Search in sources :

Example 91 with JSONArray

use of org.codehaus.jettison.json.JSONArray in project oxAuth by GluuFederation.

the class JwtUtil method getJsonKey.

public static JSONObject getJsonKey(String jwksUri, String jwks, String keyId) {
    log.debug("Retrieving JWK Key...");
    JSONObject jsonKey = null;
    try {
        if (StringHelper.isEmpty(jwks)) {
            ClientRequest clientRequest = new ClientRequest(jwksUri);
            clientRequest.setHttpMethod(HttpMethod.GET);
            ClientResponse<String> clientResponse = clientRequest.get(String.class);
            int status = clientResponse.getStatus();
            log.debug(String.format("Status: %n%d", status));
            if (status == 200) {
                jwks = clientResponse.getEntity(String.class);
                log.debug(String.format("JWK: %s", jwks));
            }
        }
        if (StringHelper.isNotEmpty(jwks)) {
            JSONObject jsonObject = new JSONObject(jwks);
            JSONArray keys = jsonObject.getJSONArray(JSON_WEB_KEY_SET);
            if (keys.length() > 0) {
                if (StringHelper.isEmpty(keyId)) {
                    jsonKey = keys.getJSONObject(0);
                } else {
                    for (int i = 0; i < keys.length(); i++) {
                        JSONObject kv = keys.getJSONObject(i);
                        if (kv.getString(KEY_ID).equals(keyId)) {
                            jsonKey = kv;
                            break;
                        }
                    }
                }
            }
        }
    } catch (Exception ex) {
        log.error(ex.getMessage(), ex);
    }
    return jsonKey;
}
Also used : JSONObject(org.codehaus.jettison.json.JSONObject) JSONArray(org.codehaus.jettison.json.JSONArray) ClientRequest(org.jboss.resteasy.client.ClientRequest) UnsupportedEncodingException(java.io.UnsupportedEncodingException)

Example 92 with JSONArray

use of org.codehaus.jettison.json.JSONArray in project oxAuth by GluuFederation.

the class UserInfoRestWebServiceImpl method getJSonResponse.

