Examples with RegistrationResponse it.unibo.arces.wot.sepa.commons.response.RegistrationResponse used on opensource projects

Example 6 with RegistrationResponse

use of it.unibo.arces.wot.sepa.commons.response.RegistrationResponse in project SEPA by arces-wot.

the class ClientSecurityManager method registerClient.

public Response registerClient(String client_id, String username, String initialAccessToken, int timeout) throws SEPASecurityException, SEPAPropertiesException {
    if (oauthProperties == null)
        throw new SEPAPropertiesException("Authorization properties are null");
    Response ret = oauth.registerClient(client_id, username, initialAccessToken, timeout);
    if (ret.isRegistrationResponse()) {
        RegistrationResponse reg = (RegistrationResponse) ret;
        oauthProperties.setCredentials(reg.getClientId(), reg.getClientSecret());
    } else {
        logger.error(ret);
    }
    return ret;
}

Example 7 with RegistrationResponse

use of it.unibo.arces.wot.sepa.commons.response.RegistrationResponse in project SEPA by arces-wot.

the class KeycloakAuthenticationService method registerClient.

/**
 * Client Registration Request
 *
 *curl --location --request POST 'https://sepa.vaimee.it:8443/auth/realms/MONAS/clients-registrations/default' \
 *--header 'Content-Type: application/json' \
 *--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI4Y2E2ZGNiNC1jZmY5LTQzNGUtODNhNi05NTk4MzQ1NjUxZGMifQ.eyJleHAiOjAsImlhdCI6MTU5OTgwNTYzMywianRpIjoiMzNkZjRjZDYtMjJkZC00M2UxLWFmMzItYWE3NTMwMmJmZGUzIiwiaXNzIjoiaHR0cHM6Ly9zZXBhLnZhaW1lZS5pdDo4NDQzL2F1dGgvcmVhbG1zL01PTkFTIiwiYXVkIjoiaHR0cHM6Ly9zZXBhLnZhaW1lZS5pdDo4NDQzL2F1dGgvcmVhbG1zL01PTkFTIiwidHlwIjoiSW5pdGlhbEFjY2Vzc1Rva2VuIn0.edceIxjn2Fdc3NzXYIu--lWbDVBF0YXQfrUJ1R94myc' \
 *--data-raw '{"clientId":"sepatest_client","standardFlowEnabled" : false, "implicitFlowEnabled" : false, "authorizationServicesEnabled":true,"directAccessGrantsEnabled" : false, "serviceAccountsEnabled" : true, "publicClient":false, "protocol":"openid-connect","protocolMappers":[{"name":"hardcoded_username","protocol":"openid-connect","protocolMapper" : "oidc-hardcoded-claim-mapper","config" : {"claim.value":"sepatest","userinfo.token.claim":"false","id.token.claim":"false","access.token.claim":"true","claim.name":"preferred_username","jsonType.label":"String"}}]}'
 */
@Override
public Response registerClient(String client_id, String username, String initialAccessToken, int timeout) throws SEPASecurityException {
    if (client_id == null)
        throw new SEPASecurityException("client_id is null");
    logger.log(Level.getLevel("oauth"), "REGISTER " + client_id);
    CloseableHttpResponse response = null;
    long start = Timings.getTime();
    try {
        URI uri = new URI(oauthProperties.getRegisterUrl());
        // 1) Register client
        HttpPost httpRequest = new HttpPost(uri);
        httpRequest.setHeader("Content-Type", "application/json");
        httpRequest.setHeader("Authorization", "bearer " + initialAccessToken);
        // oidc_hardcoded_claim_mapper for username link
        JsonObject usernameClaim = new JsonObject();
        usernameClaim.add("claim.value", new JsonPrimitive(username));
        usernameClaim.add("claim.name", new JsonPrimitive("username"));
        usernameClaim.add("userinfo.token.claim", new JsonPrimitive(false));
        usernameClaim.add("id.token.claim", new JsonPrimitive(false));
        usernameClaim.add("access.token.claim", new JsonPrimitive(true));
        usernameClaim.add("jsonType.label", new JsonPrimitive("String"));
        JsonArray protocolMappers = new JsonArray();
        JsonObject oidc_hardcoded_claim_mapper = new JsonObject();
        oidc_hardcoded_claim_mapper.add("name", new JsonPrimitive("hardcoded_username"));
        oidc_hardcoded_claim_mapper.add("protocol", new JsonPrimitive("openid-connect"));
        oidc_hardcoded_claim_mapper.add("protocolMapper", new JsonPrimitive("oidc-hardcoded-claim-mapper"));
        oidc_hardcoded_claim_mapper.add("config", usernameClaim);
        protocolMappers.add(oidc_hardcoded_claim_mapper);
        JsonObject jsonBody = new JsonObject();
        jsonBody.add("clientId", new JsonPrimitive(client_id));
        jsonBody.add("standardFlowEnabled", new JsonPrimitive(false));
        jsonBody.add("implicitFlowEnabled", new JsonPrimitive(false));
        jsonBody.add("directAccessGrantsEnabled", new JsonPrimitive(false));
        jsonBody.add("serviceAccountsEnabled", new JsonPrimitive(true));
        jsonBody.add("authorizationServicesEnabled", new JsonPrimitive(false));
        jsonBody.add("publicClient", new JsonPrimitive(false));
        jsonBody.add("protocol", new JsonPrimitive("openid-connect"));
        jsonBody.add("protocolMappers", protocolMappers);
        StringEntity body = new StringEntity(jsonBody.toString());
        httpRequest.setEntity(body);
        // Set timeout
        RequestConfig requestConfig = RequestConfig.custom().setSocketTimeout(timeout).setConnectTimeout(timeout).build();
        httpRequest.setConfig(requestConfig);
        logger.log(Level.getLevel("oauth"), "Request: " + httpRequest);
        try {
            response = httpClient.execute(httpRequest);
        } catch (IOException e) {
            logger.error("HTTP EXECUTE: " + e.getMessage());
            return new ErrorResponse(HttpStatus.SC_SERVICE_UNAVAILABLE, "HttpExecute", e.getMessage());
        }
        logger.log(Level.getLevel("oauth"), "Response: " + response);
        HttpEntity entity = response.getEntity();
        String jsonResponse = EntityUtils.toString(entity, Charset.forName("UTF-8"));
        EntityUtils.consume(entity);
        JsonObject json = new JsonParser().parse(jsonResponse).getAsJsonObject();
        if (json.has("error")) {
            // int code = json.get("status_code").getAsInt();
            String error = json.get("error").getAsString();
            String description = json.get("error_description").getAsString();
            ErrorResponse ret = new ErrorResponse(response.getStatusLine().getStatusCode(), error, description);
            logger.error(ret);
            return ret;
        }
        return new RegistrationResponse(client_id, json.get("secret").getAsString(), json);
    } catch (URISyntaxException e) {
        logger.error(e.getMessage());
        Timings.log("REGISTER_ERROR", start, Timings.getTime());
        return new ErrorResponse(HttpStatus.SC_BAD_REQUEST, "URISyntaxException", e.getMessage());
    } catch (UnsupportedEncodingException e) {
        logger.error(e.getMessage());
        Timings.log("REGISTER_ERROR", start, Timings.getTime());
        return new ErrorResponse(HttpStatus.SC_BAD_REQUEST, "UnsupportedEncodingException", e.getMessage());
    } catch (ParseException e) {
        logger.error(e.getMessage());
        Timings.log("REGISTER_ERROR", start, Timings.getTime());
        return new ErrorResponse(HttpStatus.SC_BAD_REQUEST, "ParseException", e.getMessage());
    } catch (IOException e) {
        logger.error(e.getMessage());
        Timings.log("REGISTER_ERROR", start, Timings.getTime());
        return new ErrorResponse(HttpStatus.SC_SERVICE_UNAVAILABLE, "IOException", e.getMessage());
    } finally {
        try {
            if (response != null)
                response.close();
        } catch (IOException e) {
            logger.error(e.getMessage());
            Timings.log("REGISTER_ERROR", start, Timings.getTime());
            return new ErrorResponse(HttpStatus.SC_SERVICE_UNAVAILABLE, "IOException", e.getMessage());
        }
    }
}