Examples with UserInfo org.apache.cxf.rs.security.oidc.common.UserInfo used on opensource projects

Search in sources :

Example 6 with UserInfo

use of org.apache.cxf.rs.security.oidc.common.UserInfo in project cxf by apache.

the class UserInfoClient method getUserInfo.

public UserInfo getUserInfo(ClientAccessToken at, IdToken idToken, Consumer client) {
    if (!sendTokenAsFormParameter) {
        OAuthClientUtils.setAuthorizationHeader(profileClient, at);
        if (getUserInfoFromJwt) {
            String jwt = profileClient.get(String.class);
            return getUserInfoFromJwt(jwt, idToken, client);
        }
        UserInfo profile = profileClient.get(UserInfo.class);
        validateUserInfo(profile, idToken, client);
        return profile;
    }
    Form form = new Form().param("access_token", at.getTokenKey());
    if (getUserInfoFromJwt) {
        String jwt = profileClient.form(form).readEntity(String.class);
        return getUserInfoFromJwt(jwt, idToken, client);
    }
    UserInfo profile = profileClient.form(form).readEntity(UserInfo.class);
    validateUserInfo(profile, idToken, client);
    return profile;
}
Also used : Form(javax.ws.rs.core.Form) UserInfo(org.apache.cxf.rs.security.oidc.common.UserInfo)

Example 7 with UserInfo

use of org.apache.cxf.rs.security.oidc.common.UserInfo in project cxf by apache.

the class UserInfoClient method getUserInfoFromJwt.

public UserInfo getUserInfoFromJwt(JwtToken jwt, IdToken idToken, Consumer client) {
    UserInfo profile = new UserInfo(jwt.getClaims().asMap());
    validateUserInfo(profile, idToken, client);
    return profile;
}
Also used : UserInfo(org.apache.cxf.rs.security.oidc.common.UserInfo)

Example 8 with UserInfo

use of org.apache.cxf.rs.security.oidc.common.UserInfo in project cxf by apache.

the class OidcUserInfoProvider method createContext.

@Override
public UserInfoContext createContext(Message m) {
    final OidcClientTokenContext ctx = (OidcClientTokenContext) m.getContent(ClientTokenContext.class);
    final UserInfo userInfo = ctx != null ? ctx.getUserInfo() : m.getContent(UserInfo.class);
    if (userInfo != null) {
        final IdToken idToken = ctx != null ? ctx.getIdToken() : m.getContent(IdToken.class);
        return new UserInfoContext() {

            @Override
            public UserInfo getUserInfo() {
                return userInfo;
            }

            @Override
            public IdToken getIdToken() {
                return idToken;
            }
        };
    }
    return null;
}
Also used : IdToken(org.apache.cxf.rs.security.oidc.common.IdToken) UserInfo(org.apache.cxf.rs.security.oidc.common.UserInfo) ClientTokenContext(org.apache.cxf.rs.security.oauth2.client.ClientTokenContext)

Example 9 with UserInfo

use of org.apache.cxf.rs.security.oidc.common.UserInfo in project cxf by apache.

the class OIDCNegativeTest method testUserInfoRefreshToken.