/**
     * Builds a JSon String with the response parameters.
     */
public String getJSonResponse(User user, AuthorizationGrant authorizationGrant, Collection<String> scopes) throws Exception {
    JsonWebResponse jsonWebResponse = new JsonWebResponse();
    // Claims
    List<Scope> dynamicScopes = new ArrayList<Scope>();
    for (String scopeName : scopes) {
        org.xdi.oxauth.model.common.Scope scope = scopeService.getScopeByDisplayName(scopeName);
        if ((scope != null) && (org.xdi.oxauth.model.common.ScopeType.DYNAMIC == scope.getScopeType())) {
            dynamicScopes.add(scope);
            continue;
        }
        Map<String, Object> claims = getClaims(user, scope);
        if (scope.getIsOxAuthGroupClaims()) {
            JwtSubClaimObject groupClaim = new JwtSubClaimObject();
            groupClaim.setName(scope.getDisplayName());
            for (Map.Entry<String, Object> entry : claims.entrySet()) {
                String key = entry.getKey();
                Object value = entry.getValue();
                if (value instanceof List) {
                    groupClaim.setClaim(key, (List<String>) value);
                } else {
                    groupClaim.setClaim(key, (String) value);
                }
            }
            jsonWebResponse.getClaims().setClaim(scope.getDisplayName(), groupClaim);
        } else {
            for (Map.Entry<String, Object> entry : claims.entrySet()) {
                String key = entry.getKey();
                Object value = entry.getValue();
                if (value instanceof List) {
                    jsonWebResponse.getClaims().setClaim(key, (List<String>) value);
                } else {
                    jsonWebResponse.getClaims().setClaim(key, (String) value);
                }
            }
        }
        jsonWebResponse.getClaims().setSubjectIdentifier(authorizationGrant.getUser().getAttribute("inum"));
    }
    if (authorizationGrant.getJwtAuthorizationRequest() != null && authorizationGrant.getJwtAuthorizationRequest().getUserInfoMember() != null) {
        for (Claim claim : authorizationGrant.getJwtAuthorizationRequest().getUserInfoMember().getClaims()) {
            // ClaimValueType.OPTIONAL.equals(claim.getClaimValue().getClaimValueType());
            boolean optional = true;
            GluuAttribute gluuAttribute = attributeService.getByClaimName(claim.getName());
            if (gluuAttribute != null) {
                String ldapClaimName = gluuAttribute.getName();
                Object attribute = user.getAttribute(ldapClaimName, optional);
                if (attribute != null) {
                    if (attribute instanceof JSONArray) {
                        JSONArray jsonArray = (JSONArray) attribute;
                        List<String> values = new ArrayList<String>();
                        for (int i = 0; i < jsonArray.length(); i++) {
                            String value = jsonArray.optString(i);
                            if (value != null) {
                                values.add(value);
                            }
                        }
                        jsonWebResponse.getClaims().setClaim(claim.getName(), values);
                    } else {
                        String value = (String) attribute;
                        jsonWebResponse.getClaims().setClaim(claim.getName(), value);
                    }
                }
            }
        }
    }
    // Check for Subject Identifier Type
    if (authorizationGrant.getClient().getSubjectType() != null && SubjectType.fromString(authorizationGrant.getClient().getSubjectType()).equals(SubjectType.PAIRWISE)) {
        String sectorIdentifierUri = null;
        if (StringUtils.isNotBlank(authorizationGrant.getClient().getSectorIdentifierUri())) {
            sectorIdentifierUri = authorizationGrant.getClient().getSectorIdentifierUri();
        } else {
            sectorIdentifierUri = authorizationGrant.getClient().getRedirectUris()[0];
        }
        String userInum = authorizationGrant.getUser().getAttribute("inum");
        PairwiseIdentifier pairwiseIdentifier = pairwiseIdentifierService.findPairWiseIdentifier(userInum, sectorIdentifierUri);
        if (pairwiseIdentifier == null) {
            pairwiseIdentifier = new PairwiseIdentifier(sectorIdentifierUri);
            pairwiseIdentifier.setId(UUID.randomUUID().toString());
            pairwiseIdentifier.setDn(pairwiseIdentifierService.getDnForPairwiseIdentifier(pairwiseIdentifier.getId(), userInum));
            pairwiseIdentifierService.addPairwiseIdentifier(userInum, pairwiseIdentifier);
        }
        jsonWebResponse.getClaims().setSubjectIdentifier(pairwiseIdentifier.getId());
    } else {
        String openidSubAttribute = appConfiguration.getOpenidSubAttribute();
        jsonWebResponse.getClaims().setSubjectIdentifier(authorizationGrant.getUser().getAttribute(openidSubAttribute));
    }
    if ((dynamicScopes.size() > 0) && externalDynamicScopeService.isEnabled()) {
        final UnmodifiableAuthorizationGrant unmodifiableAuthorizationGrant = new UnmodifiableAuthorizationGrant(authorizationGrant);
        DynamicScopeExternalContext dynamicScopeContext = new DynamicScopeExternalContext(dynamicScopes, jsonWebResponse, unmodifiableAuthorizationGrant);
        externalDynamicScopeService.executeExternalUpdateMethods(dynamicScopeContext);
    }
    return jsonWebResponse.toString();
}
Also used : JsonWebResponse(org.xdi.oxauth.model.token.JsonWebResponse) JSONArray(org.codehaus.jettison.json.JSONArray) DynamicScopeExternalContext(org.xdi.oxauth.service.external.context.DynamicScopeExternalContext) JwtSubClaimObject(org.xdi.oxauth.model.jwt.JwtSubClaimObject) GluuAttribute(org.xdi.model.GluuAttribute) PairwiseIdentifier(org.xdi.oxauth.model.ldap.PairwiseIdentifier) org.xdi.oxauth.model.common(org.xdi.oxauth.model.common) JwtSubClaimObject(org.xdi.oxauth.model.jwt.JwtSubClaimObject) JSONObject(org.codehaus.jettison.json.JSONObject) Claim(org.xdi.oxauth.model.authorize.Claim)

