Example 1 with UserInfo
use of org.apache.cxf.rs.security.oidc.common.UserInfo in project testcases by coheigea.
the class UserInfoProviderImpl method getUserInfo.
@Override
public UserInfo getUserInfo(String clientId, UserSubject authenticatedUser, List<String> scopes) {
UserInfo userInfo = new UserInfo();
userInfo.setSubject(authenticatedUser.getLogin());
userInfo.setAudience(clientId);
userInfo.setIssuer("xyz");
return userInfo;
}
Also used :
UserInfo(org.apache.cxf.rs.security.oidc.common.UserInfo)
Example 2 with UserInfo
use of org.apache.cxf.rs.security.oidc.common.UserInfo in project cxf by apache.
the class UserInfoService method createFromIdToken.
protected UserInfo createFromIdToken(IdToken idToken) {
UserInfo userInfo = new UserInfo();
userInfo.setSubject(idToken.getSubject());
if (super.isJwsRequired()) {
userInfo.setIssuer(idToken.getIssuer());
userInfo.setAudience(idToken.getAudience());
}
if (idToken.getPreferredUserName() != null) {
userInfo.setPreferredUserName(idToken.getPreferredUserName());
}
if (idToken.getName() != null) {
userInfo.setName(idToken.getName());
}
if (idToken.getGivenName() != null) {
userInfo.setGivenName(idToken.getGivenName());
}
if (idToken.getFamilyName() != null) {
userInfo.setFamilyName(idToken.getFamilyName());
}
if (idToken.getEmail() != null) {
userInfo.setEmail(idToken.getEmail());
}
if (idToken.getNickName() != null) {
userInfo.setNickName(idToken.getNickName());
}
if (additionalClaims != null && !additionalClaims.isEmpty()) {
for (String additionalClaim : additionalClaims) {
if (idToken.containsProperty(additionalClaim)) {
userInfo.setClaim(additionalClaim, idToken.getClaim(additionalClaim));
}
}
}
// etc
return userInfo;
}
Also used :
UserInfo(org.apache.cxf.rs.security.oidc.common.UserInfo)
Example 3 with UserInfo
use of org.apache.cxf.rs.security.oidc.common.UserInfo in project cxf by apache.
the class UserInfoService method getUserInfo.
@GET
@Produces({ "application/json", "application/jwt" })
public Response getUserInfo() {
OAuthContext oauth = OAuthContextUtils.getContext(mc);
// Check the access token has the "openid" scope
if (!oauth.getPermissions().stream().map(OAuthPermission::getPermission).anyMatch(OidcUtils.OPENID_SCOPE::equals)) {
return Response.status(Status.UNAUTHORIZED).build();
}
UserInfo userInfo = null;
if (userInfoProvider != null) {
userInfo = userInfoProvider.getUserInfo(oauth.getClientId(), oauth.getSubject(), OAuthUtils.convertPermissionsToScopeList(oauth.getPermissions()));
} else if (oauth.getSubject() instanceof OidcUserSubject) {
OidcUserSubject oidcUserSubject = (OidcUserSubject) oauth.getSubject();
userInfo = oidcUserSubject.getUserInfo();
if (userInfo == null) {
userInfo = createFromIdToken(oidcUserSubject.getIdToken());
}
}
if (userInfo == null) {
// Consider customizing the error code in case of UserInfo being not available
return Response.serverError().build();
}
final Object responseEntity;
// UserInfo may be returned in a clear form as JSON
if (super.isJwsRequired() || super.isJweRequired()) {
Client client = null;
if (oauthDataProvider != null) {
client = oauthDataProvider.getClient(oauth.getClientId());
}
responseEntity = super.processJwt(new JwtToken(userInfo), client);
} else {
responseEntity = convertUserInfoToResponseEntity(userInfo);
}
return Response.ok(responseEntity).build();
}
Also used :
JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken)
OAuthPermission(org.apache.cxf.rs.security.oauth2.common.OAuthPermission)
OidcUtils(org.apache.cxf.rs.security.oidc.utils.OidcUtils)
OAuthContext(org.apache.cxf.rs.security.oauth2.common.OAuthContext)
UserInfo(org.apache.cxf.rs.security.oidc.common.UserInfo)
Client(org.apache.cxf.rs.security.oauth2.common.Client)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Example 4 with UserInfo
use of org.apache.cxf.rs.security.oidc.common.UserInfo in project cxf by apache.
the class UserInfoProviderImpl method getUserInfo.
@Override
public UserInfo getUserInfo(String clientId, UserSubject authenticatedUser, List<String> scopes) {
UserInfo userInfo = new UserInfo();
userInfo.setSubject(authenticatedUser.getLogin());
userInfo.setAudience(clientId);
userInfo.setIssuer("xyz");
return userInfo;
}
Also used :
UserInfo(org.apache.cxf.rs.security.oidc.common.UserInfo)
Example 5 with UserInfo
use of org.apache.cxf.rs.security.oidc.common.UserInfo in project testcases by coheigea.
the class UserInfoTest method testPlainUserInfo.
@org.junit.Test
public void testPlainUserInfo() throws Exception {
URL busFile = UserInfoTest.class.getResource("cxf-client.xml");
String address = "https://localhost:" + PORT + "/services/";
WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
String code = getAuthorizationCode(client, "openid");
assertNotNull(code);
// Now get the access token
client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(client, code);
assertNotNull(accessToken.getTokenKey());
assertTrue(accessToken.getApprovedScope().contains("openid"));
// Now invoke on the UserInfo service with the access token
String userInfoAddress = "https://localhost:" + USERINFO_PORT + "/services/plain/userinfo";
WebClient userInfoClient = WebClient.create(userInfoAddress, Collections.singletonList(new JsonMapObjectProvider()), busFile.toString());
userInfoClient.accept("application/json");
userInfoClient.header("Authorization", "Bearer " + accessToken.getTokenKey());
Response serviceResponse = userInfoClient.get();
assertEquals(serviceResponse.getStatus(), 200);
UserInfo userInfo = serviceResponse.readEntity(UserInfo.class);
assertNotNull(userInfo);
assertEquals("alice", userInfo.getSubject());
assertEquals("consumer-id", userInfo.getAudience());
}
Also used :
Response(javax.ws.rs.core.Response)
ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)
UserInfo(org.apache.cxf.rs.security.oidc.common.UserInfo)
JsonMapObjectProvider(org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
URL(java.net.URL)
Aggregations
UserInfo (org.apache.cxf.rs.security.oidc.common.UserInfo)10
URL (java.net.URL)3
Response (javax.ws.rs.core.Response)3
WebClient (org.apache.cxf.jaxrs.client.WebClient)3
ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)3
Form (javax.ws.rs.core.Form)2
GET (javax.ws.rs.GET)1
Produces (javax.ws.rs.Produces)1
JsonMapObjectProvider (org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider)1
JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)1
ClientTokenContext (org.apache.cxf.rs.security.oauth2.client.ClientTokenContext)1
Client (org.apache.cxf.rs.security.oauth2.common.Client)1
OAuthContext (org.apache.cxf.rs.security.oauth2.common.OAuthContext)1
OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)1
IdToken (org.apache.cxf.rs.security.oidc.common.IdToken)1
OidcUtils (org.apache.cxf.rs.security.oidc.utils.OidcUtils)1
