new GetLogoutUriResponse(uri);
}
Also used : GetLogoutUriResponse(io.jans.ca.common.response.GetLogoutUriResponse) OpenIdConfigurationResponse(io.jans.as.client.OpenIdConfigurationResponse) HttpException(io.jans.ca.server.HttpException) ConfigurationService(io.jans.ca.server.service.ConfigurationService) Rp(io.jans.ca.server.service.Rp)

Example 17 with HttpException

use of io.jans.ca.server.HttpException in project jans by JanssenProject.

the class BaseOperation method getRp.

public Rp getRp() {
    if (params instanceof HasRpIdParams) {
        getValidationService().validate((HasRpIdParams) params);
        HasRpIdParams hasRpId = (HasRpIdParams) params;
        return getRpSyncService().getRp(hasRpId.getRpId());
    }
    throw new HttpException(ErrorResponseCode.BAD_REQUEST_NO_RP_ID);
}
Also used : HasRpIdParams(io.jans.ca.common.params.HasRpIdParams) HttpException(io.jans.ca.server.HttpException)

Example 18 with HttpException

use of io.jans.ca.server.HttpException in project jans by JanssenProject.

the class ValidatorTest method tokenWithAudArrayStringWithOneElement_shouldBeValid.

// Test case to test issue#178
@Test
public void tokenWithAudArrayStringWithOneElement_shouldBeValid() throws InvalidJwtException {
    // "aud": "[\"6b578a9b-7513-477a-9a7f-1343b487caf8\"]",
    final Jwt idToken = Jwt.parse("eyJraWQiOiJjZmFiMzRlYy0xNjhkLTQ4OTUtODRiOC0xZjAyNzgwNDkxYzciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiMnI1clZ2STdpMWxfcnNXZUV4bGRuUSIsImF1ZCI6IltcIjZiNTc4YTliLTc1MTMtNDc3YS05YTdmLTEzNDNiNDg3Y2FmOFwiXSIsInN1YiI6InMtX1ppclZ0N05PRGRuV0RBVUdyalQycVVad0s2Y1hUaGI5cVY5OXYtdGciLCJhdXRoX3RpbWUiOjE1NjgxODUzMjcsImlzcyI6Imh0dHBzOi8vZHVtbXktaXNzdWVyLm9yZyIsImV4cCI6MTk2ODE4ODkzMCwiaWF0IjoxNTY4MTg1MzMwLCJub25jZSI6IjdyNDZ1dDZlbXU5Z2kxMWduODA0NHVtNjQwIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.bFgbYtgt5OA2hdwAXXCwaVMUYprArsGoURJgaA0d-YfsDYu8HU9zVDraDhflSc2Wg9uMv4RAKqEfldDwLIRIocGk5XwjyeOHFAWAlDMeDSPUAWy7d7oNGwPrRNZu37RUT1ncRS9ZAIsOhtJjflUTD0J12DeD-wT_V6Jpv8jn3Mo");
    String clientId = "6b578a9b-7513-477a-9a7f-1343b487caf8";
    try {
        Validator.validateAudience(idToken, clientId);
    } catch (Exception e) {
        assertFalse(e instanceof HttpException);
    }
}
Also used : Jwt(io.jans.as.model.jwt.Jwt) HttpException(io.jans.ca.server.HttpException) HttpException(io.jans.ca.server.HttpException) InvalidJwtException(io.jans.as.model.exception.InvalidJwtException) Test(org.testng.annotations.Test)

Example 19 with HttpException

use of io.jans.ca.server.HttpException in project jans by JanssenProject.

the class ValidatorTest method tokenWithMultiAudAndAzp_shouldBeValid.

@Test
public void tokenWithMultiAudAndAzp_shouldBeValid() throws InvalidJwtException {
    // "aud": ["6b578a9b-7513-477a-9a7f-1343b487caf8","another_aud"],
    // "azp":"6b578a9b-7513-477a-9a7f-1343b487caf8"
    final Jwt idToken = Jwt.parse("eyJraWQiOiJjZmFiMzRlYy0xNjhkLTQ4OTUtODRiOC0xZjAyNzgwNDkxYzciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiMnI1clZ2STdpMWxfcnNXZUV4bGRuUSIsImF1ZCI6WyI2YjU3OGE5Yi03NTEzLTQ3N2EtOWE3Zi0xMzQzYjQ4N2NhZjgiLCJhbm90aGVyX2F1ZCJdLCJhenAiOiI2YjU3OGE5Yi03NTEzLTQ3N2EtOWE3Zi0xMzQzYjQ4N2NhZjgiLCJzdWIiOiJzLV9aaXJWdDdOT0RkbldEQVVHcmpUMnFVWndLNmNYVGhiOXFWOTl2LXRnIiwiYXV0aF90aW1lIjoxNTY4MTg1MzI3LCJpc3MiOiJodHRwczovL2R1bW15LWlzc3Vlci5vcmciLCJleHAiOjE5NjgxODg5MzAsImlhdCI6MTU2ODE4NTMzMCwibm9uY2UiOiI3cjQ2dXQ2ZW11OWdpMTFnbjgwNDR1bTY0MCIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCJ9.Q1WsYrrMx4Uo7ZT5X840yuPljdRM5AU1otNAlc7-XcCUWB2yzdHZ5ptNdcGUEKr3bHLN4f-YyBC4n6Yea60eFxTkjXKGpGJESRU690xJ_OHb69DzHXiRnbtBRcHRMUgra5CBC4WNqyTRc0SBJFGOVuNAceNyVLSP7zPXgGNQHcA");
    String clientId = "6b578a9b-7513-477a-9a7f-1343b487caf8";
    try {
        Validator.validateAudience(idToken, clientId);
    } catch (Exception e) {
        assertFalse(e instanceof HttpException);
    }
}
Also used : Jwt(io.jans.as.model.jwt.Jwt) HttpException(io.jans.ca.server.HttpException) HttpException(io.jans.ca.server.HttpException) InvalidJwtException(io.jans.as.model.exception.InvalidJwtException) Test(org.testng.annotations.Test)