Example 93 with JSONArray

use of org.codehaus.jettison.json.JSONArray in project oxAuth by GluuFederation.

the class UserInfoRestWebServiceImpl method getClaims.

public Map<String, Object> getClaims(User user, Scope scope) throws InvalidClaimException {
    Map<String, Object> claims = new HashMap<String, Object>();
    if (scope != null && scope.getOxAuthClaims() != null) {
        for (String claimDn : scope.getOxAuthClaims()) {
            GluuAttribute gluuAttribute = attributeService.getAttributeByDn(claimDn);
            String claimName = gluuAttribute.getOxAuthClaimName();
            String ldapName = gluuAttribute.getName();
            Object attribute = null;
            if (StringUtils.isNotBlank(claimName) && StringUtils.isNotBlank(ldapName)) {
                if (ldapName.equals("uid")) {
                    attribute = user.getUserId();
                } else {
                    attribute = user.getAttribute(gluuAttribute.getName(), true);
                }
                if (attribute != null) {
                    if (attribute instanceof JSONArray) {
                        JSONArray jsonArray = (JSONArray) attribute;
                        List<String> values = new ArrayList<String>();
                        for (int i = 0; i < jsonArray.length(); i++) {
                            String value = jsonArray.optString(i);
                            if (value != null) {
                                values.add(value);
                            }
                        }
                        claims.put(claimName, values);
                    } else {
                        claims.put(claimName, attribute);
                    }
                }
            }
        }
    }
    return claims;
}
Also used : JSONArray(org.codehaus.jettison.json.JSONArray) JwtSubClaimObject(org.xdi.oxauth.model.jwt.JwtSubClaimObject) JSONObject(org.codehaus.jettison.json.JSONObject) GluuAttribute(org.xdi.model.GluuAttribute)

Example 94 with JSONArray

use of org.codehaus.jettison.json.JSONArray in project oxAuth by GluuFederation.

the class UserInfoRestWebServiceImpl method getJwtResponse.

