Examples with State io.micronaut.security.oauth2.endpoint.authorization.state.State used on opensource projects

Search in sources :

Example 1 with State

use of io.micronaut.security.oauth2.endpoint.authorization.state.State in project micronaut-security by micronaut-projects.

the class DefaultOpenIdAuthorizationResponseHandler method validateState.

/**
 * Validates the Authorization response state.
 * @param authorizationResponse The authorization response
 * @param clientConfiguration The client configuration
 * @throws InvalidStateException if the state did not pass validation
 */
private void validateState(OpenIdAuthorizationResponse authorizationResponse, OauthClientConfiguration clientConfiguration) throws InvalidStateException {
    if (stateValidator != null) {
        if (LOG.isTraceEnabled()) {
            LOG.trace("Validating state found in the authorization response from provider [{}]", clientConfiguration.getName());
        }
        State state = authorizationResponse.getState();
        stateValidator.validate(authorizationResponse.getCallbackRequest(), state);
    } else {
        if (LOG.isTraceEnabled()) {
            LOG.trace("Skipping state validation, no state validator found");
        }
    }
}
Also used : State(io.micronaut.security.oauth2.endpoint.authorization.state.State)

Example 2 with State

use of io.micronaut.security.oauth2.endpoint.authorization.state.State in project micronaut-security by micronaut-projects.

the class DefaultOpenIdAuthorizationResponseHandler method validateOpenIdTokenResponse.

/**
 * @param nonce Nonce
 * @param clientConfiguration The client configuration
 * @param openIdProviderMetadata The provider metadata
 * @param openIdTokenResponse OpenID token response
 * @param authenticationMapper The user details mapper
 * @param state State
 * @return An Authentication response if the open id token could  be validated
 * @throws ParseException If the payload of the JWT doesn't represent a valid JSON object and a JWT claims set.
 */
private Optional<AuthenticationResponse> validateOpenIdTokenResponse(String nonce, OauthClientConfiguration clientConfiguration, OpenIdProviderMetadata openIdProviderMetadata, OpenIdTokenResponse openIdTokenResponse, @Nullable OpenIdAuthenticationMapper authenticationMapper, @Nullable State state) throws ParseException {
    if (LOG.isTraceEnabled()) {
        LOG.trace("Token endpoint returned a success response. Validating the JWT");
    }
    Optional<JWT> jwt = tokenResponseValidator.validate(clientConfiguration, openIdProviderMetadata, openIdTokenResponse, nonce);
    if (jwt.isPresent()) {
        if (LOG.isTraceEnabled()) {
            LOG.trace("Token validation succeeded. Creating a user details");
        }
        OpenIdClaims claims = new JWTOpenIdClaims(jwt.get().getJWTClaimsSet());
        OpenIdAuthenticationMapper openIdAuthenticationMapper = authenticationMapper != null ? authenticationMapper : defaultAuthenticationMapper;
        return Optional.of(openIdAuthenticationMapper.createAuthenticationResponse(clientConfiguration.getName(), openIdTokenResponse, claims, state));
    }
    return Optional.empty();
}
Also used : JWT(com.nimbusds.jwt.JWT) JWTOpenIdClaims(io.micronaut.security.oauth2.endpoint.token.response.JWTOpenIdClaims) OpenIdClaims(io.micronaut.security.oauth2.endpoint.token.response.OpenIdClaims) JWTOpenIdClaims(io.micronaut.security.oauth2.endpoint.token.response.JWTOpenIdClaims) DefaultOpenIdAuthenticationMapper(io.micronaut.security.oauth2.endpoint.token.response.DefaultOpenIdAuthenticationMapper) OpenIdAuthenticationMapper(io.micronaut.security.oauth2.endpoint.token.response.OpenIdAuthenticationMapper)

Example 3 with State

use of io.micronaut.security.oauth2.endpoint.authorization.state.State in project micronaut-security by micronaut-projects.

the class OauthCodeTokenRequestContext method getGrant.

@Override
public Map<String, String> getGrant() {
    AuthorizationCodeGrant codeGrant = new AuthorizationCodeGrant();
    codeGrant.setCode(authorizationResponse.getCode());
    State state = authorizationResponse.getState();
    if (state != null && state.getRedirectUri() != null) {
        codeGrant.setRedirectUri(authorizationResponse.getState().getRedirectUri().toString());
    }
    return codeGrant.toMap();
}
Also used : AuthorizationCodeGrant(io.micronaut.security.oauth2.grants.AuthorizationCodeGrant) State(io.micronaut.security.oauth2.endpoint.authorization.state.State)

Example 4 with State

use of io.micronaut.security.oauth2.endpoint.authorization.state.State in project micronaut-security by micronaut-projects.

the class DefaultOauthAuthorizationResponseHandler method handle.

@Override
public Publisher<AuthenticationResponse> handle(AuthorizationResponse authorizationResponse, OauthClientConfiguration clientConfiguration, OauthAuthenticationMapper authenticationMapper, SecureEndpoint tokenEndpoint) {
    State state;
    if (stateValidator != null) {
        if (LOG.isTraceEnabled()) {
            LOG.trace("Validating state found in the authorization response from provider [{}]", clientConfiguration.getName());
        }
        state = authorizationResponse.getState();
        try {
            stateValidator.validate(authorizationResponse.getCallbackRequest(), state);
        } catch (InvalidStateException e) {
            return Flux.just(new AuthenticationFailed("State validation failed: " + e.getMessage()));
        }
    } else {
        state = null;
        if (LOG.isTraceEnabled()) {
            LOG.trace("Skipping state validation, no state validator found");
        }
    }
    OauthCodeTokenRequestContext context = new OauthCodeTokenRequestContext(authorizationResponse, tokenEndpoint, clientConfiguration);
    return Flux.from(tokenEndpointClient.sendRequest(context)).switchMap(response -> {
        if (LOG.isTraceEnabled()) {
            LOG.trace("Token endpoint returned a success response. Creating a user details");
        }
        return Flux.from(authenticationMapper.createAuthenticationResponse(response, state)).map(AuthenticationResponse.class::cast);
    });
}
Also used : State(io.micronaut.security.oauth2.endpoint.authorization.state.State) AuthenticationFailed(io.micronaut.security.authentication.AuthenticationFailed) InvalidStateException(io.micronaut.security.oauth2.endpoint.authorization.state.InvalidStateException) OauthCodeTokenRequestContext(io.micronaut.security.oauth2.endpoint.token.request.context.OauthCodeTokenRequestContext) AuthenticationResponse(io.micronaut.security.authentication.AuthenticationResponse)

Aggregations

State (io.micronaut.security.oauth2.endpoint.authorization.state.State)3 JWT (com.nimbusds.jwt.JWT)1 AuthenticationFailed (io.micronaut.security.authentication.AuthenticationFailed)1 AuthenticationResponse (io.micronaut.security.authentication.AuthenticationResponse)1 InvalidStateException (io.micronaut.security.oauth2.endpoint.authorization.state.InvalidStateException)1 OauthCodeTokenRequestContext (io.micronaut.security.oauth2.endpoint.token.request.context.OauthCodeTokenRequestContext)1 DefaultOpenIdAuthenticationMapper (io.micronaut.security.oauth2.endpoint.token.response.DefaultOpenIdAuthenticationMapper)1 JWTOpenIdClaims (io.micronaut.security.oauth2.endpoint.token.response.JWTOpenIdClaims)1 OpenIdAuthenticationMapper (io.micronaut.security.oauth2.endpoint.token.response.OpenIdAuthenticationMapper)1 OpenIdClaims (io.micronaut.security.oauth2.endpoint.token.response.OpenIdClaims)1 AuthorizationCodeGrant (io.micronaut.security.oauth2.grants.AuthorizationCodeGrant)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial