Example 1 with OAuthJoseJwtProducer
use of org.apache.cxf.rs.security.oauth2.provider.OAuthJoseJwtProducer in project cxf by apache.
the class OidcImplicitService method processIdToken.
protected String processIdToken(OAuthRedirectionState state, IdToken idToken) {
OAuthJoseJwtProducer processor = idTokenHandler == null ? new OAuthJoseJwtProducer() : idTokenHandler;
String code = (String) JAXRSUtils.getCurrentMessage().getExchange().get(OAuthConstants.AUTHORIZATION_CODE_VALUE);
if (code != null) {
// this service is invoked as part of the hybrid flow
Properties props = JwsUtils.loadSignatureOutProperties(false);
SignatureAlgorithm sigAlgo = null;
if (processor.isSignWithClientSecret()) {
sigAlgo = OAuthUtils.getClientSecretSignatureAlgorithm(props);
} else {
sigAlgo = JwsUtils.getSignatureAlgorithm(props, SignatureAlgorithm.RS256);
}
idToken.setAuthorizationCodeHash(OidcUtils.calculateAuthorizationCodeHash(code, sigAlgo));
}
idToken.setNonce(state.getNonce());
return processor.processJwt(new JwtToken(idToken));
}
Also used :
JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken)
OAuthJoseJwtProducer(org.apache.cxf.rs.security.oauth2.provider.OAuthJoseJwtProducer)
SignatureAlgorithm(org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm)
Properties(java.util.Properties)
Aggregations
Properties (java.util.Properties)1
SignatureAlgorithm (org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm)1
JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)1
OAuthJoseJwtProducer (org.apache.cxf.rs.security.oauth2.provider.OAuthJoseJwtProducer)1