public String getJwtResponse(SignatureAlgorithm signatureAlgorithm, User user, AuthorizationGrant authorizationGrant, Collection<String> scopes) throws Exception {
    Jwt jwt = new Jwt();
    AbstractCryptoProvider cryptoProvider = CryptoProviderFactory.getCryptoProvider(appConfiguration);
    // Header
    jwt.getHeader().setType(JwtType.JWT);
    jwt.getHeader().setAlgorithm(signatureAlgorithm);
    String keyId = cryptoProvider.getKeyId(webKeysConfiguration, signatureAlgorithm);
    if (keyId != null) {
        jwt.getHeader().setKeyId(keyId);
    }
    // Claims
    List<Scope> dynamicScopes = new ArrayList<Scope>();
    for (String scopeName : scopes) {
        Scope scope = scopeService.getScopeByDisplayName(scopeName);
        if (org.xdi.oxauth.model.common.ScopeType.DYNAMIC == scope.getScopeType()) {
            dynamicScopes.add(scope);
            continue;
        }
        if (scope.getOxAuthClaims() != null) {
            for (String claimDn : scope.getOxAuthClaims()) {
                GluuAttribute gluuAttribute = attributeService.getAttributeByDn(claimDn);
                String claimName = gluuAttribute.getOxAuthClaimName();
                String ldapName = gluuAttribute.getName();
                String attributeValue = null;
                if (StringUtils.isNotBlank(claimName) && StringUtils.isNotBlank(ldapName)) {
                    if (ldapName.equals("uid")) {
                        attributeValue = user.getUserId();
                    } else {
                        attributeValue = user.getAttribute(gluuAttribute.getName());
                    }
                    jwt.getClaims().setClaim(claimName, attributeValue);
                }
            }
        }
    }
    if (authorizationGrant.getJwtAuthorizationRequest() != null && authorizationGrant.getJwtAuthorizationRequest().getUserInfoMember() != null) {
        for (Claim claim : authorizationGrant.getJwtAuthorizationRequest().getUserInfoMember().getClaims()) {
            // ClaimValueType.OPTIONAL.equals(claim.getClaimValue().getClaimValueType());
            boolean optional = true;
            GluuAttribute gluuAttribute = attributeService.getByClaimName(claim.getName());
            if (gluuAttribute != null) {
                String ldapClaimName = gluuAttribute.getName();
                Object attribute = user.getAttribute(ldapClaimName, optional);
                if (attribute != null) {
                    if (attribute instanceof JSONArray) {
                        JSONArray jsonArray = (JSONArray) attribute;
                        List<String> values = new ArrayList<String>();
                        for (int i = 0; i < jsonArray.length(); i++) {
                            String value = jsonArray.optString(i);
                            if (value != null) {
                                values.add(value);
                            }
                        }
                        jwt.getClaims().setClaim(claim.getName(), values);
                    } else {
                        String value = (String) attribute;
                        jwt.getClaims().setClaim(claim.getName(), value);
                    }
                }
            }
        }
    }
    // Check for Subject Identifier Type
    if (authorizationGrant.getClient().getSubjectType() != null && SubjectType.fromString(authorizationGrant.getClient().getSubjectType()).equals(SubjectType.PAIRWISE)) {
        String sectorIdentifierUri = null;
        if (StringUtils.isNotBlank(authorizationGrant.getClient().getSectorIdentifierUri())) {
            sectorIdentifierUri = authorizationGrant.getClient().getSectorIdentifierUri();
        } else {
            sectorIdentifierUri = authorizationGrant.getClient().getRedirectUris()[0];
        }
        String userInum = authorizationGrant.getUser().getAttribute("inum");
        PairwiseIdentifier pairwiseIdentifier = pairwiseIdentifierService.findPairWiseIdentifier(userInum, sectorIdentifierUri);
        if (pairwiseIdentifier == null) {
            pairwiseIdentifier = new PairwiseIdentifier(sectorIdentifierUri);
            pairwiseIdentifier.setId(UUID.randomUUID().toString());
            pairwiseIdentifier.setDn(pairwiseIdentifierService.getDnForPairwiseIdentifier(pairwiseIdentifier.getId(), userInum));
            pairwiseIdentifierService.addPairwiseIdentifier(userInum, pairwiseIdentifier);
        }
        jwt.getClaims().setSubjectIdentifier(pairwiseIdentifier.getId());
    } else {
        String openidSubAttribute = appConfiguration.getOpenidSubAttribute();
        jwt.getClaims().setSubjectIdentifier(authorizationGrant.getUser().getAttribute(openidSubAttribute));
    }
    // If signed, the UserInfo Response SHOULD contain the Claims iss (issuer) and aud (audience) as members. The iss value should be the OP's Issuer Identifier URL. The aud value should be or include the RP's Client ID value.
    jwt.getClaims().setIssuer(appConfiguration.getIssuer());
    jwt.getClaims().setAudience(authorizationGrant.getClientId());
    if ((dynamicScopes.size() > 0) && externalDynamicScopeService.isEnabled()) {
        final UnmodifiableAuthorizationGrant unmodifiableAuthorizationGrant = new UnmodifiableAuthorizationGrant(authorizationGrant);
        DynamicScopeExternalContext dynamicScopeContext = new DynamicScopeExternalContext(dynamicScopes, jwt, unmodifiableAuthorizationGrant);
        externalDynamicScopeService.executeExternalUpdateMethods(dynamicScopeContext);
    }
    // Signature
    String sharedSecret = clientService.decryptSecret(authorizationGrant.getClient().getClientSecret());
    String signature = cryptoProvider.sign(jwt.getSigningInput(), jwt.getHeader().getKeyId(), sharedSecret, signatureAlgorithm);
    jwt.setEncodedSignature(signature);
    return jwt.toString();
}
Also used : Jwt(org.xdi.oxauth.model.jwt.Jwt) JSONArray(org.codehaus.jettison.json.JSONArray) DynamicScopeExternalContext(org.xdi.oxauth.service.external.context.DynamicScopeExternalContext) GluuAttribute(org.xdi.model.GluuAttribute) PairwiseIdentifier(org.xdi.oxauth.model.ldap.PairwiseIdentifier) AbstractCryptoProvider(org.xdi.oxauth.model.crypto.AbstractCryptoProvider) JwtSubClaimObject(org.xdi.oxauth.model.jwt.JwtSubClaimObject) JSONObject(org.codehaus.jettison.json.JSONObject) Claim(org.xdi.oxauth.model.authorize.Claim)

Example 95 with JSONArray

use of org.codehaus.jettison.json.JSONArray in project oxAuth by GluuFederation.

the class OpenIdConfiguration method processRequest.

/**
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
     * methods.
     *
     * @param servletRequest  servlet request
     * @param servletResponse servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException      if an I/O error occurs
     */
protected void processRequest(HttpServletRequest servletRequest, HttpServletResponse servletResponse) throws ServletException, IOException {
    final HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
    final HttpServletResponse httpResponse = (HttpServletResponse) servletResponse;
    httpResponse.setContentType("application/json");
    PrintWriter out = httpResponse.getWriter();
    try {
        JSONObject jsonObj = new JSONObject();
        jsonObj.put(ISSUER, appConfiguration.getIssuer());
        jsonObj.put(AUTHORIZATION_ENDPOINT, appConfiguration.getAuthorizationEndpoint());
        jsonObj.put(TOKEN_ENDPOINT, appConfiguration.getTokenEndpoint());
        jsonObj.put(USER_INFO_ENDPOINT, appConfiguration.getUserInfoEndpoint());
        jsonObj.put(CLIENT_INFO_ENDPOINT, appConfiguration.getClientInfoEndpoint());
        jsonObj.put(CHECK_SESSION_IFRAME, appConfiguration.getCheckSessionIFrame());
        jsonObj.put(END_SESSION_ENDPOINT, appConfiguration.getEndSessionEndpoint());
        jsonObj.put(JWKS_URI, appConfiguration.getJwksUri());
        jsonObj.put(REGISTRATION_ENDPOINT, appConfiguration.getRegistrationEndpoint());
        jsonObj.put(ID_GENERATION_ENDPOINT, appConfiguration.getIdGenerationEndpoint());
        jsonObj.put(INTROSPECTION_ENDPOINT, appConfiguration.getIntrospectionEndpoint());
        JSONArray scopesSupported = new JSONArray();
        for (Scope scope : scopeService.getAllScopesList()) {
            boolean isUmaAuthorization = UmaScopeType.AUTHORIZATION.getValue().equals(scope.getDisplayName());
            boolean isUmaProtection = UmaScopeType.PROTECTION.getValue().equals(scope.getDisplayName());
            if (!isUmaAuthorization && !isUmaProtection)
                scopesSupported.put(scope.getDisplayName());
        }
        if (scopesSupported.length() > 0) {
            jsonObj.put(SCOPES_SUPPORTED, scopesSupported);
        }
        JSONArray responseTypesSupported = new JSONArray();
        for (String responseType : appConfiguration.getResponseTypesSupported()) {
            responseTypesSupported.put(responseType);
        }
        if (responseTypesSupported.length() > 0) {
            jsonObj.put(RESPONSE_TYPES_SUPPORTED, responseTypesSupported);
        }
        JSONArray grantTypesSupported = new JSONArray();
        for (String grantType : appConfiguration.getGrantTypesSupported()) {
            grantTypesSupported.put(grantType);
        }
        if (grantTypesSupported.length() > 0) {
            jsonObj.put(GRANT_TYPES_SUPPORTED, grantTypesSupported);
        }
        JSONArray acrValuesSupported = new JSONArray();
        for (String acr : externalAuthenticationService.getAcrValuesList()) {
            acrValuesSupported.put(acr);
        }
        jsonObj.put(ACR_VALUES_SUPPORTED, acrValuesSupported);
        jsonObj.put(AUTH_LEVEL_MAPPING, createAuthLevelMapping());
        JSONArray subjectTypesSupported = new JSONArray();
        for (String subjectType : appConfiguration.getSubjectTypesSupported()) {
            subjectTypesSupported.put(subjectType);
        }
        if (subjectTypesSupported.length() > 0) {
            jsonObj.put(SUBJECT_TYPES_SUPPORTED, subjectTypesSupported);
        }
        JSONArray userInfoSigningAlgValuesSupported = new JSONArray();
        for (String userInfoSigningAlg : appConfiguration.getUserInfoSigningAlgValuesSupported()) {
            userInfoSigningAlgValuesSupported.put(userInfoSigningAlg);
        }
        if (userInfoSigningAlgValuesSupported.length() > 0) {
            jsonObj.put(USER_INFO_SIGNING_ALG_VALUES_SUPPORTED, userInfoSigningAlgValuesSupported);
        }
        JSONArray userInfoEncryptionAlgValuesSupported = new JSONArray();
        for (String userInfoEncryptionAlg : appConfiguration.getUserInfoEncryptionAlgValuesSupported()) {
            userInfoEncryptionAlgValuesSupported.put(userInfoEncryptionAlg);
        }
        if (userInfoEncryptionAlgValuesSupported.length() > 0) {
            jsonObj.put(USER_INFO_ENCRYPTION_ALG_VALUES_SUPPORTED, userInfoEncryptionAlgValuesSupported);
        }
        JSONArray userInfoEncryptionEncValuesSupported = new JSONArray();
        for (String userInfoEncryptionEnc : appConfiguration.getUserInfoEncryptionEncValuesSupported()) {
            userInfoEncryptionEncValuesSupported.put(userInfoEncryptionEnc);
        }
        if (userInfoEncryptionAlgValuesSupported.length() > 0) {
            jsonObj.put(USER_INFO_ENCRYPTION_ENC_VALUES_SUPPORTED, userInfoEncryptionAlgValuesSupported);
        }
        JSONArray idTokenSigningAlgValuesSupported = new JSONArray();
        for (String idTokenSigningAlg : appConfiguration.getIdTokenSigningAlgValuesSupported()) {
            idTokenSigningAlgValuesSupported.put(idTokenSigningAlg);
        }
        if (idTokenSigningAlgValuesSupported.length() > 0) {
            jsonObj.put(ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED, idTokenSigningAlgValuesSupported);
        }
        JSONArray idTokenEncryptionAlgValuesSupported = new JSONArray();
        for (String idTokenEncryptionAlg : appConfiguration.getIdTokenEncryptionAlgValuesSupported()) {
            idTokenEncryptionAlgValuesSupported.put(idTokenEncryptionAlg);
        }
        if (idTokenEncryptionAlgValuesSupported.length() > 0) {
            jsonObj.put(ID_TOKEN_ENCRYPTION_ALG_VALUES_SUPPORTED, idTokenEncryptionAlgValuesSupported);
        }
        JSONArray idTokenEncryptionEncValuesSupported = new JSONArray();
        for (String idTokenEncryptionEnc : appConfiguration.getIdTokenEncryptionEncValuesSupported()) {
            idTokenEncryptionEncValuesSupported.put(idTokenEncryptionEnc);
        }
        if (idTokenEncryptionEncValuesSupported.length() > 0) {
            jsonObj.put(ID_TOKEN_ENCRYPTION_ENC_VALUES_SUPPORTED, idTokenEncryptionEncValuesSupported);
        }
        JSONArray requestObjectSigningAlgValuesSupported = new JSONArray();
        for (String requestObjectSigningAlg : appConfiguration.getRequestObjectSigningAlgValuesSupported()) {
            requestObjectSigningAlgValuesSupported.put(requestObjectSigningAlg);
        }
        if (requestObjectSigningAlgValuesSupported.length() > 0) {
            jsonObj.put(REQUEST_OBJECT_SIGNING_ALG_VALUES_SUPPORTED, requestObjectSigningAlgValuesSupported);
        }
        JSONArray requestObjectEncryptionAlgValuesSupported = new JSONArray();
        for (String requestObjectEncryptionAlg : appConfiguration.getRequestObjectEncryptionAlgValuesSupported()) {
            requestObjectEncryptionAlgValuesSupported.put(requestObjectEncryptionAlg);
        }
        if (requestObjectEncryptionAlgValuesSupported.length() > 0) {
            jsonObj.put(REQUEST_OBJECT_ENCRYPTION_ALG_VALUES_SUPPORTED, requestObjectEncryptionAlgValuesSupported);
        }
        JSONArray requestObjectEncryptionEncValuesSupported = new JSONArray();
        for (String requestObjectEncryptionEnc : appConfiguration.getRequestObjectEncryptionEncValuesSupported()) {
            requestObjectEncryptionEncValuesSupported.put(requestObjectEncryptionEnc);
        }
        if (requestObjectEncryptionEncValuesSupported.length() > 0) {
            jsonObj.put(REQUEST_OBJECT_ENCRYPTION_ENC_VALUES_SUPPORTED, requestObjectEncryptionEncValuesSupported);
        }
        JSONArray tokenEndpointAuthMethodsSupported = new JSONArray();
        for (String tokenEndpointAuthMethod : appConfiguration.getTokenEndpointAuthMethodsSupported()) {
            tokenEndpointAuthMethodsSupported.put(tokenEndpointAuthMethod);
        }
        if (tokenEndpointAuthMethodsSupported.length() > 0) {
            jsonObj.put(TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED, tokenEndpointAuthMethodsSupported);
        }
        JSONArray tokenEndpointAuthSigningAlgValuesSupported = new JSONArray();
        for (String tokenEndpointAuthSigningAlg : appConfiguration.getTokenEndpointAuthSigningAlgValuesSupported()) {
            tokenEndpointAuthSigningAlgValuesSupported.put(tokenEndpointAuthSigningAlg);
        }
        if (tokenEndpointAuthSigningAlgValuesSupported.length() > 0) {
            jsonObj.put(TOKEN_ENDPOINT_AUTH_SIGNING_ALG_VALUES_SUPPORTED, tokenEndpointAuthSigningAlgValuesSupported);
        }
        JSONArray displayValuesSupported = new JSONArray();
        for (String display : appConfiguration.getDisplayValuesSupported()) {
            displayValuesSupported.put(display);
        }
        if (displayValuesSupported.length() > 0) {
            jsonObj.put(DISPLAY_VALUES_SUPPORTED, displayValuesSupported);
        }
        JSONArray claimTypesSupported = new JSONArray();
        for (String claimType : appConfiguration.getClaimTypesSupported()) {
            claimTypesSupported.put(claimType);
        }
        if (claimTypesSupported.length() > 0) {
            jsonObj.put(CLAIM_TYPES_SUPPORTED, claimTypesSupported);
        }
        JSONArray claimsSupported = new JSONArray();
        List<GluuAttribute> gluuAttributes = attributeService.getAllAttributes();
        // Preload all scopes to avoid sending request to LDAP per
        // claim
        List<org.xdi.oxauth.model.common.Scope> scopes = scopeService.getAllScopesList();
        for (GluuAttribute gluuAttribute : gluuAttributes) {
            if (GluuStatus.ACTIVE.equals(gluuAttribute.getStatus())) {
                String claimName = gluuAttribute.getOxAuthClaimName();
                if (StringUtils.isNotBlank(claimName)) {
                    List<org.xdi.oxauth.model.common.Scope> scopesByClaim = scopeService.getScopesByClaim(scopes, gluuAttribute.getDn());
                    for (org.xdi.oxauth.model.common.Scope scope : scopesByClaim) {
                        if (ScopeType.OPENID.equals(scope.getScopeType())) {
                            claimsSupported.put(claimName);
                            break;
                        }
                    }
                }