@org.junit.Test
public void testUserInfoRefreshToken() throws Exception {
    URL busFile = UserInfoTest.class.getResource("client.xml");
    String address = "https://localhost:" + port + "/services/";
    WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), "alice", "security", busFile.toString());
    // Save the Cookie for the second request...
    WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
    // Get Authorization Code
    String code = OAuth2TestUtils.getAuthorizationCode(client, "openid");
    assertNotNull(code);
    // Now get the access token
    client = WebClient.create(address, OAuth2TestUtils.setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
    // Save the Cookie for the second request...
    WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
    ClientAccessToken accessToken = OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code);
    assertNotNull(accessToken.getTokenKey());
    String oldAccessToken = accessToken.getTokenKey();
    assertTrue(accessToken.getApprovedScope().contains("openid"));
    String idToken = accessToken.getParameters().get("id_token");
    assertNotNull(idToken);
    // Refresh the access token
    client.type("application/x-www-form-urlencoded").accept("application/json");
    Form form = new Form();
    form.param("grant_type", "refresh_token");
    form.param("refresh_token", accessToken.getRefreshToken());
    form.param("client_id", "consumer-id");
    form.param("scope", "openid");
    Response response = client.post(form);
    accessToken = response.readEntity(ClientAccessToken.class);
    assertNotNull(accessToken.getTokenKey());
    assertNotNull(accessToken.getRefreshToken());
    accessToken.getParameters().get("id_token");
    assertNotNull(idToken);
    String newAccessToken = accessToken.getTokenKey();
    // Now test the UserInfoService.
    // The old Access Token should fail
    String userInfoAddress = "https://localhost:" + port + "/ui/plain/userinfo";
    WebClient userInfoClient = WebClient.create(userInfoAddress, OAuth2TestUtils.setupProviders(), busFile.toString());
    userInfoClient.accept("application/json");
    userInfoClient.header("Authorization", "Bearer " + oldAccessToken);
    Response serviceResponse = userInfoClient.get();
    assertEquals(serviceResponse.getStatus(), 401);
    // The refreshed Access Token should work
    userInfoClient.replaceHeader("Authorization", "Bearer " + newAccessToken);
    serviceResponse = userInfoClient.get();
    assertEquals(serviceResponse.getStatus(), 200);
    UserInfo userInfo = serviceResponse.readEntity(UserInfo.class);
    assertNotNull(userInfo);
    assertEquals("alice", userInfo.getSubject());
    assertEquals("consumer-id", userInfo.getAudience());
}
Also used : Response(javax.ws.rs.core.Response) Form(javax.ws.rs.core.Form) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) UserInfo(org.apache.cxf.rs.security.oidc.common.UserInfo) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL)

Example 10 with UserInfo

use of org.apache.cxf.rs.security.oidc.common.UserInfo in project cxf by apache.

the class UserInfoTest method testPlainUserInfo.

@org.junit.Test
public void testPlainUserInfo() throws Exception {
    URL busFile = UserInfoTest.class.getResource("client.xml");
    String address = "https://localhost:" + port + "/services/oidc";
    WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), "alice", "security", busFile.toString());
    // Save the Cookie for the second request...
    WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
    // Get Authorization Code
    String code = OAuth2TestUtils.getAuthorizationCode(client, "openid");
    assertNotNull(code);
    // Now get the access token
    client = WebClient.create(address, OAuth2TestUtils.setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
    // Save the Cookie for the second request...
    WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
    ClientAccessToken accessToken = OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code);
    assertNotNull(accessToken.getTokenKey());
    assertTrue(accessToken.getApprovedScope().contains("openid"));
    String idToken = accessToken.getParameters().get("id_token");
    assertNotNull(idToken);
    validateIdToken(idToken, null);
    // Now invoke on the UserInfo service with the access token
    String userInfoAddress = "https://localhost:" + port + "/services/plain/userinfo";
    WebClient userInfoClient = WebClient.create(userInfoAddress, OAuth2TestUtils.setupProviders(), busFile.toString());
    userInfoClient.accept("application/json");
    userInfoClient.header("Authorization", "Bearer " + accessToken.getTokenKey());
    Response serviceResponse = userInfoClient.get();
    assertEquals(serviceResponse.getStatus(), 200);
    UserInfo userInfo = serviceResponse.readEntity(UserInfo.class);
    assertNotNull(userInfo);
    assertEquals("alice", userInfo.getSubject());
    assertEquals("consumer-id", userInfo.getAudience());
}
Also used : Response(javax.ws.rs.core.Response) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) UserInfo(org.apache.cxf.rs.security.oidc.common.UserInfo) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL)

Aggregations

UserInfo (org.apache.cxf.rs.security.oidc.common.UserInfo)10 URL (java.net.URL)3 Response (javax.ws.rs.core.Response)3 WebClient (org.apache.cxf.jaxrs.client.WebClient)3 ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)3 Form (javax.ws.rs.core.Form)2 GET (javax.ws.rs.GET)1 Produces (javax.ws.rs.Produces)1 JsonMapObjectProvider (org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider)1 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)1 ClientTokenContext (org.apache.cxf.rs.security.oauth2.client.ClientTokenContext)1 Client (org.apache.cxf.rs.security.oauth2.common.Client)1 OAuthContext (org.apache.cxf.rs.security.oauth2.common.OAuthContext)1 OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)1 IdToken (org.apache.cxf.rs.security.oidc.common.IdToken)1 OidcUtils (org.apache.cxf.rs.security.oidc.utils.OidcUtils)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial