Search in sources :

Example 1 with OidcIntrospectionAccessTokenResponse

use of org.apereo.cas.oidc.introspection.OidcIntrospectionAccessTokenResponse in project cas by apereo.

the class OidcIntrospectionEndpointController method createIntrospectionResponse.

private ResponseEntity<OidcIntrospectionAccessTokenResponse> createIntrospectionResponse(final OAuthRegisteredService service, final AccessToken ticket) {
    final OidcIntrospectionAccessTokenResponse introspect = new OidcIntrospectionAccessTokenResponse();
    introspect.setActive(true);
    introspect.setClientId(service.getClientId());
    final Authentication authentication = ticket.getAuthentication();
    final String subject = authentication.getPrincipal().getId();
    introspect.setSub(subject);
    introspect.setUniqueSecurityName(subject);
    introspect.setExp(ticket.getExpirationPolicy().getTimeToLive());
    introspect.setIat(ticket.getCreationTime().toInstant().toEpochMilli());
    final Object methods = authentication.getAttributes().get(AuthenticationManager.AUTHENTICATION_METHOD_ATTRIBUTE);
    final String realmNames = CollectionUtils.toCollection(methods).stream().map(Object::toString).collect(Collectors.joining(","));
    introspect.setRealmName(realmNames);
    introspect.setTokenType(OAuth20Constants.TOKEN_TYPE_BEARER);
    final String grant = authentication.getAttributes().getOrDefault(OAuth20Constants.GRANT_TYPE, StringUtils.EMPTY).toString().toLowerCase();
    introspect.setGrantType(grant);
    introspect.setScope(OidcConstants.StandardScopes.OPENID.getScope());
    introspect.setAud(service.getServiceId());
    introspect.setIss(casProperties.getAuthn().getOidc().getIssuer());
    return new ResponseEntity<>(introspect, HttpStatus.OK);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) Authentication(org.apereo.cas.authentication.Authentication) OidcIntrospectionAccessTokenResponse(org.apereo.cas.oidc.introspection.OidcIntrospectionAccessTokenResponse)

Aggregations

Authentication (org.apereo.cas.authentication.Authentication)1 OidcIntrospectionAccessTokenResponse (org.apereo.cas.oidc.introspection.OidcIntrospectionAccessTokenResponse)1 ResponseEntity (org.springframework.http.ResponseEntity)1