Search in sources :

Example 1 with InvalidStateException

use of io.micronaut.security.oauth2.endpoint.authorization.state.InvalidStateException in project micronaut-security by micronaut-projects.

the class DefaultOpenIdAuthorizationResponseHandler method validateState.

/**
 * Validates the Authorization response state.
 * @param authorizationResponse The authorization response
 * @param clientConfiguration The client configuration
 * @throws InvalidStateException if the state did not pass validation
 */
private void validateState(OpenIdAuthorizationResponse authorizationResponse, OauthClientConfiguration clientConfiguration) throws InvalidStateException {
    if (stateValidator != null) {
        if (LOG.isTraceEnabled()) {
            LOG.trace("Validating state found in the authorization response from provider [{}]", clientConfiguration.getName());
        }
        State state = authorizationResponse.getState();
        stateValidator.validate(authorizationResponse.getCallbackRequest(), state);
    } else {
        if (LOG.isTraceEnabled()) {
            LOG.trace("Skipping state validation, no state validator found");
        }
    }
}
Also used : State(io.micronaut.security.oauth2.endpoint.authorization.state.State)

Example 2 with InvalidStateException

use of io.micronaut.security.oauth2.endpoint.authorization.state.InvalidStateException in project micronaut-security by micronaut-projects.

the class DefaultOauthAuthorizationResponseHandler method handle.

@Override
public Publisher<AuthenticationResponse> handle(AuthorizationResponse authorizationResponse, OauthClientConfiguration clientConfiguration, OauthAuthenticationMapper authenticationMapper, SecureEndpoint tokenEndpoint) {
    State state;
    if (stateValidator != null) {
        if (LOG.isTraceEnabled()) {
            LOG.trace("Validating state found in the authorization response from provider [{}]", clientConfiguration.getName());
        }
        state = authorizationResponse.getState();
        try {
            stateValidator.validate(authorizationResponse.getCallbackRequest(), state);
        } catch (InvalidStateException e) {
            return Flux.just(new AuthenticationFailed("State validation failed: " + e.getMessage()));
        }
    } else {
        state = null;
        if (LOG.isTraceEnabled()) {
            LOG.trace("Skipping state validation, no state validator found");
        }
    }
    OauthCodeTokenRequestContext context = new OauthCodeTokenRequestContext(authorizationResponse, tokenEndpoint, clientConfiguration);
    return Flux.from(tokenEndpointClient.sendRequest(context)).switchMap(response -> {
        if (LOG.isTraceEnabled()) {
            LOG.trace("Token endpoint returned a success response. Creating a user details");
        }
        return Flux.from(authenticationMapper.createAuthenticationResponse(response, state)).map(AuthenticationResponse.class::cast);
    });
}
Also used : State(io.micronaut.security.oauth2.endpoint.authorization.state.State) AuthenticationFailed(io.micronaut.security.authentication.AuthenticationFailed) InvalidStateException(io.micronaut.security.oauth2.endpoint.authorization.state.InvalidStateException) OauthCodeTokenRequestContext(io.micronaut.security.oauth2.endpoint.token.request.context.OauthCodeTokenRequestContext) AuthenticationResponse(io.micronaut.security.authentication.AuthenticationResponse)

Aggregations

State (io.micronaut.security.oauth2.endpoint.authorization.state.State)2 AuthenticationFailed (io.micronaut.security.authentication.AuthenticationFailed)1 AuthenticationResponse (io.micronaut.security.authentication.AuthenticationResponse)1 InvalidStateException (io.micronaut.security.oauth2.endpoint.authorization.state.InvalidStateException)1 OauthCodeTokenRequestContext (io.micronaut.security.oauth2.endpoint.token.request.context.OauthCodeTokenRequestContext)1