Example 20 with HttpException

use of io.jans.ca.server.HttpException in project jans by JanssenProject.

the class ValidatorTest method tokenWithAudArrayStringWithMultiElements_shouldBeValid.

// Test case to test issue#178
@Test
public void tokenWithAudArrayStringWithMultiElements_shouldBeValid() throws InvalidJwtException {
    // "aud": "[\"6b578a9b-7513-477a-9a7f-1343b487caf8\",\"another_element\"]",
    final Jwt idToken = Jwt.parse("eyJraWQiOiJjZmFiMzRlYy0xNjhkLTQ4OTUtODRiOC0xZjAyNzgwNDkxYzciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiMnI1clZ2STdpMWxfcnNXZUV4bGRuUSIsImF1ZCI6IltcIjZiNTc4YTliLTc1MTMtNDc3YS05YTdmLTEzNDNiNDg3Y2FmOFwiLFwiYW5vdGhlcl9lbGVtZW50XCJdIiwiYXpwIjoiNmI1NzhhOWItNzUxMy00NzdhLTlhN2YtMTM0M2I0ODdjYWY4Iiwic3ViIjoicy1fWmlyVnQ3Tk9EZG5XREFVR3JqVDJxVVp3SzZjWFRoYjlxVjk5di10ZyIsImF1dGhfdGltZSI6MTU2ODE4NTMyNywiaXNzIjoiaHR0cHM6Ly9kdW1teS1pc3N1ZXIub3JnIiwiZXhwIjoxOTY4MTg4OTMwLCJpYXQiOjE1NjgxODUzMzAsIm5vbmNlIjoiN3I0NnV0NmVtdTlnaTExZ244MDQ0dW02NDAiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAifQ.EFHmgED3QNxgQHBvp2Emptd1E-N80wEcyUNFz5WcmSGfatPSPtG7sX7eRgZXTqAsO2WkknCWR2PthLEa4pHG3yDsiMjNn3-7WJ8I1_4yZiJ95MzrBzPDWn8KlSUTq8xHrv724YK4mTkYTkAkBAwbqcMu7EiZJAt-4Nqk9VvO4Nw");
    String clientId = "6b578a9b-7513-477a-9a7f-1343b487caf8";
    try {
        Validator.validateAudience(idToken, clientId);
    } catch (Exception e) {
        assertFalse(e instanceof HttpException);
    }
}
Also used : Jwt(io.jans.as.model.jwt.Jwt) HttpException(io.jans.ca.server.HttpException) HttpException(io.jans.ca.server.HttpException) InvalidJwtException(io.jans.as.model.exception.InvalidJwtException) Test(org.testng.annotations.Test)

Aggregations

HttpException (io.jans.ca.server.HttpException)34 Jwt (io.jans.as.model.jwt.Jwt)10 Rp (io.jans.ca.server.service.Rp)9 SignatureAlgorithm (io.jans.as.model.crypto.signature.SignatureAlgorithm)8 OpenIdConfigurationResponse (io.jans.as.client.OpenIdConfigurationResponse)6 InvalidJwtException (io.jans.as.model.exception.InvalidJwtException)6 Test (org.testng.annotations.Test)6 RegisterResponse (io.jans.as.client.RegisterResponse)5 RegisterClient (io.jans.as.client.RegisterClient)4 RegisterRequest (io.jans.as.client.RegisterRequest)4 AuthenticationMethod (io.jans.as.model.common.AuthenticationMethod)4 UmaMetadata (io.jans.as.model.uma.UmaMetadata)4 IOException (java.io.IOException)4 TokenClient (io.jans.as.client.TokenClient)3 TokenResponse (io.jans.as.client.TokenResponse)3 GrantType (io.jans.as.model.common.GrantType)3 SubjectType (io.jans.as.model.common.SubjectType)3 BlockEncryptionAlgorithm (io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm)3 KeyEncryptionAlgorithm (io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm)3 Strings (com.google.common.base.Strings)2