use of org.apereo.cas.oidc.introspection.OidcIntrospectionAccessTokenResponse in project cas by apereo.
the class OidcIntrospectionEndpointController method createIntrospectionResponse.
private ResponseEntity<OidcIntrospectionAccessTokenResponse> createIntrospectionResponse(final OAuthRegisteredService service, final AccessToken ticket) {
final OidcIntrospectionAccessTokenResponse introspect = new OidcIntrospectionAccessTokenResponse();
introspect.setActive(true);
introspect.setClientId(service.getClientId());
final Authentication authentication = ticket.getAuthentication();
final String subject = authentication.getPrincipal().getId();
introspect.setSub(subject);
introspect.setUniqueSecurityName(subject);
introspect.setExp(ticket.getExpirationPolicy().getTimeToLive());
introspect.setIat(ticket.getCreationTime().toInstant().toEpochMilli());
final Object methods = authentication.getAttributes().get(AuthenticationManager.AUTHENTICATION_METHOD_ATTRIBUTE);
final String realmNames = CollectionUtils.toCollection(methods).stream().map(Object::toString).collect(Collectors.joining(","));
introspect.setRealmName(realmNames);
introspect.setTokenType(OAuth20Constants.TOKEN_TYPE_BEARER);
final String grant = authentication.getAttributes().getOrDefault(OAuth20Constants.GRANT_TYPE, StringUtils.EMPTY).toString().toLowerCase();
introspect.setGrantType(grant);
introspect.setScope(OidcConstants.StandardScopes.OPENID.getScope());
introspect.setAud(service.getServiceId());
introspect.setIss(casProperties.getAuthn().getOidc().getIssuer());
return new ResponseEntity<>(introspect, HttpStatus.OK);
}
Aggregations