Search in sources :

Example 21 with PostEnvironment

use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.

the class OIDCCSignIdToken method evaluate.

@Override
@PreEnvironment(required = { "id_token_claims", "server_jwks", "client" }, strings = { "signing_algorithm" })
@PostEnvironment(strings = "id_token", required = { "all_issued_id_tokens" })
public Environment evaluate(Environment env) {
    JsonObject claims = env.getObject("id_token_claims");
    JsonObject jwks = env.getObject("server_jwks");
    String signingAlg = env.getString("client", "id_token_signed_response_alg");
    if (signingAlg == null || signingAlg.isEmpty()) {
        // use the default
        signingAlg = env.getString("signing_algorithm");
    }
    JsonObject client = env.getObject("client");
    if ("none".equals(signingAlg)) {
        String signed = signWithAlgNone(claims.toString());
        logSuccessByJWTType(env, null, null, null, signed, null);
    } else {
        JWK selectedKey = selectOrCreateKey(jwks, signingAlg, client);
        signJWTUsingKey(env, claims, selectedKey, signingAlg);
    }
    // keep track of all issued id_tokens to be used for logout
    String idToken = env.getString("id_token");
    if (!env.containsObject("all_issued_id_tokens")) {
        JsonObject allIdTokens = new JsonObject();
        env.putObject("all_issued_id_tokens", allIdTokens);
    }
    JsonObject allIdTokens = env.getObject("all_issued_id_tokens");
    // because you can't add JsonArrays to env
    allIdTokens.addProperty(idToken, "1");
    return env;
}
Also used : JsonObject(com.google.gson.JsonObject) JWK(com.nimbusds.jose.jwk.JWK) PostEnvironment(net.openid.conformance.condition.PostEnvironment) PreEnvironment(net.openid.conformance.condition.PreEnvironment)

Example 22 with PostEnvironment

use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.

the class RemoveAtHashFromIdToken method evaluate.

@Override
@PreEnvironment(required = "id_token_claims")
@PostEnvironment(required = "id_token_claims")
public Environment evaluate(Environment env) {
    JsonObject claims = env.getObject("id_token_claims");
    claims.addProperty("at_hash", ((String) null));
    env.putObject("id_token_claims", claims);
    logSuccess("Removed at_hash value from ID token claims", args("id_token_claims", claims));
    return env;
}
Also used : JsonObject(com.google.gson.JsonObject) PostEnvironment(net.openid.conformance.condition.PostEnvironment) PreEnvironment(net.openid.conformance.condition.PreEnvironment)

Example 23 with PostEnvironment

use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.

the class RemoveSHashFromIdToken method evaluate.

@Override
@PreEnvironment(required = "id_token_claims")
@PostEnvironment(required = "id_token_claims")
public Environment evaluate(Environment env) {
    JsonObject claims = env.getObject("id_token_claims");
    claims.remove("s_hash");
    env.putObject("id_token_claims", claims);
    logSuccess("Removed s_hash value from ID token claims", args("id_token_claims", claims));
    return env;
}
Also used : JsonObject(com.google.gson.JsonObject) PostEnvironment(net.openid.conformance.condition.PostEnvironment) PreEnvironment(net.openid.conformance.condition.PreEnvironment)

Example 24 with PostEnvironment

use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.

the class RemoveSubFromIdToken method evaluate.

@Override
@PreEnvironment(required = "id_token_claims")
@PostEnvironment(required = "id_token_claims")
public Environment evaluate(Environment env) {
    JsonObject claims = env.getObject("id_token_claims");
    claims.remove("sub");
    env.putObject("id_token_claims", claims);
    log("Removed sub value from ID token claims", args("id_token_claims", claims));
    return env;
}
Also used : JsonObject(com.google.gson.JsonObject) PostEnvironment(net.openid.conformance.condition.PostEnvironment) PreEnvironment(net.openid.conformance.condition.PreEnvironment)

Example 25 with PostEnvironment

use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.

the class SendAuthorizationResponseWithResponseModeQuery method evaluate.

@Override
@PreEnvironment(required = CreateAuthorizationEndpointResponseParams.ENV_KEY)
@PostEnvironment(strings = "authorization_endpoint_response_redirect")
public Environment evaluate(Environment env) {
    JsonObject params = env.getObject(CreateAuthorizationEndpointResponseParams.ENV_KEY);
    String redirectUri = OIDFJSON.getString(params.remove("redirect_uri"));
    UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(redirectUri);
    for (String paramName : params.keySet()) {
        builder.queryParam(paramName, OIDFJSON.getString(params.get(paramName)));
    }
    String redirectTo = builder.toUriString();
    log("Redirecting back to client", args("uri", redirectTo));
    env.putString("authorization_endpoint_response_redirect", redirectTo);
    return env;
}
Also used : UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder) JsonObject(com.google.gson.JsonObject) PostEnvironment(net.openid.conformance.condition.PostEnvironment) PreEnvironment(net.openid.conformance.condition.PreEnvironment)

Aggregations

PostEnvironment (net.openid.conformance.condition.PostEnvironment)399 PreEnvironment (net.openid.conformance.condition.PreEnvironment)379 JsonObject (com.google.gson.JsonObject)372 JsonElement (com.google.gson.JsonElement)61 JsonArray (com.google.gson.JsonArray)49 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)22 Instant (java.time.Instant)21 ParseException (java.text.ParseException)17 CertificateException (java.security.cert.CertificateException)16 IOException (java.io.IOException)15 KeyManagementException (java.security.KeyManagementException)15 KeyStoreException (java.security.KeyStoreException)15 UnrecoverableKeyException (java.security.UnrecoverableKeyException)15 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)15 RestClientException (org.springframework.web.client.RestClientException)15 RestTemplate (org.springframework.web.client.RestTemplate)15 JOSEException (com.nimbusds.jose.JOSEException)9 JWK (com.nimbusds.jose.jwk.JWK)9 RestClientResponseException (org.springframework.web.client.RestClientResponseException)9 JWKSet (com.nimbusds.jose.jwk.JWKSet)7