use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.
the class OIDCCSignIdToken method evaluate.
@Override
@PreEnvironment(required = { "id_token_claims", "server_jwks", "client" }, strings = { "signing_algorithm" })
@PostEnvironment(strings = "id_token", required = { "all_issued_id_tokens" })
public Environment evaluate(Environment env) {
JsonObject claims = env.getObject("id_token_claims");
JsonObject jwks = env.getObject("server_jwks");
String signingAlg = env.getString("client", "id_token_signed_response_alg");
if (signingAlg == null || signingAlg.isEmpty()) {
// use the default
signingAlg = env.getString("signing_algorithm");
}
JsonObject client = env.getObject("client");
if ("none".equals(signingAlg)) {
String signed = signWithAlgNone(claims.toString());
logSuccessByJWTType(env, null, null, null, signed, null);
} else {
JWK selectedKey = selectOrCreateKey(jwks, signingAlg, client);
signJWTUsingKey(env, claims, selectedKey, signingAlg);
}
// keep track of all issued id_tokens to be used for logout
String idToken = env.getString("id_token");
if (!env.containsObject("all_issued_id_tokens")) {
JsonObject allIdTokens = new JsonObject();
env.putObject("all_issued_id_tokens", allIdTokens);
}
JsonObject allIdTokens = env.getObject("all_issued_id_tokens");
// because you can't add JsonArrays to env
allIdTokens.addProperty(idToken, "1");
return env;
}
use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.
the class RemoveAtHashFromIdToken method evaluate.
@Override
@PreEnvironment(required = "id_token_claims")
@PostEnvironment(required = "id_token_claims")
public Environment evaluate(Environment env) {
JsonObject claims = env.getObject("id_token_claims");
claims.addProperty("at_hash", ((String) null));
env.putObject("id_token_claims", claims);
logSuccess("Removed at_hash value from ID token claims", args("id_token_claims", claims));
return env;
}
use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.
the class RemoveSHashFromIdToken method evaluate.
@Override
@PreEnvironment(required = "id_token_claims")
@PostEnvironment(required = "id_token_claims")
public Environment evaluate(Environment env) {
JsonObject claims = env.getObject("id_token_claims");
claims.remove("s_hash");
env.putObject("id_token_claims", claims);
logSuccess("Removed s_hash value from ID token claims", args("id_token_claims", claims));
return env;
}
use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.
the class RemoveSubFromIdToken method evaluate.
@Override
@PreEnvironment(required = "id_token_claims")
@PostEnvironment(required = "id_token_claims")
public Environment evaluate(Environment env) {
JsonObject claims = env.getObject("id_token_claims");
claims.remove("sub");
env.putObject("id_token_claims", claims);
log("Removed sub value from ID token claims", args("id_token_claims", claims));
return env;
}
use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.
the class SendAuthorizationResponseWithResponseModeQuery method evaluate.
@Override
@PreEnvironment(required = CreateAuthorizationEndpointResponseParams.ENV_KEY)
@PostEnvironment(strings = "authorization_endpoint_response_redirect")
public Environment evaluate(Environment env) {
JsonObject params = env.getObject(CreateAuthorizationEndpointResponseParams.ENV_KEY);
String redirectUri = OIDFJSON.getString(params.remove("redirect_uri"));
UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(redirectUri);
for (String paramName : params.keySet()) {
builder.queryParam(paramName, OIDFJSON.getString(params.get(paramName)));
}
String redirectTo = builder.toUriString();
log("Redirecting back to client", args("uri", redirectTo));
env.putString("authorization_endpoint_response_redirect", redirectTo);
return env;
}
Aggregations