Example 1 with OidcClientRegistrationResponse
use of org.apereo.cas.oidc.dynareg.OidcClientRegistrationResponse in project cas by apereo.
the class OidcDynamicClientRegistrationEndpointController method handleRequestInternal.
/**
* Handle request.
*
* @param jsonInput the json input
* @param request the request
* @param response the response
* @return the model and view
* @throws Exception the exception
*/
@PostMapping(value = '/' + OidcConstants.BASE_OIDC_URL + '/' + OidcConstants.REGISTRATION_URL, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<OidcClientRegistrationResponse> handleRequestInternal(@RequestBody final String jsonInput, final HttpServletRequest request, final HttpServletResponse response) throws Exception {
try {
final OidcClientRegistrationRequest registrationRequest = this.clientRegistrationRequestSerializer.from(jsonInput);
LOGGER.debug("Received client registration request [{}]", registrationRequest);
if (registrationRequest.getScopes().isEmpty()) {
throw new Exception("Registration request does not contain any scope values");
}
if (!registrationRequest.getScope().contains(OidcConstants.OPENID)) {
throw new Exception("Registration request scopes do not contain [{}]" + OidcConstants.OPENID);
}
final OidcRegisteredService registeredService = new OidcRegisteredService();
registeredService.setName(registrationRequest.getClientName());
if (StringUtils.isNotBlank(registrationRequest.getJwksUri())) {
registeredService.setJwks(registrationRequest.getJwksUri());
registeredService.setSignIdToken(true);
}
final String uri = registrationRequest.getRedirectUris().stream().findFirst().get();
registeredService.setServiceId(uri);
registeredService.setClientId(clientIdGenerator.getNewString());
registeredService.setClientSecret(clientSecretGenerator.getNewString());
registeredService.setEvaluationOrder(Integer.MIN_VALUE);
final Set<String> supportedScopes = new HashSet<>(casProperties.getAuthn().getOidc().getScopes());
supportedScopes.retainAll(registrationRequest.getScopes());
final OidcClientRegistrationResponse clientResponse = getClientRegistrationResponse(registrationRequest, registeredService);
registeredService.setScopes(supportedScopes);
final Set<String> processedScopes = new LinkedHashSet<>(supportedScopes);
registeredService.setScopes(processedScopes);
registeredService.setDescription("Dynamically registered service ".concat(registeredService.getName()).concat(" with grant types ").concat(clientResponse.getGrantTypes().stream().collect(Collectors.joining(","))).concat(" and with scopes ").concat(registeredService.getScopes().stream().collect(Collectors.joining(","))).concat(" and response types ").concat(clientResponse.getResponseTypes().stream().collect(Collectors.joining(","))));
registeredService.setDynamicallyRegistered(true);
scopeToAttributesFilter.reconcile(registeredService);
return new ResponseEntity<>(clientResponse, HttpStatus.CREATED);
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
final Map<String, String> map = new HashMap<>();
map.put("error", "invalid_client_metadata");
map.put("error_message", e.getMessage());
return new ResponseEntity(map, HttpStatus.BAD_REQUEST);
}
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
ResponseEntity(org.springframework.http.ResponseEntity)
OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService)
OidcClientRegistrationRequest(org.apereo.cas.oidc.dynareg.OidcClientRegistrationRequest)
HashMap(java.util.HashMap)
Map(java.util.Map)
OidcClientRegistrationResponse(org.apereo.cas.oidc.dynareg.OidcClientRegistrationResponse)
HashSet(java.util.HashSet)
LinkedHashSet(java.util.LinkedHashSet)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
Example 2 with OidcClientRegistrationResponse
use of org.apereo.cas.oidc.dynareg.OidcClientRegistrationResponse in project cas by apereo.
the class OidcDynamicClientRegistrationEndpointController method getClientRegistrationResponse.
/**
* Gets client registration response.
*
* @param registrationRequest the registration request
* @param registeredService the registered service
* @return the client registration response
*/
protected OidcClientRegistrationResponse getClientRegistrationResponse(final OidcClientRegistrationRequest registrationRequest, final OidcRegisteredService registeredService) {
final OidcClientRegistrationResponse clientResponse = new OidcClientRegistrationResponse();
clientResponse.setApplicationType("web");
clientResponse.setClientId(registeredService.getClientId());
clientResponse.setClientSecret(registeredService.getClientSecret());
clientResponse.setSubjectType("public");
clientResponse.setTokenEndpointAuthMethod(registrationRequest.getTokenEndpointAuthMethod());
clientResponse.setClientName(registeredService.getName());
clientResponse.setGrantTypes(Arrays.asList(OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase(), OAuth20GrantTypes.REFRESH_TOKEN.name().toLowerCase()));
clientResponse.setRedirectUris(Collections.singletonList(registeredService.getServiceId()));
clientResponse.setResponseTypes(Collections.singletonList(OAuth20ResponseTypes.CODE.name().toLowerCase()));
return clientResponse;
}
Also used :
OidcClientRegistrationResponse(org.apereo.cas.oidc.dynareg.OidcClientRegistrationResponse)
Aggregations
OidcClientRegistrationResponse (org.apereo.cas.oidc.dynareg.OidcClientRegistrationResponse)2
HashMap (java.util.HashMap)1
HashSet (java.util.HashSet)1
LinkedHashSet (java.util.LinkedHashSet)1
Map (java.util.Map)1
OidcClientRegistrationRequest (org.apereo.cas.oidc.dynareg.OidcClientRegistrationRequest)1
OidcRegisteredService (org.apereo.cas.services.OidcRegisteredService)1
ResponseEntity (org.springframework.http.ResponseEntity)1
PostMapping (org.springframework.web.bind.annotation.PostMapping)1