            }
        }
        if (claimsSupported.length() > 0) {
            jsonObj.put(CLAIMS_SUPPORTED, claimsSupported);
        }
        jsonObj.put(SERVICE_DOCUMENTATION, appConfiguration.getServiceDocumentation());
        JSONArray claimsLocalesSupported = new JSONArray();
        for (String claimLocale : appConfiguration.getClaimsLocalesSupported()) {
            claimsLocalesSupported.put(claimLocale);
        }
        if (claimsLocalesSupported.length() > 0) {
            jsonObj.put(CLAIMS_LOCALES_SUPPORTED, claimsLocalesSupported);
        }
        JSONArray uiLocalesSupported = new JSONArray();
        for (String uiLocale : appConfiguration.getUiLocalesSupported()) {
            uiLocalesSupported.put(uiLocale);
        }
        if (uiLocalesSupported.length() > 0) {
            jsonObj.put(UI_LOCALES_SUPPORTED, uiLocalesSupported);
        }
        jsonObj.put(SCOPE_TO_CLAIMS_MAPPING, createScopeToClaimsMapping());
        jsonObj.put(CLAIMS_PARAMETER_SUPPORTED, appConfiguration.getClaimsParameterSupported());
        jsonObj.put(REQUEST_PARAMETER_SUPPORTED, appConfiguration.getRequestParameterSupported());
        jsonObj.put(REQUEST_URI_PARAMETER_SUPPORTED, appConfiguration.getRequestUriParameterSupported());
        jsonObj.put(REQUIRE_REQUEST_URI_REGISTRATION, appConfiguration.getRequireRequestUriRegistration());
        jsonObj.put(OP_POLICY_URI, appConfiguration.getOpPolicyUri());
        jsonObj.put(OP_TOS_URI, appConfiguration.getOpTosUri());
        jsonObj.put(FRONTCHANNEL_LOGOUT_SUPPORTED, "true");
        jsonObj.put(FRONTCHANNEL_LOGOUT_SESSION_SUPPORTED, "true");
        jsonObj.put(FRONT_CHANNEL_LOGOUT_SESSION_SUPPORTED, appConfiguration.getFrontChannelLogoutSessionSupported());
        out.println(jsonObj.toString(4).replace("\\/", "/"));
    } catch (JSONException e) {
        log.error(e.getMessage(), e);
    } catch (Exception e) {
        log.error(e.getMessage(), e);
    } finally {
        out.close();
    }
}
Also used : Scope(org.xdi.oxauth.model.common.Scope) JSONArray(org.codehaus.jettison.json.JSONArray) HttpServletResponse(javax.servlet.http.HttpServletResponse) JSONException(org.codehaus.jettison.json.JSONException) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) JSONException(org.codehaus.jettison.json.JSONException) GluuAttribute(org.xdi.model.GluuAttribute) HttpServletRequest(javax.servlet.http.HttpServletRequest) JSONObject(org.codehaus.jettison.json.JSONObject) Scope(org.xdi.oxauth.model.common.Scope) PrintWriter(java.io.PrintWriter)

Aggregations

JSONArray (org.codehaus.jettison.json.JSONArray)338 JSONObject (org.codehaus.jettison.json.JSONObject)280 Test (org.junit.Test)123 WebResource (com.sun.jersey.api.client.WebResource)65 ClientResponse (com.sun.jersey.api.client.ClientResponse)64 JSONException (org.codehaus.jettison.json.JSONException)64 ArrayList (java.util.ArrayList)38 Test (org.testng.annotations.Test)30 Map (java.util.Map)23 HashMap (java.util.HashMap)22 Vertex (com.tinkerpop.blueprints.Vertex)20 Job (org.apache.hadoop.mapreduce.v2.app.job.Job)20 Produces (javax.ws.rs.Produces)17 MockNM (org.apache.hadoop.yarn.server.resourcemanager.MockNM)14 GET (javax.ws.rs.GET)13 RMApp (org.apache.hadoop.yarn.server.resourcemanager.rmapp.RMApp)13 IOException (java.io.IOException)12 JobId (org.apache.hadoop.mapreduce.v2.api.records.JobId)12 HashSet (java.util.HashSet)10 MultivaluedMapImpl (com.sun.jersey.core.util.MultivaluedMapImpl)9